getting mail to work
jeffrey at goldmark.org
Wed Mar 14 04:05:51 UTC 2007
On Mar 13, 2007, at 8:17 PM, jekillen wrote:
> On Mar 12, 2007, at 5:14 PM, RW wrote:
>> Just as long as you understand the distinction between forward and
>> reverse DNS. Based on the whois record for for your IP address, at
>> moment you appear to have the following reverse DNS for the address
>> range 22.214.171.124 - 126.96.36.199:
>> $ for i in `jot 8 224` ; do dig +short -x 75.7.236.$i ; done
> OK, It appears that it is the ISPs name servers who
> are responding. When I call up my sights I get to the
> machines they are on according to my present
> DNS setup.
But that is what the public sees. If (which I strongly doubt) your
own internal nameservers give a different result to
$ dig +short -x 188.8.131.52
then it still makes no difference to the rest of the world which,
when doing a *reverse* lookup on your IP address doesn't get anything
that looks like your domain name.
> try www.brushandbard.com
That's not the question. RW was (correctly) talking about *reverse*
DNS, aka DNS PTR records. That is we are looking at the translation
*from* number *to* name.
If you look up one of my statically IP addresses
$ dig +short -x 184.108.40.206
you get that instead of
It took me many unpleasant hours on the phone to Verizon to get the
reverse look up the way it is now. I spent those hours on the phone
specifically because I did want to run my own direct to MX mailserver.
My mailserver sends out mail as being from lists.shepard-families.org
(in the envelope and header froms) but identifies itself as
a regular look up of either of those returns
A reverse of that turns up
which when you do a regular lookup gets you
So my machine is claiming to be in goldmark.org, and doing a reverse
lookup on its IP address points you back to goldmark.org. So that
strongly suggests that when it identifies itself as goldmark.org, it
is doing so with the consent not only of the person who controls the
goldmark.org domain, but also with the consent of the person (in this
case Verizon) who controls the IP address of the machine.
If mail from my machine failed this IP --> name1 --> IP --> name2 -->
IP test (the test being that name1 and name2 are in the same domain
and that "IP" is the same IP throughout), then mail from my machine
would get a high spam score by most systems.
I really don't want to sound harsh with this, but if you aren't fully
clear on concepts like reverse and forward DNS and authoritative
servers for each, you really should be looking for a solution that
doesn't involve you running a direct to MX system. You can still run
your own mailserver which you can integrate with your webserver, but
have it relay all of the outgoing mail to your ISP's SMTP host which
is set up for the purpose.
Also if you post your queries to the postfix mailing list (I think I
recall that you were using postfix) you will probably find lots of
pointers to information explaining about configuration. "The Book of
Postfix" (ISBN 1-59327-001-1) has a good discussion of the need for
other hosts being able to reverse resolve the IP of your mail hub.
Jeffrey Goldberg http://www.goldmark.org/jeff/
More information about the freebsd-questions