Configuring reverse DNS on BIND 9.7.3

I'm seeing the following in /var/log/mail.log

UPDATE :I own the mentioned public IP addresses.

The IP address sending this message does not have a PTR 550-5.7.1 record
setup. As a policy, Gmail does not accept messages from IPs 550-5.7.1 with missing PTR records.

I need to setup reverse DNS by configuring PTR records on my DNS server and I'm having a hard time figuring what I'm doing wrong.

So far I have added in /etc/bind/zones/example.com.db

$TTL 86400; 1 day
@               IN SOA  a.ns.example.com. admin.example.com. (
                                2016090901 ; serial
                                60         ; refresh (1 minute)
                                7200       ; retry (2 hours)
                                3600000    ; expire (5 weeks 6 days 16 hours)
                                86400      ; minimum (1 day)
                                )

1.196.198.in-addr.arpa. IN NS a.ns.example.com
1.196.198.in-addr.arpa. IN NS b.ns.example.com

11              IN      PTR mail.example.com
6               IN      NS      a.ns.example.com.
9               IN      NS      b.ns.example.com.
                        MX      5 mail.example.com.
mail                    A       198.196.1.11
mx                      A       198.196.1.11
smtp                    A       198.196.1.11
www        60     IN    A       198.196.1.22
example.com. 60   IN    A       198.196.1.22

and in /etc/bind/named.conf

  GNU nano 2.2.4                                                       File: named.conf                                                                                                                      

options {
        directory "/var/cache/bind";

        auth-nxdomain no;    # conform to RFC1035

        listen-on { 198.196.1.6; };
        listen-on-v6 { "none"; };

        recursion no;

        allow-transfer { 198.196.1.9; };
        also-notify { 198.196.1.9; };
};

controls {
        inet 127.0.0.1 allow { localhost; };
};

zone "example.com" {
        type master;
        file "/etc/bind/zones/example2.com.db";
};

zone "example.com" {
        type master;
        file "/etc/bind/zones/example.com.db";
};

zone "1.196.198.in-addr.arpa" IN {
type master;
file "1.196.198.in-addr.arpa";
allow-update { none; };
};

and still when I do a PTR lookup I'm getting

dns2.xxxx.xy  x.x.x.x  AUTH  140 ms  Received 1 Referrals , rcode=NAME_ERROR    1.196.198.in-addr.arpa. 14400 IN SOA mname=dns1.xxxx.xy rname=hostmaster.xxxx.xy serial=xxxxxx,

Best Answer

There is no delegation of neither 1.196.198.in-addr.arpa nor 196.198.in-addr.arpa zone on the DNS servers authoritative for 198.in-addr.arpa zone.

This is either your task to properly set it up or whoever sold/rented you the address space. Sole PTR record on your nameserver is not enough, the whole delegation chain must be also in place for this to work.

Best Answer

Related Solutions

Debian – Setting up a DNS name server for a mass virtual host with Bind9

Problems with reverse DNS pointing to unknown hostname

Related Topic