Solved

MX Toobox reports Reverse DNS Fail but it appears correct

Posted on 2011-09-22
5
433 Views
Last Modified: 2012-05-12
I have been having DNS issues since getting a different IP address about 5 days ago.  MX Toolbox give a Reverse DNS fail while dnsstuff.com gives it a Reverse DNS authenticity:       [Verified]

Now I know the real test is to wait for the client to send an email successfully that failed, but I am a little worried that it is an issue on my side.  However, everything I read is that it is a ISP issue.  All the DNS setting appear correct through ATT and I am getting a success from one site.  Is the mxtoolbox wrong, or is there something I can check on my side?

I have a watchguard x750e firewall and an Exchange 2003 mail server.
0
Comment
Question by:ctrisdale
  • 2
  • 2
5 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 250 total points
ID: 36581635
Go to dnswatch.info and put your IP into the IP Lookup box and click resolve.  If the IP resolves to what you expect, then you should be fine.
0
 
LVL 26

Assisted Solution

by:DrDave242
DrDave242 earned 250 total points
ID: 36581683
You can use nslookup to query the public DNS to see if the PTR record of your mail server really does match its host record, using the following sequence of commands (in a Windows environment):

nslookup  [Runs nslookup in interactive mode]
set q=a  [Sets query type to A (host)]
<FQDN of your mail server>  [The full public DNS name of your mail server - e. g., mail.mydomain.com]

The above query returns the public IP address of your mail server.  You probably already know this address, but it can't hurt to be sure.  This address will be used below.

set q=ptr  [Sets query type to PTR (reverse DNS)]
<PTR record name of your mail server>  [Take your server's public IP address, reverse the octets, and append .in-addr.arpa to it.  If your mail server's public IP address is 1.2.3.4, this will be 4.3.2.1.in-addr.arpa]

Make sure the name returned by the PTR query matches the FQDN of your server.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36581717
What DrDave said is all correct, but unless you tell nslookup to use an external server, those commands could just be seeing an internal view.  For situations like this it's best to test from an external source.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 36581747
If your internal and external domain names are identical, then yes, you will need to tell nslookup to use an external server (using the server <IP address> command).  Otherwise, your server will send the query out to the public DNS anyway via forwarders or root hints.
0
 

Author Closing Comment

by:ctrisdale
ID: 36589662
Thanks guys.  You are both correct.  I got the correct record with my ISP and all is good to go.  Thank you for your input
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains how a domain name may be inadvertently appended to all DNS queries. This exhibits as described below. (CODE)And / Or: (CODE) Cause This issue can occur in either of these two scenarios. EITHER 1. A Primary DNS S…
If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question