Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


14 posts

Geek


Topic # 199154 6-Aug-2016 16:33
Send private message

Anyone here handy with DNS server installs?

 

 

 

I have a Synology Diskstation setup with a mail server and I have my domain hosted Domains4Less and pointing to my static IP provided by my ISP. Mail works ok but I need to create a PTR record to prevent my mail going to other peoples spam boxes. My ISP don't want to know about it. Domains4Less support have no idea what they are doing and there is a massive language barrier with their support being Indian based.. So I have decided to setup my own DNS server so I can create my own A,MX,PTR records etc. I've tried a few guides but nothing I do can get the PTR record to work. 

 

 

 

Lets say my domain name is mydomain.nz and my static IP is: 100.20.10.1

 

 

 

  • In my domain control panel with Domains4Less I have enter 2 nameservers (ns1.mydomain.nz -> 100.20.10.1, ns2.mydomain.nz -> 100.20.10.1).
  • I have installed synology DNS server on my Diskstation.
  • In my Diskstation I have created a Master zone: Forward Zone, Domain name: mydomain.nz, Master DNS Server:192.168.1.2 (Diskstation local IP).

     

    • For the Forward zone I have created two NS records: ns1.mydomain.nz -> 100.20.10.1, ns2.mydomain.nz -> 100.20.10.1
    • And 1 A record: mydomain.nz -> 100.20.10.1

 

 

  • I have created a second Master zone: Reverse Zone, Domain name: 10.20.100.in-addr.arpa.

     

    • For the Reverse zone I have created a PTR record: 1.10.20.100.in-addr.arpa -> mydomain.nz

When I use http://mxtoolbox.com/NetworkTools.aspx to check the PTR it says no PTR record exists. Can someone please steer me in the right direction?


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
711 posts

Ultimate Geek
+1 received by user: 195


  Reply # 1605542 6-Aug-2016 16:55
One person supports this post
Send private message

If I recall the PTR record is done by your ISP.

 

I dont think you can set up a PTR record yourself.

 

Depending on your ISP some charge for it, some dont.

 

John





I know enough to be dangerous




14 posts

Geek


  Reply # 1605545 6-Aug-2016 16:58
Send private message

Yea BigPipe won't do it for me. Other ISP's said they will do it for $20 per month.. For that price I may as well just buy email hosting. That's why I'm setting up my own DNS server so I can manage my own records.

711 posts

Ultimate Geek
+1 received by user: 195


  Reply # 1605555 6-Aug-2016 17:25
Send private message

I wonder if there is a port you need to open for the DNS.

 

I just googled and it said to open port 53 tcp & UDP

 

John

 

PS now I am feeling a bit dumb as this must already be open as MXtoolbox can see the other records.





I know enough to be dangerous


BDFL - Memuneh
61163 posts

Uber Geek
+1 received by user: 11942

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1605556 6-Aug-2016 17:26
Send private message

I would not really believe an ISP would create PTR records. A PTR record points a name from an IP address (the inverse of an A record). I don't see an ISP doing it, really. If one says they do then I'd believe after it's done - most likely the person in the front end doesn't even know what it is.





Meow
7774 posts

Uber Geek
+1 received by user: 3832

Moderator
Trusted
Lifetime subscriber

  Reply # 1605559 6-Aug-2016 17:29
2 people support this post
Send private message

Don't host a mail server on your home connection, there is no point anymore and also security etc is also something you need to consider. Furthermore, there is no need to host your own DNS server either. Here is what I recommend:

 

1) Switch away from domains4less - they're awful. Instead, https://metaname.net is what you're wanting.
2) Go sign up with Linode (if you use this link I'll get a small kickback which helps). I've been using their services since 2009 and they're fantastic.

 

By moving a mail server to a dedicated host (like a VPS) you have full power over RDNS (there is a simple button in their control panel to set it). Also, by following one of their guides: https://www.linode.com/docs/email/ you'll have a mail server set up in no time.

 

Now, if Linux is not your strong point this is a good, cheap and safe way to learn.

 

Otherwise, leave your mail hosting to the professionals. Google Apps is only $5/mo and Zoho Mail is free. There are other services cheaper (like Fastmail) however have never tried them but have heard they're good.





BDFL - Memuneh
61163 posts

Uber Geek
+1 received by user: 11942

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1605561 6-Aug-2016 17:31
Send private message
Meow
7774 posts

Uber Geek
+1 received by user: 3832

Moderator
Trusted
Lifetime subscriber

  Reply # 1605563 6-Aug-2016 17:33
Send private message

freitasm:

 

Why bother running your mailserver (even if on Linode) if you can a mail server for free for a single domain with Zoho Mail?

 

 

Yes this was the final point of my post but some people like to tinker as I've found out hence the reason for hosting a mail server. Or have privacy concerns and thus don't want to use a hosted service.





BDFL - Memuneh
61163 posts

Uber Geek
+1 received by user: 11942

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1605564 6-Aug-2016 17:35
One person supports this post
Send private message

Back to the point:

 

  • Only your ISP (as the owner of the IP address) can create and update a PTR record
  • Not all ISPs will create PTR and I don't even believe any will do
  • Use a third party email service for your sanity and security
  • Thoroughly recommend Metaname

 





3558 posts

Uber Geek
+1 received by user: 1304

Subscriber

  Reply # 1605570 6-Aug-2016 17:57
One person supports this post
Send private message

I wouldn't have thought an ISP would do PTR records for residential connections.

 

But any ISP offering business connections should be able to do a PTR record for you.


2355 posts

Uber Geek
+1 received by user: 374

Trusted

  Reply # 1605571 6-Aug-2016 17:58
One person supports this post
Send private message

If your ISP's policy not to do this then accept it. They may not have the process/automation or even knowledge to do this.

 

Saying that.....

 

Only your ISP can do this (As they supply the IP Address) and can in theory take 1-2 mins to do by hand or less if they have Automation.

 

Depending on the method they use for Delegation (which is usually CNAME delegation of subnets) you have set it up wrong. (You ISP will tell you what they need you do to)

 

An example of a method would be at: http://www.zytrax.com/books/dns/ch9/reverse.html

 

I have done this exact thing at many ISP's in the past for people who want Reverse DNS delegated to them,

 

 

 

 

 

 


673 posts

Ultimate Geek
+1 received by user: 112


  Reply # 1605573 6-Aug-2016 18:02
Send private message

freitasm:

 

Back to the point:

 

  • Only your ISP (as the owner of the IP address) can create and update a PTR record
  • Not all ISPs will create PTR and I don't even believe any will do
  • Use a third party email service for your sanity and security
  • Thoroughly recommend Metaname

 

 

To correct a few points above:

 

  • Quite a few ISP's WILL allow you to set a PTR record, you just need to ask them if thats a option before you sign up.
  • In house email has some great benefits (despite what is said here), mainly being that is under your complete control.

As it has been said above, you cannot set the PTR record yourself, even with your own DNS server, this must be done by your ISP.


BDFL - Memuneh
61163 posts

Uber Geek
+1 received by user: 11942

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1605574 6-Aug-2016 18:05
One person supports this post
Send private message

ArcticSilver:

 

freitasm:

 

Back to the point:

 

  • Only your ISP (as the owner of the IP address) can create and update a PTR record
  • Not all ISPs will create PTR and I don't even believe any will do
  • Use a third party email service for your sanity and security
  • Thoroughly recommend Metaname

 

 

To correct a few points above:

 

  • Quite a few ISP's WILL allow you to set a PTR record, you just need to ask them if thats a option before you sign up.
  • In house email has some great benefits (despite what is said here), mainly being that is under your complete control.

As it has been said above, you cannot set the PTR record yourself, even with your own DNS server, this must be done by your ISP.

 

 

If you know what you are doing. Running a DNS and email server without proper security and audit in place is a great way to 1) be a spammer relay server and 2) be a DDoS DNS amplification bot node.

 

Granted I don't know OP's exact knowledge in security but if no consideration is given to these points then better not to go down that path.





3224 posts

Uber Geek
+1 received by user: 624

Trusted

  Reply # 1605682 6-Aug-2016 22:38
Send private message

Almost all ISPs will create a reverse PTR record by default.

 

Eg. if you go to http://mxtoolbox.com/ReverseLookup.aspx and put in your public ip address, it should point to something like xxx-xxx-xxx-xxx.customers.yourisp.com

 

Many websites run analytical software that massively slows down web surfing if there is no reverse dns address for them to log. So by default you should at least have one reverse dns address set up.

 

However some email systems give you a better spam score if your reverse dns server matches the same address of your email server so instead of saying xxx-xxx-xxx-xxx.customers.yourisp.com it should say smtp.yourdomain.com which is the tricky part.

 

Most ISPs wont change your PTR record from the default that they use.

 

It isnt super important and doesnt play very much of a role in antispam protection - your SPF record on your own domain is much more important. This is where you specify the ip addresses of smtp servers that can be a source of email for your domain.





Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




2355 posts

Uber Geek
+1 received by user: 374

Trusted

  Reply # 1605709 6-Aug-2016 23:45
Send private message

There are 2 ways of doing it. Either the ISP sets the x.x.x.x.in-addr.arpa. PTR example.com. on their name server. This is what 99% of ISP's would do.

 

Or they do the reverse delegation which they would delegate via a CNAME to your DNS Server. (as my previous message). This is done when a customer has a /29 for example. They can delegate the entire range of IP addresses to the customer but with a /32 (single address) the first method is normally done. (But second method is possible)

 

The 1st method is the easiest for the ISP but if you want get it changed its harder for you. The second method is harder but it would mean you have the control and can change it at any time.

 

If your ISP says no then all you can do is move to an ISP who will say yes.

 

 

 

 


534 posts

Ultimate Geek
+1 received by user: 42

Trusted
Lifetime subscriber

  Reply # 1605713 6-Aug-2016 23:54
Send private message

I've never had any issue having ISP's create rDNS for mail servers I've setup.

 

Telecom/Maxnet/Unleash and quite a few other smaller ones. 

 

  • Have the rDNS record created for you and make sure it matches the SMTP banner on your server.
  • Create and test an SPF record for your domain. 

Explore DKIM if you have any issues after that.

 

 

 

 


 1 | 2
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.