[clue-admin] Fw: Re: Mail from cluedenver.org bounced as Zombie
Jed S. Baer
cluemail at jbaer.cotse.net
Thu Oct 25 17:36:44 MDT 2007
Well, I don't understand it, but maybe someone does. :)
jed
Begin forwarded message:
Date: Thu, 25 Oct 2007 03:51:34 -0400
From: Cotse Helpdesk <helpdesk at cotse.net>
To: "Jed S. Baer" <jed at jbaer.cotse.net>, helpdesk at cotse.net
Subject: Re: Mail from cluedenver.org bounced as Zombie
What we are seeing is this, which is probably what helped trip the
zombie block (it takes many connections at once along with other "tells"):
dig -x 64.79.210.234
; <<>> DiG 9.3.4-P1 <<>> -x 64.79.210.234
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20809
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;234.210.79.64.in-addr.arpa. IN PTR
;; ANSWER SECTION:
234.210.79.64.in-addr.arpa. 205
IN PTR cluedenver.org.210.79.64.in-addr.arpa.
;; AUTHORITY SECTION:
210.79.64.in-addr.arpa. 205 IN NS ns4.dnscloud.com.
210.79.64.in-addr.arpa. 205 IN NS ns3.dnscloud.com.
;; ADDITIONAL SECTION:
ns3.dnscloud.com. 34164 IN A 66.249.3.10
ns4.dnscloud.com. 34164 IN A 66.249.3.11
You probably want the PTR to be just cluedenver.org instead of
cluedenver.org.210.79.64.in-addr.arpa. The latter makes it look
someone tried a classless CNAME delegation but used a PTR instead
(ie. looks slightly misconfigured in that it looks like the rdns
lookup isn't complete). It doesn't matter anymore with us because by
clicking the link you have whitelisted that server with us, but you
may want to be aware of it as it may (or may not) cause you issues
with other mail servers.
FYI:
A classless CNAME delegation looks something like this:
58.42.112.216.in-addr.arpa. 971
IN CNAME 58.56/29.42.112.216.in-addr.arpa.
58.56/29.42.112.216.in-addr.arpa. 86400 IN PTR mailhost.cotse.com.
A straight PTR looks something like this:
44.118.90.66.in-addr.arpa. 20458 IN PTR tusk.cotse.net.
/steve
More information about the clue-admin
mailing list