DNS Record Setup - MX Record, SPF record and PTR - For VPS Hosting multiple virtual domains

My problem:
I have set up several domains on a VPS running WHM and cPanel on CentOS 4.6. I have been unable to properly set up my MX, SPF and PRT record as to properly send mail to domains that perform reverse DNS lookups. I have not properly set up my VPS and I need some guidance. My current DNS record as it pertains to mail looks like this:

Definitions:
shared IP = xxx.xxx.xxx.173 for virtual domains without SSL
exclusive IP = xxx.xxx.xxx.182 for main domain with SSL cert
exclusive IP = xxx.xxx.xxx.30  for mail server with SSL cert

domain.com.   A           xxx.xxx.xxx.182
domain.com.  mx    0    mail.domain.com.
mail.domain.com.    A   xxx.xxx.xxx.30
xxx.xxx.xxx.182      PTR   ggtai.com.
ns1.domain.com.   A xxx.xxx.xxx.182
ns2.domain.com.   A xxx.xxx.xxx.182
domain.com.       TXT   "v=spf1 a mx ~all"
hostname.domain.com     A     xxx.xxx.xxx.173


I have screwed this up when I installed the SSL certs, i.e. changed the IP of the mail server so I could install a SSL cert...

results of a dig -x on xxx.xxx.xxx.182

[root@ruby ~]# dig -x 66.11.239.182

; <<>> DiG 9.5.0b1 <<>> -x xxx.xxx.xxx.182
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28310
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;182.239.11.66.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
182.239.11.66.in-addr.arpa. 3600 IN     PTR     xxx-xxx-xxx-182.managemyvps.com.

;; AUTHORITY SECTION:
239.11.66.in-addr.arpa. 18930   IN      NS      ns1.managemyvps.com.
239.11.66.in-addr.arpa. 18930   IN      NS      ns2.managemyvps.com.

; <<>> DiG 9.5.0b1 <<>> -x xxx.xxx.xxx..30
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13787
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;30.239.11.66.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
30.239.11.66.in-addr.arpa. 3600 IN      PTR     xxx-xxx-xxx-30.managemyvps.com.

;; AUTHORITY SECTION:
239.11.66.in-addr.arpa. 16135   IN      NS      ns1.managemyvps.com.
239.11.66.in-addr.arpa. 16135   IN      NS      ns2.managemyvps.com.

;; Query time: 37 msec
;; SERVER: 67.100.88.27#53(67.100.88.27)
;; WHEN: Fri Jan 25 02:50:07 2008
;; MSG SIZE  rcvd: 121

;; Query time: 36 msec
;; SERVER: 67.100.88.27#53(67.100.88.27)
;; WHEN: Fri Jan 25 02:03:33 2008
;; MSG SIZE  rcvd: 123

I need explicit instructions on what I need to do to correct this.

Thanks in advance.
copeaseticAsked:
Who is Participating?
 
NopiusConnect With a Mentor Commented:
Not all ISPs provide reverse IP delegation, but most of them can change one or two reverse records by a customer request.

Just submit a request to change these 2 records to point  2 IPs to your mail.ggtai.com. and secure.ggtai.com. domain names.
0
 
NopiusCommented:
You can't change reverse PTR records yourself, only ISP can do it.

First of all you should ask support of managemyvps.com ISP to change their PTR records for .182 and .30 to point to secure.ggtai.com and mail.ggtai.com accordingly.
And remove PTR from your DNS.

You have no use of second NS2 server because it has the same IP as NS1, so it's safe to remove it also (I know the requirement to have at least 2 NS for any domain, but once registered you have no use of second NS having the same IP, it only slows down negative name lookup response in case of your NS failure).

SSL certs are bound to the host name, not to IP. And having reverse lookup the same as direct doesn't matter for WEB, but it does for mail server only.

If you have any specific problem with SSL please provide more details.
0
 
IulianSurgiuCommented:
239.11.66.in-addr.arpa. 18930   IN      NS      ns1.managemyvps.com.
239.11.66.in-addr.arpa. 18930   IN      NS      ns2.managemyvps.com.

Do you have access to those nameservers? If not you can ask your ISP to do it or to delegate the zone of the 2 IPs to your DNS.

0
 
copeaseticAuthor Commented:
I do not have access to those nameservers and I will submit the request. Would you mind providing more detail as to what exactly I am attempting to accomplish by asking for delegation?

Thank you!
0
 
IulianSurgiuCommented:
Hi you have two options:

1. Ask your ISP to do RDNS for you by your specs, easiest way
2. Ask your ISP to delegate the  182.239.11.66.in-addr.arpa. and 30.239.11.66.in-addr.arpa. to your DNS, which I doubt they will
0
All Courses

From novice to tech pro — start learning today.