Subject: Re: INEXPENSIVE way to get reverse DNS records
To: Henry Nelson <netb@yuba.ne.jp>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: netbsd-users
Date: 11/13/2006 22:59:26
On Tue, 14 Nov 2006 11:48:32 +0900, Henry Nelson <netb@yuba.ne.jp> wrote:

> On Mon, Nov 13, 2006 at 04:58:22PM -0800, Chuck Swiger wrote:
> > less than a /24 subnet (aka a "class-C" netblock).  Still, most ISPs  
> > will set up a static PTR record for clients who are paying for a  
> > static IP; typically the pricing for this runs anywhere from $2 to $6  
> > per month per IP.  $25 per month is outrageous; but if you aren't  
> > willing to change ISPs, either you pay for the service and get  
> 
> Okay, trying again to get them to "set up a static PTR record"  seems
> to be my best (if not only) option.  Thanks for giving me the correct
> wording for what I want to ask for.  It may help.
> 
Is your problem that there is no PTR record or that it points to their
generic host name for your address?  If there is one, you can probably
configure around the problem.

First -- and probably unpleasant -- set your hostname to whatever hostname
the PTR record has.  Second, change your forward DNS entry to be a CNAME
pointing to it.  If I read your email headers correctly, your IP address
is 219.75.254.150, which does have a PTR record that names
219-75-254-150.eonet.ne.jp.  Fine -- that's the official name of your
host.  yuba.ne.jp is then a CNAME pointing to 219-75-254-150.eonet.ne.jp.
Finally, configure your mailer to make your From: line refer to yuba.ne.jp.

Alternatively, you may be able to persuade your mailer to emit
219-75-254-150.eonet.ne.jp. in its HELO line.  This would be consistent
with the PTR record, so all will be well.  I have no idea how to do that.

Last, if your religion believes in SPF records (mine doesn't; it
classifies SPF records as sinful), create one that lists
219-75-254-150.eonet.ne.jp. as an authorized sender for yuba.ne.jp.

You may still have trouble with hosts that think that a generic IP address
like that can't be legit.  Not much I can do about that, I fear.


		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb