I am trying to set up a PTR
for reverse DNS so that mail that gets sent from me scripts doesn't get blocked due to reverse DNS failure. I beleive my zone is set up correctly, however me "thinking" it's correct and "knowing" it's correct are 2 seperate things!
First, I have: mydomain.com
This domain lives on public IP: 1.2.3.4
My conf
file in the bind
configuration looks like:
zone "mydomain.com" {
type master;
file "/var/lib/bind/mydomain.com.hosts";
};
zone "4.3.2.1.in-addr.arpa" {
type master;
file "/var/lib/bind/mydomain.com.reverse.hosts";
};
The mydomain.com.reverse.hosts file contains:
$ttl 38400
@ IN SOA ns1.mydomain.com. zak.mydomain.com. (
1502115400
10800
3600
604800
38400 )
IN NS ns1.mydomain.com.
IN NS ns2.mydomain.com.
4.3.2.1.in-addr.arpa. 3600 IN PTR mydomain.com.
Forward lookups work great — IE dig mydomain.com A
and dig mydomain.com NS
both bring up the respective (correct) A and NS records. The reverse lookup however isn't showing the PTR
. IE:
zak@zak-webserver:~$ dig -x 1.2.3.4 PTR
; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 1.2.3.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;4.3.2.1.in-addr.arpa. IN PTR
Is my PTR record set up correctly? If so what are some checks I can do to find the failure point?
Best Answer
Your PTR record seems fine, you can verify that by running
dig
against your own DNS server.However that doesn't mean much as long as a DNS resolution starting at the root dosn't ultimately arrive at your DNS server.
Normally you have to ask the ISP that assigned your IP address to set up a PTR record for that address.