Reverse DNS?!?

Factual Questions
1

So I found out that when I send e-mails to AOL customers, the e-mails are automatically considered “spam” because my landlord hasn’t set up Reverse DNS for his domain.

I mentioned it to his computer person, and she said she is working on the problem, but the reality is that she’s frankly a f*ck-up who would rather lie than actually try to fix a problem. (yeah yeah, belongs in the Pit. Sorry)

So my question is as follows: Is there anything I can do to so my e-mails satisfy AOL’s criteria? Alternatively, what actually needs to be done to fix the problem? I know where the computer facilities are, and if it’s something that can be done in 5 or 10 minutes, I might try a “mission impossible”

2

Is there anything legal you can do to make yourself capable of sending SMTP email without that email looking like someone who doesn’t have reverse DNS sent it?
The answer is no, although I’d reccomend using web-based email as a practical and legal solution to your problem.
Regarding illegal stuff…
A) I wouldn’t help you if I could and
B) if you have to ask questions about reverse DNS, it would take you hours if not days to fix it.
So perish the thought, remember that unauthorized use of a computing system is a felony in some states, and gaining unauthorized physical access to a room is criminal in all states.

3

I have no idea what the first person to reply to thsi thread is talking about, he is on some rant that makes little sense and did not answer the question…

To start with, reverse DNS, or inverse DNS, or your .in-addr.arpa records are what AOL is talking about here. You can read more about them at the link below:

http://www.dnsstuff.com/info/revdns.htm

Basically, AOL takes the position that if you run a email server, when you send email to AOL through that email server, they take the IP address, invert it, and make sure there is a corresponding DNS entry for that IP address, also called a PTR record.

You can do little to fix this issue on your own. But you can do some. The first thing you can do is simply not send email through whoever you are that has DNS not set up correct. That will solve the trouble in the meantime.

Next, there are 2 places that control the rDNS, it could be the people in charge of DNS for the domain itself, or it could be their IP provider. Everyone does this a little different. It is called delegation and determines who can control this. Most people get to maintain their own DNS as they see fit, rDNS on the other hand, can sometimes be delegated and allowed to be controlled by the DNS admin for the domain, or it can be controlled by the upstream provider. I would almost be willing to bet that the case you are faced with is one in which the person in charge of the email server actually does not even have the control to add a PTR record if they even wanted to. In this case you are in luck, somewhat, You can go to arin.net and enter in the IP of the SMTP server and see who own that IP space. From there, you could send a email to that admin and ask them if they will simply fix the problem. some people are under the impression that rDNS must be a “pretty” name but in the case of AOL, it just needs to be defined, they do not care what the actual hostname is. Either way, it is something that most people can deal with in about 10 seconds. It is a very simple matter.

Also, try entering in the IP of the SMTP server into dnsreport.com and it will tell you what the trouble is and even point you to fixes, you may want to give this info to your mail servers admin.

4

I have roughly 50 domains and only 2 IP addresses on my server. Because of this “Virtual Hosting”, only two of my domains can have reverse lookup.

Most hosting companies do it the same way for their customers - a bunch of people will share a server with only a couple IP addresses. In these cases the IPs reverse lookup will generally be back to the hosting company.

That said, assuming you mean landlord literally and that your computers are part of his network and on his domain, I don’t know what to tell you other than bug the crap out of him, or send email from somewhere else (like a paid email service or a free web based one).

5

Eleusis, do the users of your fifty domains have problems sending to AOL customers? If not, is it because the inverse address (your hosting company) is on some registered trusted list inside AOL? If that’s the case, how did you get on said list, and can the OP work on getting his landlord on it as well?

I also have a setup with a number of domains on a few IPs. The users are happy and have no problems, but truth is I don’t know if they send anything to aol addresses. You would think other ISPs would put this sort of Spam protection in place as well. All I know is they’ve been sending email for some time now with no problems.

6

Bill H, I’m the only user of my 50 domains. We can’t count the anonymous web hits from tens of thousands of people per day who just want to masturbate.

If you own (for example) BillH.scrog and it resides on a server with 49 other domains, BillH.scrog will need a unique, static IP in order to set up reverse DNS.

Say you’re AOL, here is what you might say:

“Hey, an email that claims to be from BillH.scrog!
Let’s see which IP it came from.
Hmmm… 192.168.0.1
Let’s perform reverse lookup to make sure it isn’t some spammer.
Uh oh, 192.168.0.1 comes back as 32lj42l3j.3rdstreet.4thavenue.cocknbull.nigeria.ng.
That’s not BillH.scrog, so we’ll just dump it post haste”.

If you had the IP pointing back at ONE single domain, the same one that the email claims to be from, AOL will accept it.

7

This is just wrong information entirely…
http://postmaster.aol.com/info/rdns.html

From the above link
If the sender’s domain is the only domain sending mail from a specific IP address, we recommend that the reverse DNS entry (PTR Record) match the domain name (A Record), but we do not require it.

AOL does require that all connecting Mail Transfer Agents have established reverse DNS, regardless of whether it matches the domain.

Reverse DNS must be in the form of a fully-qualified domain name – reverse DNSes containing in-addr.arpa are not acceptable, as these are merely placeholders for a valid PTR record. Reverse DNSes consisting only of IP addresses are also not acceptable, as they do not correctly establish the relationship between domain and IP address.

See the “do not require it” part. In a limited IP space, until IPv6 rolls out, what you propose is not really feasible. Of the hundreds of domains I host, they all get a MX record, there is no way I can be expected to have a PTR record for each domain, that would mean one IP address for every domain. Were this mandatory, we would be out of IP addresses in short order.

So aol does not allow you to just have a in-addr.arpa record, but as long as you have any old hostname associated with it, you are good, in your case example 32lj42l3j.3rdstreet.4thavenue.cocknbull.nigeria.ng would meet that criteria, and would be delivered.

8

There are idiots that do require this, last i checked AOL.com was not among them. I was the email admin for a company that dealt with many security conscious businesses. Every so often we ran into these idiots. Not only is it impractical for reasons cited by others, it violated our security polices to do so (some of which were not the wisest of policies, but hey there were there). I would carefully explain that we wanted to do business with them, but they needed to change. I usually gave a speech that included such points as "your notoriously security conscious rival doesn’t require this, you are probably losing mail from other places not as savvy about these things as us, and often the hey, you don’t even have your reverse lookups match exactly you bozo, you wouldn’t be able to mail yourself without special arrangements. If they still refused, I wrote a note to the CIO and advised my users to fax them.

These were usually small companies with ignorant high and mighty tech staffs. Oddly, they were usually the same ones that thought that primary DNS is the one always used if it were up and that secondary and tertiary DNS were only use if the primary were not available. They would then screw up or let their testers or developers screw up their secondary and tertiary DNS. HINT freaking HINT if you tell your secondary DNS that it is authoratative for a domain and then only put in a zone file with one or two of your records people will have trouble communicating to you!!!

9

The policy by AOL is a half-assed way of stopping spam, and arrogant to boot. Even worse, they keep their customers unaware of the problem, so they won’t complain.

We kept our mail server so it could not be reached via the Internet. Now, we have to go along with AOL’s fiat. So now our server can be found by hackers* and be a point of attack. Thanks AOL. :mad:

AT&T Worldnet tried this sort of crap, but once their customers found out, they were forced to stop the policy. But AOL doesn’t give a good goddamn.

*If anyone mentions “security through obscurity,” they first have to post their SDMB password. After all, if it isn’t a good idea to keep sensitive information secret, then you shouldn’t have any problem posting it here, right?

10

So…, what kind of operation does your Landlord got going on? Does he have a DSL connection hooked up to 20 tennants or something? Can you get your own connection to the internet?

11

An update:

I took Scott’s advice and looked up the upstream provider and called them. They were quite friendly and helpful. They told me that someone from the same office as me had made the same request the same day. (I forgot to mention that I had made a fairly nasty complaint to my landlord the other day.) So it looks like things will get taken care of. Thanks for your help.