DNS server: PTR record?

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › DNS server: PTR record?

bcraig

14 posts

Geek

#199154 6-Aug-2016 16:33

Anyone here handy with DNS server installs?

I have a Synology Diskstation setup with a mail server and I have my domain hosted Domains4Less and pointing to my static IP provided by my ISP. Mail works ok but I need to create a PTR record to prevent my mail going to other peoples spam boxes. My ISP don't want to know about it. Domains4Less support have no idea what they are doing and there is a massive language barrier with their support being Indian based.. So I have decided to setup my own DNS server so I can create my own A,MX,PTR records etc. I've tried a few guides but nothing I do can get the PTR record to work.

Lets say my domain name is mydomain.nz and my static IP is: 100.20.10.1

In my domain control panel with Domains4Less I have enter 2 nameservers (ns1.mydomain.nz -> 100.20.10.1, ns2.mydomain.nz -> 100.20.10.1).
I have installed synology DNS server on my Diskstation.
In my Diskstation I have created a Master zone: Forward Zone, Domain name: mydomain.nz, Master DNS Server:192.168.1.2 (Diskstation local IP).
- For the Forward zone I have created two NS records: ns1.mydomain.nz -> 100.20.10.1, ns2.mydomain.nz -> 100.20.10.1
- And 1 A record: mydomain.nz -> 100.20.10.1

I have created a second Master zone: Reverse Zone, Domain name: 10.20.100.in-addr.arpa.
- For the Reverse zone I have created a PTR record: 1.10.20.100.in-addr.arpa -> mydomain.nz

When I use http://mxtoolbox.com/NetworkTools.aspx to check the PTR it says no PTR record exists. Can someone please steer me in the right direction?

1 | 2

1649 posts

Uber Geek

ID Verified

#1605542 6-Aug-2016 16:55

If I recall the PTR record is done by your ISP.

I dont think you can set up a PTR record yourself.

Depending on your ISP some charge for it, some dont.

John

I know enough to be dangerous

bcraig

14 posts

Geek

#1605545 6-Aug-2016 16:58

Yea BigPipe won't do it for me. Other ISP's said they will do it for $20 per month.. For that price I may as well just buy email hosting. That's why I'm setting up my own DNS server so I can manage my own records.

SATTV

1649 posts

Uber Geek

ID Verified

#1605555 6-Aug-2016 17:25

I wonder if there is a port you need to open for the DNS.

I just googled and it said to open port 53 tcp & UDP

John

PS now I am feeling a bit dumb as this must already be open as MXtoolbox can see the other records.

I know enough to be dangerous

freitasm

BDFL - Memuneh
79323 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1605556 6-Aug-2016 17:26

I would not really believe an ISP would create PTR records. A PTR record points a name from an IP address (the inverse of an A record). I don't see an ISP doing it, really. If one says they do then I'd believe after it's done - most likely the person in the front end doesn't even know what it is.

michaelmurfy

meow
13275 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#1605559 6-Aug-2016 17:29

Don't host a mail server on your home connection, there is no point anymore and also security etc is also something you need to consider. Furthermore, there is no need to host your own DNS server either. Here is what I recommend:

1) Switch away from domains4less - they're awful. Instead, https://metaname.net is what you're wanting.
2) Go sign up with Linode (if you use this link I'll get a small kickback which helps). I've been using their services since 2009 and they're fantastic.

By moving a mail server to a dedicated host (like a VPS) you have full power over RDNS (there is a simple button in their control panel to set it). Also, by following one of their guides: https://www.linode.com/docs/email/ you'll have a mail server set up in no time.

Now, if Linux is not your strong point this is a good, cheap and safe way to learn.

Otherwise, leave your mail hosting to the professionals. Google Apps is only $5/mo and Zoho Mail is free. There are other services cheaper (like Fastmail) however have never tried them but have heard they're good.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

freitasm

BDFL - Memuneh
79323 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1605561 6-Aug-2016 17:31

Why bother running your mailserver (even if on Linode) if you can a mail server for free for a single domain with Zoho Mail?

michaelmurfy

meow
13275 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#1605563 6-Aug-2016 17:33

freitasm:

Why bother running your mailserver (even if on Linode) if you can a mail server for free for a single domain with Zoho Mail?

Yes this was the final point of my post but some people like to tinker as I've found out hence the reason for hosting a mail server. Or have privacy concerns and thus don't want to use a hosted service.

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

freitasm

BDFL - Memuneh
79323 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1605564 6-Aug-2016 17:35

Back to the point:

Only your ISP (as the owner of the IP address) can create and update a PTR record
Not all ISPs will create PTR and I don't even believe any will do
Use a third party email service for your sanity and security
Thoroughly recommend Metaname

chevrolux

4962 posts

Uber Geek
Inactive user

#1605570 6-Aug-2016 17:57

I wouldn't have thought an ISP would do PTR records for residential connections.

But any ISP offering business connections should be able to do a PTR record for you.

LennonNZ

2459 posts

Uber Geek

ID Verified

Trusted

#1605571 6-Aug-2016 17:58

If your ISP's policy not to do this then accept it. They may not have the process/automation or even knowledge to do this.

Saying that.....

Only your ISP can do this (As they supply the IP Address) and can in theory take 1-2 mins to do by hand or less if they have Automation.

Depending on the method they use for Delegation (which is usually CNAME delegation of subnets) you have set it up wrong. (You ISP will tell you what they need you do to)

An example of a method would be at: http://www.zytrax.com/books/dns/ch9/reverse.html

I have done this exact thing at many ISP's in the past for people who want Reverse DNS delegated to them,

ArcticSilver

729 posts

Ultimate Geek

#1605573 6-Aug-2016 18:02

freitasm:

Back to the point:

Only your ISP (as the owner of the IP address) can create and update a PTR record
Not all ISPs will create PTR and I don't even believe any will do
Use a third party email service for your sanity and security
Thoroughly recommend Metaname

To correct a few points above:

Quite a few ISP's WILL allow you to set a PTR record, you just need to ask them if thats a option before you sign up.
In house email has some great benefits (despite what is said here), mainly being that is under your complete control.

As it has been said above, you cannot set the PTR record yourself, even with your own DNS server, this must be done by your ISP.

freitasm

BDFL - Memuneh
79323 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#1605574 6-Aug-2016 18:05

ArcticSilver:

freitasm:

Back to the point:

Only your ISP (as the owner of the IP address) can create and update a PTR record
Not all ISPs will create PTR and I don't even believe any will do
Use a third party email service for your sanity and security
Thoroughly recommend Metaname

To correct a few points above:

Quite a few ISP's WILL allow you to set a PTR record, you just need to ask them if thats a option before you sign up.
In house email has some great benefits (despite what is said here), mainly being that is under your complete control.
As it has been said above, you cannot set the PTR record yourself, even with your own DNS server, this must be done by your ISP.

If you know what you are doing. Running a DNS and email server without proper security and audit in place is a great way to 1) be a spammer relay server and 2) be a DDoS DNS amplification bot node.

Granted I don't know OP's exact knowledge in security but if no consideration is given to these points then better not to go down that path.

raytaylor

4017 posts

Uber Geek

Trusted

#1605682 6-Aug-2016 22:38

Almost all ISPs will create a reverse PTR record by default.

Eg. if you go to http://mxtoolbox.com/ReverseLookup.aspx and put in your public ip address, it should point to something like xxx-xxx-xxx-xxx.customers.yourisp.com

Many websites run analytical software that massively slows down web surfing if there is no reverse dns address for them to log. So by default you should at least have one reverse dns address set up.

However some email systems give you a better spam score if your reverse dns server matches the same address of your email server so instead of saying xxx-xxx-xxx-xxx.customers.yourisp.com it should say smtp.yourdomain.com which is the tricky part.

Most ISPs wont change your PTR record from the default that they use.

It isnt super important and doesnt play very much of a role in antispam protection - your SPF record on your own domain is much more important. This is where you specify the ip addresses of smtp servers that can be a source of email for your domain.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

LennonNZ

2459 posts

Uber Geek

ID Verified

Trusted

#1605709 6-Aug-2016 23:45

There are 2 ways of doing it. Either the ISP sets the x.x.x.x.in-addr.arpa. PTR example.com. on their name server. This is what 99% of ISP's would do.

Or they do the reverse delegation which they would delegate via a CNAME to your DNS Server. (as my previous message). This is done when a customer has a /29 for example. They can delegate the entire range of IP addresses to the customer but with a /32 (single address) the first method is normally done. (But second method is possible)

The 1st method is the easiest for the ISP but if you want get it changed its harder for you. The second method is harder but it would mean you have the control and can change it at any time.

If your ISP says no then all you can do is move to an ISP who will say yes.

dimsim

848 posts

Ultimate Geek

Trusted

Lifetime subscriber

#1605713 6-Aug-2016 23:54

I've never had any issue having ISP's create rDNS for mail servers I've setup.

Telecom/Maxnet/Unleash and quite a few other smaller ones.

Have the rDNS record created for you and make sure it matches the SMTP banner on your server.
Create and test an SPF record for your domain.

Explore DKIM if you have any issues after that.

1 | 2