> -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Paul > Sent: Monday, June 26, 2006 7:52 AM > To: CentOS mailing list > Subject: RE: [CentOS] Re: DNS Server > > On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote: > > On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote: > >> > >> > -----Original Message----- > >> > From: centos-bounces at centos.org > >> > [mailto:centos-bounces at centos.org] On Behalf Of Johnny Hughes > >> > Sent: Monday, June 26, 2006 7:19 AM > >> > To: CentOS ML > >> > Subject: RE: [CentOS] Re: DNS Server > >> > > >> > On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote: > >> > <snip> > >> > > >> > > > >> > > So even if a service such as zoneedit, say they can do > >> > reverse DNS, it > >> > > won't work? > >> > > > >> > > I really don't understand how it can work in one direction > >> > and not the > >> > > reverse. If they can keep up with my IP address and > match it to > >> > > my domainanme, seems they could do the reverse. > >> > > > >> > > >> > OK ... rather than you staying confused on this issue, I > will try > >> > to explain it in basic terms. > >> > > >> > DNS converts names to IPs (forward lookups) and IPs to names > >> > (reverse lookups). > >> > > >> > A forward lookup is when you have a name > (www.abcxyz.com) and need > >> > a number. This this case, there is a domain owner and > that domain > >> > has it's own DNS Zone. The owner of that Zone can put > whatever IP > >> > addresses > >> > (numbers) with names that they want in that zone. > >> > > >> > In the case of a forward lookup, there is no predefined > zone at all > >> > ... > >> > you can have as many names as you want, and since people > pay for it > >> > (the name), it stands to reason that will keep it > updated properly. > >> > > >> > A reverse lookup is different. The standard for reverse lookups > >> > break them down in "Class C" blocks (that is, the first > 3 groups of > >> > numbers are the network number, the last group is the > host number). > >> > If you have an ip address of: > >> > > >> > 192.87.99.234 > >> > > >> > The network number is 192.87.99.0, the subnet mask is > >> > 255.255.255.0, the host number is 234, and the reverse lookup > >> > domain is: > >> > > >> > 99.87.192.in-addr.arpa > >> > > >> > All 254 host addresses in that zone are normally > assigned from the > >> > owner of that zone from one machine. If someone buys the whole > >> > class C network, they get to control the zone, otherwise it is > >> > normally controlled by the ISP that owns all the IPs. > >> > > >> > It is possible, but not usually done, to break up the > reverse into > >> > smaller ranges. > >> > > >> > Tom Diehl has already mentioned RFC 2317: > >> > > >> > http://www.faqs.org/rfcs/rfc2317.html > >> > > >> > Using the techniques there, an ISP _CAN_ transfer > control of some > >> > reverse lookup domains. They will normally not do it unless you > >> > have a fairly large network, however. > >> > > >> > I hope this helps you understand that forward zones are > designed to > >> > easily break them down into 1 or 2 names ... but reverse > zones are > >> > predefined and not designed for less than 1 class C > network blocks. > >> > >> Hello Johnny, > >> > >> I guess that makes sense. It seems it would create too > much work for > >> the ISP to handle the reverse lookup for a single IP. If > they dole > >> them out that way, they should either do it or delegate them. > >> > >> All this is to operate a mail server without bounces. Is > this why it > >> recommedned to use your ISP's mail server as smarthost? Does this > >> mean I would be using the ISP's mail server for outgoing > mail? Or is > >> it just 'stamped' with the ISP's name to prevent bounces? > >> > >> Thanks, > >> > >> Eddie > > > > Most ISPs block outbound port 25 traffic now ... only allowing mail > > server operation (or even normal sending of e-mail via a > client) to be > > done out of their mail servers. > > > > I had, for many years, run a mail server on my linux box at home. > > Spammers (and viruses) have ruined that option for us. I now have a > > domain that I use for e-mail at a hosting provider, as too many > > servers now block dynamic ranges and cable/dsl ranges to > combat spam. > > > > I have since just setup an NX desktop and use that to get > to my mail > > at my home desktop when I am not there ... which seems to work OK. > > There are a select few ISP's still home-server friendly, one > being Speakeasy.net. Hi Paul, My ISP, Alltel, doesn't block ports. I have been using their service for about 6 years. Started with a dynamic IP and just switched to a Bussiness Class DSL with a static IP. So far they have been easy to deal with. Its just hard to find the right person to speak with. Thanks!!