On Mon, 26 Jun 2006, Paul wrote:
On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote:
On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I will try to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name (www.abcxyz.com) and need a number. This this case, there is a domain owner and that domain has it's own DNS Zone. The owner of that Zone can put whatever IP addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined zone at all ... you can have as many names as you want, and since people pay for it (the name), it stands to reason that will keep it updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first 3 groups of numbers are the network number, the last group is the host number). If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally assigned from the owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the reverse into smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer control of some reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are designed to easily break them down into 1 or 2 names ... but reverse zones are predefined and not designed for less than 1 class C network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too much work for the ISP to handle the reverse lookup for a single IP. If they dole them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is this why it recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for outgoing mail? Or is it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
Most ISPs block outbound port 25 traffic now ... only allowing mail server operation (or even normal sending of e-mail via a client) to be done out of their mail servers.
I had, for many years, run a mail server on my linux box at home. Spammers (and viruses) have ruined that option for us. I now have a domain that I use for e-mail at a hosting provider, as too many servers now block dynamic ranges and cable/dsl ranges to combat spam.
I have since just setup an NX desktop and use that to get to my mail at my home desktop when I am not there ... which seems to work OK.
There are a select few ISP's still home-server friendly, one being Speakeasy.net.
+1 for Speakeasy. They also have a very active abuse desk.
Regards,
Tom