reverse lookup

Hi

What is a reverse lookup and why does sendmail use it?

I know I can do dig -x IP  to get a reverse lookup (I think) but what's the use?

With kind regards


Ramses (x_terminat_or_3)
LVL 2
x_terminat_or_3Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

wesly_chenCommented:
Reverse lookup will give your the FQDN(Full Qualified Domain Name) when you query the IP address.

Sendmail use reverse lookup to check if the sender's email IP match its FQDN (such @mail.company.com)
to filter out the spam and fake email addresses.

If you send an email from a mail server which without FQDN (register on internet) and some email server
may reject it. Because it think this is spam...

Regards,

Wesly
0
x_terminat_or_3Author Commented:
I'm still trying to grasp how those things work...

I have a page with a mailto call that sends a confimation message to the address filled in by the user.  

When I try it on the server with one of my yahoo addresses, it works.  But when my dad (who's in another country) does the same thing, he has to wait almost 2 minutes before the page continues...

I have a registered domain name and the dns register points to my server's IP
I have a MX entry for @mydomain.com as well

My dad tried it with his personal email address xxx@telenet.be  where telenet is his isp

So in all logic, his IP address WILL NOT PASS the reverse lookup but that don't mean that it's spam...
0
wesly_chenCommented:
> So in all logic, his IP address WILL NOT PASS the reverse lookup but that don't mean that it's spam
It's the mechanism of the email server to filter out the spam. It's quite popular now since the spam.
Yes, that doesn't mean the email being filtered out is spam.

> dns register points to my server's IP
However, does it have the reserve lookup entry for your email server's IP? If not, then check/complaint to your DNS resolvor.

Given            Response
----------------------------------------------------
FQDN           IP address   (forward nslookup)
IP address    FQDN         (revserse nslookup)
---------------------------------------------------

> My dad tried it with his personal email address xxx@telenet.be  where telenet is his isp
So your dad's ISP email server do the reverse nslookup on your email server.

Wesly
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

x_terminat_or_3Author Commented:
Ok, I'll give some details.  

DIG MYDOMAIN.COM

; <<>> DiG 9.2.4 <<>> MYDOMAIN.COM
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;MYDOMAIN.COM              IN      A

;; AUTHORITY SECTION:
MYDOMAIN.COM       289     IN      SOA     ns1.numericable.fr. root.numericable.fr. 2004111122 21600 3600 604800 86400

;; Query time: 19 msec
;; SERVER: 80.236.0.73#53(80.236.0.73)
;; WHEN: Thu Nov 11 20:28:22 2004
;; MSG SIZE  rcvd: 93


dig -x 81.220.168.250  --> server's IP

; <<>> DiG 9.2.4 <<>> -x 81.220.168.250
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56726
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;250.168.220.81.in-addr.arpa.   IN      PTR

;; ANSWER SECTION:
250.168.220.81.in-addr.arpa. 13384 IN   PTR     ip-250.net-81-220-168.nice.rev.numericable.fr.

;; AUTHORITY SECTION:
168.220.81.in-addr.arpa. 76435  IN      NS      dns1.euroconnect.fr.
168.220.81.in-addr.arpa. 76435  IN      NS      ns1.numericable.fr.
168.220.81.in-addr.arpa. 76435  IN      NS      ns2.numericable.fr.

;; ADDITIONAL SECTION:
dns1.euroconnect.fr.    203558  IN      A       195.132.14.135
ns1.numericable.fr.     74516   IN      A       80.236.0.242
ns2.numericable.fr.     17833   IN      A       81.220.255.2

;; Query time: 35 msec
;; SERVER: 80.236.0.73#53(80.236.0.73)
;; WHEN: Thu Nov 11 20:30:37 2004
;; MSG SIZE  rcvd: 219


dig MYDOMAIN.COM mx

; <<>> DiG 9.2.4 <<>> MYDOMAIN.COM mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23090
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 4

;; QUESTION SECTION:
;MYDOMAIN.COM              IN      MX

;; ANSWER SECTION:
MYDOMAIN.COM.       94      IN      MX      5 mta.MYDOMAIN.COM
MYDOMAIN.COM.       94      IN      MX      10 mta.pro.numericable.fr.

;; AUTHORITY SECTION:
MYDOMAIN.COM.       82      IN      NS      ns2.numericable.fr.
MYDOMAIN.COM.       82      IN      NS      ns1.numericable.fr.

;; ADDITIONAL SECTION:
mta.MYDOMAIN.COM   94      IN      A       81.220.168.250
mta.pro.numericable.fr. 403     IN      A       80.236.0.249
ns2.numericable.fr.     17768   IN      A       81.220.255.2
ns1.numericable.fr.     74451   IN      A       80.236.0.242

;; Query time: 49 msec
;; SERVER: 80.236.0.73#53(80.236.0.73)
;; WHEN: Thu Nov 11 20:31:42 2004
;; MSG SIZE  rcvd: 192

So, What do you think.  Also can you tell me a bit about the output of DIG ?
0
wesly_chenCommented:
> dig -x 81.220.168.250  --> server's IP
> ;; ANSWER SECTION:
> 250.168.220.81.in-addr.arpa. 13384 IN   PTR     ip-250.net-81-220-168.nice.rev.numericable.fr.
It looks like you have reverse DNS entry.

So what's your major issue? Is that related to reverse DNS lookup or complaining about reverse DNS lookup?

Wesly
0
x_terminat_or_3Author Commented:
My major issue is that when I run my site on xp's test platform (iis) the sendmail script executes instantly no matter what address I feed it, and under linux it delays sometimes up to a minute and messages are sometimes not send at all...
0
wesly_chenCommented:
You mean your webpage?
Does it complain the reverse DNS lookup on your linux box (check /var/log/messages and /var/log/maillog).

If not, then it may be related to your webpage coding issue under different platform.

Wesly
0
x_terminat_or_3Author Commented:
Ok, I see in the log that the sender is

apache@ramses.mydomain.com

ramses is my computername, but I don't have any dns entries for ramses.mydomain.com    
 

It should read: apache@mydomain.com

How can I control this?

when I type hostname it says ramses.mydomain.com

If I try to change hostname to mydomain.com or www.mydomain.com it doesn' t work either


0
wesly_chenCommented:
The setting is on the email software, such as sendmail, postfix, on the Linux box.

Wesly
0
x_terminat_or_3Author Commented:
OK Wesly thank you for your input.  What do you suggest to do next... since I am still a newby in linux...

Open a new question "how to configure sendmail localhostname?" or are you able to repond to that q?


Ramses
0
wesly_chenCommented:
Hi,

    I'm not sure the answer. If it is sendmail server, you can post your question on
http://www.experts-exchange.com/Networking/Email_Groupware/Sendmail/

    So, later on, people with the same situation will find the solution easier if the solution is categorize to the right place.
Make sure to mention your OS and mail server software.

    Anyway, I'll try to find it.

Regards,

Wesly
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
paranoidcookieCommented:
Basically sendmail reverse lookup is a snaity check to help root out spammers who are maskerading sending from a different address to the one they are on.

Its actually pretty futile and creates a lot of extra traffic

If you do a google for reverse lookup sendmail youll find plenty of information
0
x_terminat_or_3Author Commented:
Thank you for your help you guys.  

I posted a question in the sendmail TA and I got the needed answer.

What one needs  to do is to make a genericstable to rewrite the FROM from outgoing messages

Example @ http://www.linuxhq.com/ldp/howto/Sendmail-Address-Rewrite-3.html


Thanks to PsiCop
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.