Re: [qmailtoaster] reverse dns
Jean-Paul van de Plasse wrote: really, also quote the rest next time :) While most rDNS entries only have one PTR record, it is perfectly legal to have many different PTR records[1]. For example, if a webserver supports many virtual hosts, there can be one PTR record for each host and some versions of name server software will automatically add a PTR record for each host. Multiple PTR records can cause a couple of problems, including triggering bugs in programs that only expect there to ever be a single PTR record and, in the case of a large webserver, having hundreds of PTR records can cause the DNS packets to be much larger than normal. Perfectly legal, and can cause a couple of problems .. (jk) Anyways, You are mixing up 2 things.. Yes and no. Yes in the sense that a provider should be able to do classless (this is so I won't have to call them everytime I want to change my dns, not that this will be donw that often, just don't want to mess with the bureacracy and want to maintain dns in my own maintenance window, not theirs). This is my maintenance issue. The rfc2317 is part of the overall solution, i.e. put inplace those compliances that let my mail server react with other mail servers, so I can minimize my mail problems (i.e. be proactive in playing in the overall sandbox), for any mail customers I have. The truth of the matter is, you are right, most do not do this, but with MS's self image of being the sole motivator of innovation, one can probably expect anomalies such as this appear off and on, so whether or not I agree with that is beside the point, if I want to play in that sandbox (personally I don't care, but my customers do), I have to have in place the pieces that accomodate this interaction. Unless I wait until it happens again and have 8 godzillian complaints because they cannot send to hotmail, complaints are bad, especially if you can prevent them. In order to implement the rfc2317 part, one has to be able to control their own dns, especially the reverse delegation. One can easily control their forward delegation, it's the reverse that is the trick, unless you yourself control say an entire class C. If you do not it is (for what I want to do) imperative the provider accomodates classless delegation, some you can control your own dns segment. The main solution everyone describes works fine for me also, it is working right now. But server farms and large volume mail servers attract crap mail, users that want to send all kinds of mass mail (I am also aware that qmail can control this also, have utilized it), which causes receivers of this unwanted crap mail to tag it as spam in the receiving ends spam methodology. This is a whole other subject. I am a lazy administrator/programmer, if I know a user can (and will) produce a particular anomaly before they do it, I want to be pro-active to circumvent that problem prior to it happening, I would rather do work up front and be prepared, than wait until I encounter the problem again, i.e. if you know you have a high probablility of having a fire, it is better you have the extinguishers on hand before you open your doors In summary, my original inquiry was about classless delegation, and if anyone using qmail in a similar colocation situation uses it, in my neck of the woods, even though they say they can do it, the reality is they tell you can just to make the sale, and then try to re-negoitate it after the fact. I have to have this in order to do the other, unless I put in requests and run the gaunlet every time I want a dns update (I do not need my provider to manage my segment). I am looking into how common classless delegation is and if it is reasonable to ask a provider to do it. It appears in this neck of the woods, they know very little about it (in most cases, they want you to believe otherwise). I think probably I should take this to another forum, I am an avid qmail admin/user, and maybe combining these two issues here is occupying unnecessary bandwidth, because the same thing could effect other mail servers, not just qmail. I ask here, to see if anyone was running under similar circumstances. And if they have encountered the same problems obtaining classless delegation. I will still run qmail. * The issue in regards to this, is that several web server farms already let one manage their own dns, seems like I should be able to do it on a mail server (the implementation should be the same). Classless reverse (rfc 2317) has nothing todo with multimple ptr records.. And well if multiple ptr records help, I am intressted, but as far as my knowledge goes, the only test is if there is a ptr record at all.. JP - Original Message - From: Mark Samples [EMAIL PROTECTED] To:
Re: [qmailtoaster] reverse dns
Erik A. Espinoza wrote: Nah, Static IP's are better for mail servers. Especially when you take DomainKeys, spf, and other things into account that require knowing the source. Erik On 2/10/07, Vince Callaway [EMAIL PROTECTED] wrote: I'm running several servers on dynamic IP's. The reverse DNS is not important for those. Your upstream provider should be able to provide you with a mail server you can relay through. QT is setup to do that with no issues. As for DNS I use http://xpertdns.com It is $6.95 a year for 1 to 5 domains. They have a web interface that is simple to use and I control everything. Their nameservers are hosted in two different parts of the country. Something I feel is important. They also support dynamic IP. I personally feel that using static IPs is just bad policy. Sometime soon I will share with this group a disaster recorvery plan I'm working on for my clients. It outlines why hosting DNS yourself and static IPs are bad. I'd be interested to see this, Vince. While dynamic IPs do have their problems (rejection by RBLs that list dynamic addresses being a big one), SPF and DomainKeys aren't problems that I've experienced on a dynamic address. -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] reverse dns
What I do is request my colo provider to delegate rDNS for my little clump (2-8) of ips to my dns servers instead of theirs. They do this by the rfc2317 CNAMEing. Mark Samples wrote: Jean-Paul van de Plasse wrote: really, also quote the rest next time :) While most rDNS entries only have one PTR record, it is perfectly legal to have many different PTR records[1]. For example, if a webserver supports many virtual hosts, there can be one PTR record for each host and some versions of name server software will automatically add a PTR record for each host. Multiple PTR records can cause a couple of problems, including triggering bugs in programs that only expect there to ever be a single PTR record and, in the case of a large webserver, having hundreds of PTR records can cause the DNS packets to be much larger than normal. Perfectly legal, and can cause a couple of problems .. (jk) Anyways, You are mixing up 2 things.. Yes and no. Yes in the sense that a provider should be able to do classless (this is so I won't have to call them everytime I want to change my dns, not that this will be donw that often, just don't want to mess with the bureacracy and want to maintain dns in my own maintenance window, not theirs). This is my maintenance issue. The rfc2317 is part of the overall solution, i.e. put inplace those compliances that let my mail server react with other mail servers, so I can minimize my mail problems (i.e. be proactive in playing in the overall sandbox), for any mail customers I have. The truth of the matter is, you are right, most do not do this, but with MS's self image of being the sole motivator of innovation, one can probably expect anomalies such as this appear off and on, so whether or not I agree with that is beside the point, if I want to play in that sandbox (personally I don't care, but my customers do), I have to have in place the pieces that accomodate this interaction. Unless I wait until it happens again and have 8 godzillian complaints because they cannot send to hotmail, complaints are bad, especially if you can prevent them. In order to implement the rfc2317 part, one has to be able to control their own dns, especially the reverse delegation. One can easily control their forward delegation, it's the reverse that is the trick, unless you yourself control say an entire class C. If you do not it is (for what I want to do) imperative the provider accomodates classless delegation, some you can control your own dns segment. The main solution everyone describes works fine for me also, it is working right now. But server farms and large volume mail servers attract crap mail, users that want to send all kinds of mass mail (I am also aware that qmail can control this also, have utilized it), which causes receivers of this unwanted crap mail to tag it as spam in the receiving ends spam methodology. This is a whole other subject. I am a lazy administrator/programmer, if I know a user can (and will) produce a particular anomaly before they do it, I want to be pro-active to circumvent that problem prior to it happening, I would rather do work up front and be prepared, than wait until I encounter the problem again, i.e. if you know you have a high probablility of having a fire, it is better you have the extinguishers on hand before you open your doors In summary, my original inquiry was about classless delegation, and if anyone using qmail in a similar colocation situation uses it, in my neck of the woods, even though they say they can do it, the reality is they tell you can just to make the sale, and then try to re-negoitate it after the fact. I have to have this in order to do the other, unless I put in requests and run the gaunlet every time I want a dns update (I do not need my provider to manage my segment). I am looking into how common classless delegation is and if it is reasonable to ask a provider to do it. It appears in this neck of the woods, they know very little about it (in most cases, they want you to believe otherwise). I think probably I should take this to another forum, I am an avid qmail admin/user, and maybe combining these two issues here is occupying unnecessary bandwidth, because the same thing could effect other mail servers, not just qmail. I ask here, to see if anyone was running under similar circumstances. And if they have encountered the same problems obtaining classless delegation. I will still run qmail. * The issue in regards to this, is that several web server farms already let one manage their own dns, seems like I should be able to do it on a mail server (the implementation should be the same). Classless reverse (rfc 2317) has nothing todo with multimple ptr records.. And well if multiple ptr
Re: [qmailtoaster] DKIM Status failed
Vince, Thank You for giving clues in my problem. How to set My DNS to cahanget the vlaue of s=private, into public one ...?? to verify the public key status. Thank's David J. - Original Message - From: Vince Callaway [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Friday, February 09, 2007 10:57 PM Subject: Re: [qmailtoaster] DKIM Status failed On Fri, 2007-02-09 at 20:20 +0700, David J. wrote: Well if it has to be on private than it's fine, but how to make my DKIM status recognized ..?? I checked your dns and everything looks correct. I suggest visiting this site: http://senderid.espcoalition.org/ To test. It provides an address to test your mail. The use of the word private in domainkeys has caused some confusion. You are NOT publishing your private key. You are publishing a public key named private. Your mail signature contains a value of s=private. That tells the receiver to do a dns lookup for private._domainkey.m2-vision.net to get the public key to verify the signature. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Installation on Ubuntu
Hi all, The reason for me to choose Ubuntu instead of FC or CentOS is due to the hardware portion. I'm installing a RocketRaid 1520 Sata Raid Card, and the driver for FC and CentOS is making me frust, therefore Ubuntu came to my mind. But, glad to say that I manage to install the driver this few days, and FC6 was able to installed into the Sata Hard Disk. I love FC and CentOS, so, will be sticking with FC n CentOS too.. :) - Original Message From: Eric Shubes [EMAIL PROTECTED] To: qmailtoaster-list@qmailtoaster.com Sent: Saturday, February 10, 2007 11:37:05 PM Subject: Re: [qmailtoaster] Installation on Ubuntu Gabriel Lai wrote: Hi all, Have anyone tried installation on Ubuntu? I would like to use this distro for QT, as Centos nor FC works on my machine, due to hardware incompatibility. Please comments It'd be great if QT ran on an Ubuntu (or debian) server, but that hasn't been done yet, and to be honest, it's a fairly low priority at this point. Having to support a non-rpm based distro would simply tax the developers too much, and functional enhancements would suffer. That's not to say it couldn't be done though. I'd personally like to see this happen too. If someone were to just do it, I think the contribution would be welcomed. It would need to be done in an automated fashion though, using tools that would convert rpms to debs automatically. Such tools do exist, it's just that no one (TTBOMK) has applied them yet. In the meantime, I find it hard to believe that FC won't work on your machine if Ubuntu would. What's the problem with it? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Need a quick answer? Get one in minutes from people who know. Ask your question on www.Answers.yahoo.com