Hmm... that's not how I understood it to work (not that I'm a DNS expert...)
I thought reverse lookups worked their way down through the IP netblock
assignments, and it would be up to the entity that ;owns' your IP
address (i.e. your ISP) to resolve reverse lookups, or have some
mechanism to delegate to you (latter is rare, AFAIK). Usually an ISP
resolves it to some generated name like 12-34-56-78.static.ispname.com.
If your ISP isn't responding to reverse lookups for your IP address at
all, I'm pretty sure their configuration is broken, and it's not
something you'll be able to fix/work around. Are you sure it's not
resolving at all? looking at the full mail headers of your post, the
first IP address from the Received: lines does reverse-resolve (to
206-169-206-62.vtc.net.)
Now if you want your domain name to be returned instead of the ISP's,
that will require the co-operation of your ISP, either to change the
name returned in their records, or to delegate the request to you. Only
if it's delegated to you, do you need to worry about answering the query
using dnsmasq. I doubt your ISP would even consider delegating for less
than a small block of routeable IPs (and probably not even then).
Again, take this with a pinch of salt, since I'm no DNS expert. I'm sure
others will correct me if I'm off-base.
On a completely different tangent, you don't happen to have SPF records
defined for your domain, do you? that's a possible alternate cause of
the behavior you described.
Paul
Jason Wallace wrote:
Friends,
I am currently running dnsmasq for a small lan as a dhcp and dns server. I
recently switched upstream providers and my new provider seems unable to do the
reverse lookups for me. So, much of the email from my domain is getting
bounced because the reverse lookup doesn't succeed. I would like to set up
dnsmasq to answer reverse lookup requests, but I don't quite know how to begin.
Here's some info regarding my network:
1. The network is "NAT"ted, by the machine that runs dnsmasq.
2. Inside my lan, my domain, xxxx.com, resolves to a local machine (email
server), 10.1.1.2, for instance.
3. Outside my lan, dnsmasq would have to answer that the global IP, 5.6.7.8,
resolves to my domain name, xxxx.com.
4. Right now, my network does not answer DNS requests from outside.
5. My domain registrar is also doing the forward DNS on their name servers.
6. My upstream provider (ISP) is not the domain registrar.
All the details above are fabricated, of course.
Question 1: Will this even work? How can I tell if my NAT machine is even
receiving the reverse dns requests?
Question 2: Assuming that my machine is interrogated for reverse DNS, how do I
implement it in dnsmasq in a live environment minimizing downtime. Especially
regarding that the domain name resolves one way to my lan and another way (in
reverse) to the internet?
Jason Wallace
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
