netbsd-users: Re: INEXPENSIVE way to get reverse DNS records

Subject: Re: INEXPENSIVE way to get reverse DNS records
To: Henry Nelson <netb@yuba.ne.jp>
From: Chuck Swiger <cswiger@mac.com>
List: netbsd-users
Date: 11/13/2006 16:58:22

On Nov 13, 2006, at 4:41 PM, Henry Nelson wrote:
> Here comes the question.  Presently I use the _free_ DNS service of
> the people who do my domain registration (which, btw, is MUCH less
> than the annual cost of registering through my ISP).  With this  
> service
> you write your own zone files to upload.  There is no way to upload
> the reverse DNS files, whatever you call them (in-arpa files?).
>
> So does anyone know of a way to get around this without going broke?
> (No, the ISP will not change the reverse record on their name servers
> unless you contract to use their expensive DNS service.  And, no,  
> changing
> ISPs is not an option, either.)

Basically, the ISP is allocated a netblock range, and is responsible  
for maintaining reverse DNS for their address space.

They can delegate subranges of their address space to their user's  
nameservers, although typically most ISPs will not do so for anything  
less than a /24 subnet (aka a "class-C" netblock).  Still, most ISPs  
will set up a static PTR record for clients who are paying for a  
static IP; typically the pricing for this runs anywhere from $2 to $6  
per month per IP.  $25 per month is outrageous; but if you aren't  
willing to change ISPs, either you pay for the service and get  
reverse DNS as you wish, or you don't, and live without.

Normally, any competent ISP would provide a properly configured SMTP  
relay for both their dynamic-IP clients and for clients using static  
IPs.  Your explanation here of their reasons:

> The new provider uses pppoe, and people with fixed IPs are not allowed
> to use their mail servers, even though we pay ca. $40/mo. for the  
> fixed
> IP.  It's reasonable, actually, because we are not on their  
> internal VLAN,
> and they would have to make holes for us to get through.

... makes no sense.  Whether they use VLANs or not has nothing to do  
with permitting SMTP relaying for known static-IP netblocks which  
belong to them.  At the very least, they should provide a mechanism  
for you to do SMTP AUTH to relay via their mailserver.

You might want to contact your Regional Internet Registry (presumably  
APNIC.net?) about this ISP and complain about the situation.

-- 
-Chuck