• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 252
  • Last Modified:

DNS and A Records

This question may be covered in another thread, but I am not sure what to use as a search term to find it, but what I am needing to do is get my client removed from blacklists after a machine of there's was unknowingly to them sending out spam.  The machine has since been reformatted and patched.

I am just not wanting to cause a DNS loop or downtime to my client, but I want to set this up so we can be removed from the remaining blacklists.  The remaining blocking are FIVETEN sites.  I had our ISP set the reverse record on their end to point correctly for our public IP to point back to our domain name.  What FIVETEN is saying now is:

"Also, none of those names have an A record pointing to the original xxx.xxx.xxx.xxx. That needs to be fixed" (xxx.xxx.xxx.xxx being our public IP).

I believe I can do this from our host and just point the * wildcard record to our DNS server's public IP, but what I am concerned about is that we are not serving our own website.  Currently if people type www.domainname.com or just domainname.com, they get our website because the website/hosting company is using a * wildcard for all traffic that I haven't set a custom DNS on their end for.  I am forarding three custom names including our mail traffic.  What I think I need to do is point all traffic from the host to our own server via our public IP and then just set A records in our server's DNS to point the www traffic back to the web host.  I am not 100% familiar with A records, but if I want this to work correctly what is the and easiest way to preserve what is in place now with people typing just our domainname or www.domainname?

1 Solution
I'm not entirely clear on your specific requirements but hopefully I can clarify the issue of your A records.
Your domain name of domain.com is a forward lookup zone - as in an 'area' to find your hosts. Think of it as a street name
The A record specifies a particular host. This would correspond to your house number.
To specifiy your web-site you would have an A record called WWW (within the forward lookup zone), and your mail Server would probably have an A record of MAIL
This would then give you hosts of www.domain.com and mail.domain.com
(To get your MX record sorted you would then point IT to the A record)
Then you would add an A record called * for your wildcard and point THAT to the Web Server - this would point any unknown host requests to the web-site (wheredoigo.domain.com would go to the web-site)
Is that what you are after (and apologies if I just typed everything you already knew!)
foxtrot79Author Commented:
I will give that a try when I am back at their location.  I am out of town this week, but what you typed is basically what I was thinking.


Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now