Andy
Tidied up the reverse zone file
$ORIGIN .
$TTL 600 ; 10 minutes
35.84.119.85.in-addr.arpa. IN SOA ns2.keiths-place.co.uk.
keith.keiths-place.co.uk. (
2019120315
600
300
1209600
300 )
IN NS ns1.keiths-place.co.uk.
IN NS ns2.keiths-place.co.uk.
IN NS ns3.keiths-place.co.uk.
$ORIGIN 35.84.119.85.in-addr.arpa.
@ IN PTR keynesmail.com.
The main config snippet
zone "35.84.119.85.in-addr.arpa" {
type master;
file "/var/lib/bind/35-32.84.119.85";
allow-transfer {
slaves;
};
check-names warn;
notify yes;
};
from /etc/bind/named.conf.local
"slaves" is an acl IPv6 and IPv4 addresses of various secondary addresses
Keith
On Tue, 12 Apr 2022 at 09:48, Andy Bennett <andyjpb@???> wrote:
> Hi,
>
> Given the previous logs where the nameserver replies "REFUSED", could you
> check that the zone file for the reverse zone is set up correctly in the
> overall nameserver configuration.
>
> Is 35.84.119.85.in-addr.arpa. configured in your nameserver configuration
> file?
> If so, are you able to share the snippet for that?
>
>
>
> > That A record was only up there for 5 minutes, LOL, I was
> > redoing the zone file and mistyped then when checking realised
> > \i had made a booboo there and redid it. Must have been then
> > that it was picked up. (It was very late)
> > Here was the error message
> > bombay.duck12@???>: host mx.lb.btinternet.com[213.120.69.89]
> > refused to talk to me: 421
> > re-prd-rgin-002.btmx-prd.synchronoss.net Service
> > not available - no PTR record for 85.119.84.35
> >
> > <bea.jay@???>: host
> > mx.tb.ukmail.iss.as9143.net[212.54.56.11] refused
> > to talk to me: 421 mx4.tb.ukmail.iss.as9143.net
> > mx4.tb.ukmail.iss.as9143.net MXIN108 Failure to determine
> > Reverse DNS for
> > your IP 85.119.84.35. Fix or retry later.
> >
> ;id=e02ZnsEO3k7hk;sid=e02ZnsEO3k7hk;mta=mx4.tb;d=20220411;t=214936[CET];ipsrc=85.119.84.35;
> >
> > <joyron.b@???>: host
> > mx.tb.ukmail.iss.as9143.net[212.54.56.11] refused
> > to talk to me: 421 mx4.tb.ukmail.iss.as9143.net
> > mx4.tb.ukmail.iss.as9143.net MXIN108 Failure to determine
> > Reverse DNS for
> > your IP 85.119.84.35. Fix or retry later.
> >
> ;id=e02ZnsEO3k7hk;sid=e02ZnsEO3k7hk;mta=mx4.tb;d=20220411;t=214936[CET];ipsrc=85.119.84.35;
> > Here is the reverse zone file ( /var/lib/bind/35-32.84.119.85)
> > for the IP address
> > $ORIGIN .
> > $TTL 600 ; 10 minutes
> > 35.84.119.85.in-addr.arpa. IN SOA ns2.keiths-place.co.uk.
> > keith.keiths-place.co.uk. (
> > 2019120307
> > 600
> > 300
> > 1209600
> > 300 )
> > NS ns1.keiths-place.co.uk.
> > NS ns2.keiths-place.co.uk.
> > NS ns3.keiths-place.co.uk.
> > $ORIGIN 35.84.119.85.in-addr.arpa.
> > PTR keynesmail.com.
> > PTR www.keynesmail.com.
> > PTR mx10.keynesmail.com.
> > PTR webmail.keynesmail.com.
> > PTR aakanee.com.
> > PTR www.aakanee.com.
> > PTR leightonbuzzard.net.
> > PTR keiths.space.
> > PTR www.keiths.space.
> > PTR splog.keiths.space.
> > PTR ns1.keiths-place.co.uk.
> > PTR www.leightonbuzzard.net.
> > PTR newportpagnell.net.
> > PTR www.newportpagnell.net.
> > PTR mail.wingravegolf.co.uk.
> > PTR webmail.wingravegolf.co.uk.
> >
> > And the forward zone (keynesmail.com)
> > $ttl 38400
> > keynesmail.com. IN SOA ns3.keiths-place.co.uk.
> keithwilliamsnp.gmail.com. (
> > 2019120313
> > 10800
> > 3600
> > 604800
> > 38400 )
> > keynesmail.com. IN NS ns3.keiths-place.co.uk.
> > keynesmail.com. IN NS ns1.keiths-place.co.uk.
> > keynesmail.com. IN NS ns2.keiths-place.co.uk.
> >
> > keynesmail.com. IN A 85.119.84.35
> > www.keynesmail.com. IN A 85.119.84.35
> > webmail.keynesmail.com. IN A 85.119.84.35
> >
> > keynesmail.com. IN MX 10 keynesmail.com.
> > keynesmail.com. IN AAAA 2001:ba8:1f1:f309::2
> > www.keynesmail.com. IN AAAA 2001:ba8:1f1:f309::2
> > webmail.keynesmail.com. IN AAAA 2001:ba8:1f1:f309::2
> > adminmail.keynesmail.com. IN A 85.119.84.35
> > mx10.keynesmail.com. IN A 85.119.84.35
> > 35.84.119.85.in-addr.arpa. IN PTR mx10.keynesmail.com.
> > 35.84.119.85.in-addr.arpa. IN PTR keynesmail.com.
> > _dmarc.keynesmail.com. IN TXT "v=DMARC1; p=none;
> pct=90; adkim=r; aspf=s"
> >
> > The formatting seems to have gone haywire as I copied and pasted, there.
> >
> > I am totally stumped, IPv6 works just fine
> >
> > Keith
> >
> >
> >
> > On Tue, 12 Apr 2022 at 07:28, John Winters <john@???> wrote:
> > On 12/04/2022 01:12, Andy Smith wrote:
> > [snip]
> >> Note that it is not really important that the reverse and forward
> >> DNS records match anything that is in the email headers, just that
> >> they match *each other* (reverse DNS resolves to a host name that
> >> also resolves back to the same IP address).
> >
> > This used to be the case but I hit a problem the other day of an ISP who
> > insisted not only that they matched each other but that they also
> > matched the name given in the HELO part of the SMTP dialogue.
> >
> > This was a new requirement from that ISP which caused email to bounce.
> > A nuisance when you have several logical mail servers behind a single
> > IPv4 address.
> >
> > So much easier with ISPs who are up to date and use IPv6.
> >
> > John
> >
>
> --
> Best wishes,
> @ndy
>
> --
> andyjpb@???
> http://www.ashurst.eu.org/
> 0x7EBA75FF
>
> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users
>
