x_terminat_or_3
asked on
reverse lookup
Hi
What is a reverse lookup and why does sendmail use it?
I know I can do dig -x IP to get a reverse lookup (I think) but what's the use?
With kind regards
Ramses (x_terminat_or_3)
What is a reverse lookup and why does sendmail use it?
I know I can do dig -x IP to get a reverse lookup (I think) but what's the use?
With kind regards
Ramses (x_terminat_or_3)
ASKER
I'm still trying to grasp how those things work...
I have a page with a mailto call that sends a confimation message to the address filled in by the user.
When I try it on the server with one of my yahoo addresses, it works. But when my dad (who's in another country) does the same thing, he has to wait almost 2 minutes before the page continues...
I have a registered domain name and the dns register points to my server's IP
I have a MX entry for @mydomain.com as well
My dad tried it with his personal email address xxx@telenet.be where telenet is his isp
So in all logic, his IP address WILL NOT PASS the reverse lookup but that don't mean that it's spam...
I have a page with a mailto call that sends a confimation message to the address filled in by the user.
When I try it on the server with one of my yahoo addresses, it works. But when my dad (who's in another country) does the same thing, he has to wait almost 2 minutes before the page continues...
I have a registered domain name and the dns register points to my server's IP
I have a MX entry for @mydomain.com as well
My dad tried it with his personal email address xxx@telenet.be where telenet is his isp
So in all logic, his IP address WILL NOT PASS the reverse lookup but that don't mean that it's spam...
> So in all logic, his IP address WILL NOT PASS the reverse lookup but that don't mean that it's spam
It's the mechanism of the email server to filter out the spam. It's quite popular now since the spam.
Yes, that doesn't mean the email being filtered out is spam.
> dns register points to my server's IP
However, does it have the reserve lookup entry for your email server's IP? If not, then check/complaint to your DNS resolvor.
Given Response
-------------------------- ---------- ---------- ------
FQDN IP address (forward nslookup)
IP address FQDN (revserse nslookup)
-------------------------- ---------- ---------- -----
> My dad tried it with his personal email address xxx@telenet.be where telenet is his isp
So your dad's ISP email server do the reverse nslookup on your email server.
Wesly
It's the mechanism of the email server to filter out the spam. It's quite popular now since the spam.
Yes, that doesn't mean the email being filtered out is spam.
> dns register points to my server's IP
However, does it have the reserve lookup entry for your email server's IP? If not, then check/complaint to your DNS resolvor.
Given Response
--------------------------
FQDN IP address (forward nslookup)
IP address FQDN (revserse nslookup)
--------------------------
> My dad tried it with his personal email address xxx@telenet.be where telenet is his isp
So your dad's ISP email server do the reverse nslookup on your email server.
Wesly
ASKER
Ok, I'll give some details.
DIG MYDOMAIN.COM
; <<>> DiG 9.2.4 <<>> MYDOMAIN.COM
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;MYDOMAIN.COM IN A
;; AUTHORITY SECTION:
MYDOMAIN.COM 289 IN SOA ns1.numericable.fr. root.numericable.fr. 2004111122 21600 3600 604800 86400
;; Query time: 19 msec
;; SERVER: 80.236.0.73#53(80.236.0.73 )
;; WHEN: Thu Nov 11 20:28:22 2004
;; MSG SIZE rcvd: 93
dig -x 81.220.168.250 --> server's IP
; <<>> DiG 9.2.4 <<>> -x 81.220.168.250
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56726
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;250.168.220.81.in-addr.ar pa. IN PTR
;; ANSWER SECTION:
250.168.220.81.in-addr.arp a. 13384 IN PTR ip-250.net-81-220-168.nice .rev.numer icable.fr.
;; AUTHORITY SECTION:
168.220.81.in-addr.arpa. 76435 IN NS dns1.euroconnect.fr.
168.220.81.in-addr.arpa. 76435 IN NS ns1.numericable.fr.
168.220.81.in-addr.arpa. 76435 IN NS ns2.numericable.fr.
;; ADDITIONAL SECTION:
dns1.euroconnect.fr. 203558 IN A 195.132.14.135
ns1.numericable.fr. 74516 IN A 80.236.0.242
ns2.numericable.fr. 17833 IN A 81.220.255.2
;; Query time: 35 msec
;; SERVER: 80.236.0.73#53(80.236.0.73 )
;; WHEN: Thu Nov 11 20:30:37 2004
;; MSG SIZE rcvd: 219
dig MYDOMAIN.COM mx
; <<>> DiG 9.2.4 <<>> MYDOMAIN.COM mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23090
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 4
;; QUESTION SECTION:
;MYDOMAIN.COM IN MX
;; ANSWER SECTION:
MYDOMAIN.COM. 94 IN MX 5 mta.MYDOMAIN.COM
MYDOMAIN.COM. 94 IN MX 10 mta.pro.numericable.fr.
;; AUTHORITY SECTION:
MYDOMAIN.COM. 82 IN NS ns2.numericable.fr.
MYDOMAIN.COM. 82 IN NS ns1.numericable.fr.
;; ADDITIONAL SECTION:
mta.MYDOMAIN.COM 94 IN A 81.220.168.250
mta.pro.numericable.fr. 403 IN A 80.236.0.249
ns2.numericable.fr. 17768 IN A 81.220.255.2
ns1.numericable.fr. 74451 IN A 80.236.0.242
;; Query time: 49 msec
;; SERVER: 80.236.0.73#53(80.236.0.73 )
;; WHEN: Thu Nov 11 20:31:42 2004
;; MSG SIZE rcvd: 192
So, What do you think. Also can you tell me a bit about the output of DIG ?
DIG MYDOMAIN.COM
; <<>> DiG 9.2.4 <<>> MYDOMAIN.COM
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;MYDOMAIN.COM IN A
;; AUTHORITY SECTION:
MYDOMAIN.COM 289 IN SOA ns1.numericable.fr. root.numericable.fr. 2004111122 21600 3600 604800 86400
;; Query time: 19 msec
;; SERVER: 80.236.0.73#53(80.236.0.73
;; WHEN: Thu Nov 11 20:28:22 2004
;; MSG SIZE rcvd: 93
dig -x 81.220.168.250 --> server's IP
; <<>> DiG 9.2.4 <<>> -x 81.220.168.250
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56726
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION:
;250.168.220.81.in-addr.ar
;; ANSWER SECTION:
250.168.220.81.in-addr.arp
;; AUTHORITY SECTION:
168.220.81.in-addr.arpa. 76435 IN NS dns1.euroconnect.fr.
168.220.81.in-addr.arpa. 76435 IN NS ns1.numericable.fr.
168.220.81.in-addr.arpa. 76435 IN NS ns2.numericable.fr.
;; ADDITIONAL SECTION:
dns1.euroconnect.fr. 203558 IN A 195.132.14.135
ns1.numericable.fr. 74516 IN A 80.236.0.242
ns2.numericable.fr. 17833 IN A 81.220.255.2
;; Query time: 35 msec
;; SERVER: 80.236.0.73#53(80.236.0.73
;; WHEN: Thu Nov 11 20:30:37 2004
;; MSG SIZE rcvd: 219
dig MYDOMAIN.COM mx
; <<>> DiG 9.2.4 <<>> MYDOMAIN.COM mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23090
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 4
;; QUESTION SECTION:
;MYDOMAIN.COM IN MX
;; ANSWER SECTION:
MYDOMAIN.COM. 94 IN MX 5 mta.MYDOMAIN.COM
MYDOMAIN.COM. 94 IN MX 10 mta.pro.numericable.fr.
;; AUTHORITY SECTION:
MYDOMAIN.COM. 82 IN NS ns2.numericable.fr.
MYDOMAIN.COM. 82 IN NS ns1.numericable.fr.
;; ADDITIONAL SECTION:
mta.MYDOMAIN.COM 94 IN A 81.220.168.250
mta.pro.numericable.fr. 403 IN A 80.236.0.249
ns2.numericable.fr. 17768 IN A 81.220.255.2
ns1.numericable.fr. 74451 IN A 80.236.0.242
;; Query time: 49 msec
;; SERVER: 80.236.0.73#53(80.236.0.73
;; WHEN: Thu Nov 11 20:31:42 2004
;; MSG SIZE rcvd: 192
So, What do you think. Also can you tell me a bit about the output of DIG ?
> dig -x 81.220.168.250 --> server's IP
> ;; ANSWER SECTION:
> 250.168.220.81.in-addr.arp a. 13384 IN PTR ip-250.net-81-220-168.nice .rev.numer icable.fr.
It looks like you have reverse DNS entry.
So what's your major issue? Is that related to reverse DNS lookup or complaining about reverse DNS lookup?
Wesly
> ;; ANSWER SECTION:
> 250.168.220.81.in-addr.arp
It looks like you have reverse DNS entry.
So what's your major issue? Is that related to reverse DNS lookup or complaining about reverse DNS lookup?
Wesly
ASKER
My major issue is that when I run my site on xp's test platform (iis) the sendmail script executes instantly no matter what address I feed it, and under linux it delays sometimes up to a minute and messages are sometimes not send at all...
You mean your webpage?
Does it complain the reverse DNS lookup on your linux box (check /var/log/messages and /var/log/maillog).
If not, then it may be related to your webpage coding issue under different platform.
Wesly
Does it complain the reverse DNS lookup on your linux box (check /var/log/messages and /var/log/maillog).
If not, then it may be related to your webpage coding issue under different platform.
Wesly
ASKER
Ok, I see in the log that the sender is
apache@ramses.mydomain.com
ramses is my computername, but I don't have any dns entries for ramses.mydomain.com
It should read: apache@mydomain.com
How can I control this?
when I type hostname it says ramses.mydomain.com
If I try to change hostname to mydomain.com or www.mydomain.com it doesn' t work either
apache@ramses.mydomain.com
ramses is my computername, but I don't have any dns entries for ramses.mydomain.com
It should read: apache@mydomain.com
How can I control this?
when I type hostname it says ramses.mydomain.com
If I try to change hostname to mydomain.com or www.mydomain.com it doesn' t work either
The setting is on the email software, such as sendmail, postfix, on the Linux box.
Wesly
Wesly
ASKER
OK Wesly thank you for your input. What do you suggest to do next... since I am still a newby in linux...
Open a new question "how to configure sendmail localhostname?" or are you able to repond to that q?
Ramses
Open a new question "how to configure sendmail localhostname?" or are you able to repond to that q?
Ramses
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Basically sendmail reverse lookup is a snaity check to help root out spammers who are maskerading sending from a different address to the one they are on.
Its actually pretty futile and creates a lot of extra traffic
If you do a google for reverse lookup sendmail youll find plenty of information
Its actually pretty futile and creates a lot of extra traffic
If you do a google for reverse lookup sendmail youll find plenty of information
ASKER
Thank you for your help you guys.
I posted a question in the sendmail TA and I got the needed answer.
What one needs to do is to make a genericstable to rewrite the FROM from outgoing messages
Example @ http://www.linuxhq.com/ldp/howto/Sendmail-Address-Rewrite-3.html
Thanks to PsiCop
I posted a question in the sendmail TA and I got the needed answer.
What one needs to do is to make a genericstable to rewrite the FROM from outgoing messages
Example @ http://www.linuxhq.com/ldp/howto/Sendmail-Address-Rewrite-3.html
Thanks to PsiCop
Sendmail use reverse lookup to check if the sender's email IP match its FQDN (such @mail.company.com)
to filter out the spam and fake email addresses.
If you send an email from a mail server which without FQDN (register on internet) and some email server
may reject it. Because it think this is spam...
Regards,
Wesly