[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reverse DNS RFCs and Recommendations



On Wed, Oct 30, 2013 at 12:12 PM, Nolan Rollo <nrollo at kw-corp.com> wrote:
> RFC draft-msullivan-dnsop-generic-naming-schemes-00.txt states:
> When using IP addresses in host names, their numbers SHOULD be
>    separated by '.'s (dots) rather than any meta character such as a '-'
>    (dash) and expressed in decimal.  Host names SHOULD NOT use the '_'
>    (underscore) character, host names for hosts with any form of SMTP
>    mail service MUST NOT use the '_' (underscore) character.  It is
>    preferable to use the IP address in reverse format in the same way
>    the the IN-ADDR.ARPA. domain is defined.

Hi Nolan,

Although no longer strictly required by the DNS RFCs, names which
follow these conventions are more likely to work with everyone else's
DNS servers.

1. Use only English alphabetic characters (a-z, A-Z), numeric
characters (0-9), the hyphen and the period.

2. The periods separate non-null sections of the name. You can't start
a name with a period or have two periods side by side.

3. Start each section of the name with a letter, not a number or hyphen.

4. Two hyphens can't be side by side, nor can a hyphen start or end a
section of the name.


Finally, the cardinal rule of reverse dns: whatever name the address
resolves to must resolve back to the address. If you don't do that,
you're basically asking for a whole bunch of servers on the Internet
to reject your connections.  So:

13.12.11.10.in-addr.arpa PTR bob.examplecompany.com.
bob.examplecompany.com. A 10.11.12.15

is wrong (13!=15) and will cause your users problems! Also, if you
omit the A record and simply have the PTR record, that too will cause
your users problems. If you omit the A record, you should also omit
the PTR record and let the address stand without DNS.


> Actual Examples:
> cpe-67-XX-XX-XX.stny.res.rr.com - 67.XX.XX.XX
> d28-XX-XX-XX.dim.wideopenwest.com - 28.XX.XX.XX
> c-68-XX-XX-XX.hsd1.mi.comcast.net - 68.XX.XX.XX
> 24-XX-XX-XX.static.bycy.mi.charter.com - 24.XX.XX.XX

All of these examples are fine provided the forward DNS (A record) matches.



> Which finally brings me to my questions:
> It seems like the unspoken de facto that mail admins appreciate
> given the IP 203.0.113.15 is
> "203-0-113-15.[type].[static/dynamic].yourdomain.tld". This
> seems perfectly acceptable, it's short, detailed and to the
> point. Is there really anything bad about this?

This is mainly for the benefit of the folks who run RBLs or other mail
reputation services. They use this information when classifying the
source and grouping sources into netblocks. If you take the time to
distinguish your intended mail servers from your dialup address pool
they'll try not to include your mail server when they ban mail
directly from your dialup address pool.

It's more a human factors question than supporting any automation.
You're hoping that by explaining your network to the antispammers
they'll cut you some slack when one of your doofus users gets pwned by
a spam bot. Many will. Some won't.


> What, if any would you name a network, gateway, broadcast address?
> Should the PTR be empty?

Pretty much whatever you want or nothing at all. If it doesn't
originate packets then nobody out there cares what it's named.

Regards,
Bill Herrin




-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004