Adding A record for reverse DNS

Discussion in 'DNS Server' started by Bastiaan Houtkooper, Sep 7, 2006.

  1. Running Windwos Server 2003 with active directory and inegrated DNS.

    Recently I had some problems with email returning because I had no reverse
    DNS entry.

    I found out that I had to ask my hoster to create a records on their DNS.
    (the server is in a datacentre)
    The created the reverse DNS entry

    When checking on on dnstuff.com I still get an error:

    There is no A record for server.xxx.info.

    My guess is that my DNS only replies for the internal server.xxx.local
    domain.

    So the question is how do I create this A record and where. (for my external
    domain name)

    Thanks in advance.

    Bastiaan Houtkooper NSC
     
    Bastiaan Houtkooper, Sep 7, 2006
    #1
    1. Advertisements

  2. It goes in the zone for your public domain name that is held at the
    authoritative Public DNS servers for your domain.

    This may have nothing to do with your local DNS if it isn't the public
    authoritative DNS for your public domain.

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 7, 2006
    #2
    1. Advertisements

  3. You have several problems that need to be corrected.

    The PTR is in place for the IP and says server.zebrafilm.info, which is OK,
    BUT, server.zebrafilm.info is a CNAME.
    QUESTION SECTION:
    server.zebrafilm.info. IN ANY

    ANSWER SECTION:
    server.zebrafilm.info. 14280 IN CNAME
    zebrafilm.info.zebrafilm.info.

    Which also does not have an A record, but, it does have an MX record which
    makes no sense whatsoever.
    QUESTION SECTION:
    zebrafilm.info.zebrafilm.info. IN ANY

    ANSWER SECTION:
    zebrafilm.info.zebrafilm.info. 12814 IN MX 10
    85.12.17.104.zebrafilm.info.

    Another problem is your mail server HELO name.
    zebrafilm.info claims to be non-existent host server.ZebraFilm.local:
    220 server.ZebraFilm.local Microsoft ESMTP MAIL Service, Version:
    6.0.3790.1830 ready


    What you need to do is not so hard to fix.

    1) Delete the CNAME server.zebrafilm.info
    2) Create an A record for server.zebrafilm.info with IP 85.12.17.104, do
    this because the PTR already exists for that name.
    3) Assuming this is Exchange, using System manager expand down to the SMTP
    virtual server. Right click on the SMTP virtual server, choose properties,
    select the Delivery tab, click the Advanced button, In the Fully-qualified
    domain name field change server.zebrafilm.local to server.zebrafilm.info.

    This must be done on these two servers, not on you local DNS, unless these
    two are your local DNS.
    ns3.phpbb3.nl. [213.189.9.32]
    ns2.phpbb3.nl. [213.189.9.27]



    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 8, 2006
    #3
  4. This is the only MX record that counts:
    (It is the one that is published to the internet)
    QUESTION SECTION:
    zebrafilm.info. IN MX

    ANSWER SECTION:
    zebrafilm.info. 14400 IN MX 0 zebrafilm.info.

    ADDITIONAL SECTION:
    zebrafilm.info. 14400 IN A 85.12.17.104


    But, it has a problem, it says the SMTP server's name is "zebrafilm.info"
    Look very closely at this because this is what the MX record should say:
    zebrafilm.info. 14400 IN MX 0 server.zebrafilm.info.

    All other MX records can/should be deleted except the above.


    Also, fix the mail server's host name on the SMTP virtual server as I noted
    before, it still says its name is "server.ZebraFilm.local"
    It must say its name is "server.zebrafilm.info"

    Look at this DNS report, fix the things you can, obviously some of these
    things are out of your control. You can add an SPF record, but I doubt if
    you can do anything about the open name servers, glue at the parent servers,
    or the name servers being on the same network.
    http://www.dnsreport.com/tools/dnsreport.ch?domain=zebrafilm.info

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 10, 2006
    #4
  5. An A record is an Address record, a CNAME is an Alias.

    When you created server.zebrafilm.info, you made it a CNAME record, it must
    be an A record. That is a major error, you cannot use a CNAME in an MX
    record.
    Did you see this:
    WARNING: One or more of your MX records points to a CNAME. CNAMEs are
    prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4,
    and RFC2181 10.3. The problem MX record(s) are:
    server.zebrafilm.info.->85.12.17.104.zebrafilm.info.->Unknown [No A]

    And this:
    ERROR: I could not complete a connection to any of your mailservers!

    server.zebrafilm.info: Could not connect without glue or A record.




    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 10, 2006
    #5
  6. Your public zone looks OK, but could use an SPF record
    This local zone is likely going to give you some issues. Since this zone is
    for local resolution and connectivity, you should delete the two records
    that have the public IP addresses. Keep in mind, all records in this zone
    are not for public access and must resolve to local addresses.
    I notice you have an SPF record, but this record is in the wrong place, it
    should be in the public zone, if you can add a txt record in the public zone
    Again here, you need to delete those two records with the public IPs,
    they're going to cause connectivity issue with Active Directory.
    This is that server with RAS installed isn't it?
    You need to add this to the registry:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

    On the Edit menu, point to New, and then click String Value to add the
    following registry value:
    Value name: PublishAddresses
    Data type: REG_SZ
    Value data: 192.168.10.1

    This should remove the (same as parent folder) record with the
    192.168.234.235 IP address.

    You need to completely remove this zone, it is going to cause a conflict for
    looking up PTRs in the rest of the subnet.

    You can add a reverse lookup zone for 192.168.1.x if you want.

    Make sure this server uses only its own address for DNS.

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 11, 2006
    #6
  7. Dear Kevin,

    Thanks for your extensive help.
    Yes this is the server that I use mainly with RAS. The only part having also
    an IP address is the Remote Access Controller that DELL also connects to
    windows. But I guess it should never show up in DNS.

    I made every step you suggested:

    Removed all public IP¹s from the local DNS (getting a better understanding
    step by step, couldn¹t get that from my books)
    Removed the reverse lookup zone.
    Added the reg key

    Questions that remain:
    You suggested a possible reverse lookup zone fro 192.168.1 but I assume this
    should be 192.168.10?
    Would it help anywhere to have this?

    I have added a SPF record to the Unix system, funny enough I was confused if
    I should do it for zebrafilm.info or for server.zebrafilm.info.
    I have tried both and none gets recognized by dnsreport.com.

    The nslookup looks better now but I am still not able to receive email.
    Since I changed the delivery tab from *.local to *.info, the server doesn¹t
    seem to accept mail anymore send by other mail clients. It does accept mail
    when I send them manually with TELNET to the SMTP server.

    Any idea what might cause this?

    Regards,

    Bastiaan
     
    Bastiaan Houtkooper, Sep 11, 2006
    #7
  8. Yes, that was a typo.
    You know, its all coming back to me now, isn't this the box that has a modem
    on it, and there aren't any local clients?
    And you connect by VPN?
    This is an Exchange server right?
    Has it been set up to receive mail for zebrafilm.info?

    In System manager, Expand Recipients, Select Recipient Policies in the left
    hand pane, in the right hand pane, right click Default Policy and choose
    Properties from the list. Select the E-Mail addresses tab, click "New"
    Select SMTP address and Click OK, in the Address field type in
    @zebrafilm.info and click OK. Place a check in the Box next to
    @zebrafilm.info, then click the Set as Primary button. The Ok your way out
    and close System Manager.

    How do users connect to this server for E-mail?
    With Outlook or Outlook Web Access?

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 11, 2006
    #8
  9. Kevin, that must have been a flash back rolling through all your previous
    mails remembering this specific box :)

    Yes this is a server with no direct internal LAN.
    Everything is websites or Exchange + some VPN with redirected documents etc.

    We connect with Outlook and Entourage and sometimes OWA and OMA.
    It servers for FTP and WebDav too.

    Beside that it is also a learning system for me. That¹s why I pay the money
    to MS for all the licenses ;-)

    The recipient policy was already setup for the 5 domains that it receives
    emails from.
    Zebrafilm.info was set as primary.

    Reg Bastiaan
     
    Bastiaan Houtkooper, Sep 11, 2006
    #9
  10. I got to thinking about that, the only way you can access this box is by it
    public IP address or VPN, so your going to need to make sure that only the
    server itself uses the private address unless you're connected by VPN.

    So, if your using Outlook you have to use the VPN, or connect by using RPC
    over HTTP.


    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 11, 2006
    #10
  11. Sounds like its a DNS issue.
    Send me your ipconfig /all, netdiag /fix and dcdiag /fix from a command
    prompt.
    Netdiag and dcdiag are in the server support tools on the CD. It would
    probably be better if you eamil it to me. Take the nospam. out of my email
    address.

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 11, 2006
    #11
  12. Yes, it did, I have replied. My apologies for my tardiness.

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 13, 2006
    #12
  13. Can¹t get through to your [email protected] account Kevin.
    Messages come back......
     
    Bastiaan Houtkooper, Sep 15, 2006
    #13
  14. SBC had a major outage yesterday that had me down from 2am to after 8pm,
    please retry sending the massage again.


    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    http://message.wftx.us/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin D. Goodknecht Sr. [MVP], Sep 15, 2006
    #14
  15. Seems it even happens to the best :)

    Will resend.

    Bastiaan
     
    Bastiaan Houtkooper, Sep 15, 2006
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.