Hyper vine getting out of DSL service

Gerald Combs gerald at ethereal.com
Wed Dec 24 22:30:17 CST 2003


Brian Kelsay wrote:
> —-------------Quote----------
> I know many of us don't like AOL, but as a part of spam protection many 
> places block DUL (D=Dialup and now DSL) Users. So be aware for outgoing 
> mail you may still have to use an intermediate server. Inaddition many 
> also use Reverse DNS...
> 
> 220-America Online (AOL) and its affiliated companies do not
> 220-     authorize the use of its proprietary computers and computer
> 220-     networks to accept, transmit, or distribute unsolicited bulk
> 220-     e-mail sent from the internet.  Effective immediately:  AOL
> 220-     may no longer accept connections from IP addresses which
> 220      have no reverse-DNS (PTR record) assigned.
> —--------------End Quote--------------------------
> 
> What if you use dyndns.org?  They do DNS for you on the subdomain system, e.g. 
brian.homelinux.net.  So would that be blocked?  If I send an email from 
someuser at someuser.homelinux.net, is that blocked?

DynDNS probably won't help in this case.  According to the error
message, AOL isn't refusing the mail because the address is listed in
the DUL.  They're refusing it because there's no PTR (reverse DNS)
record for the address.  Although anyone can register a "regular" domain
and assign SOA, NS, A, CNAME, and other records for that domain, reverse
DNS is controlled by each address block owner.

For instance, my RR address is currently in the 65.26.108/23 range.
Looking up the SOA (Start of Authority) for that block gives me:

bam:/home/gerald> host -t soa 108.26.65.in-addr.arpa
108.26.65.in-addr.arpa SOA dns-pri-01.rdc-kc.rr.com. RRAdm.kc.rr.com.
2003061601 3600 900 864000 10800

bam:/home/gerald> host -t ns 108.26.65.in-addr.arpa
108.26.65.in-addr.arpa name server dns-sec-01.rdc-kc.rr.com.
108.26.65.in-addr.arpa name server dns-pri-01.rdc-kc.rr.com.

That is, dns-{pri|sec}-01.rdc-kc.rr.com determine what name my IP
address resolves to.  I can register as many domains as I like and set
them up on dyndns.org, but my reverse entry is always going to be what
TWC says it is.  Many (most?) ISPs have been lazy in this regard so far,
and haven't been diligent about setting up reverse DNS for all of their
access addresses.  I'm not sure why this is; creating the addresses can
usually be done in a few seconds with an "awk" one-liner.

The solution here is to contact the provider and ask them why reverse
DNS hasn't been set up for the mail server.  If the address also happens
to be listed in the DUL, then that's another problem that has to be
addressed.




More information about the Kclug mailing list