rDNS ?? Hard to set up? Should it be standard?

Portal Home > Knowledgebase > Articles Database > rDNS ?? Hard to set up? Should it be standard?

Posted by DR4296, 07-31-2003, 01:44 PM
Greetings All! I'm a reseller who's currently hosting all of his accounts with a company whom I learned about via this forum almost exactly one year ago. (Thanks much for the advice, everyone!) Now, on about July 14th, I suddenly discovered that ALL of my hosted domains (my accounts and my customers' accounts) started having any and all emails addressed to AOL customers bounce back! My provider said that AOL wanted "rDNS" set up on the server I'm set up on. Now, why this suddenly started happening on the 14th, I'm not sure. I theorized that perhaps AOL's been tightening their email restrictions in response to the increasing flood of SPAM (what with all the stories lately in the news about it). Now, I really was too busy to dig into "just what is rDNS" when the problem came up. And I figured the problem would be solved within a few days. But it's now been TWO WEEKS and the problem is not solved yet. And I'm starting to wonder where the breakdown is. My provider said for the first week that they were waiting on their datacenter folks to set it up; after that, they said it was set up, but AOL is dragging it's feet on taking us off of their blacklist.... which is pretty easy to believe. But now I suspect that rDNS really ISN'T set up for my account or my customers' accounts. What I don't understand is: For a virtual host, shouldn't "rDNS" be set up for all accounts as a standard part of the environment? It seems to me that this technology offers "proof" to a mail server that an IP address is who they say they are. And if you're giving each one of your customers a separate IP, it makes sense that you'd enable rDNS for them as well. My understanding is that the value of a unique IP address for a virtually-hosted customer is that if one person SPAMS a search engine, the rest of the folks on the box won't get the blame. Given that thinking, wouldn't you want to set up "rDNS" for all of your customers so that if one person sends email SPAM, then the rest of the folks won't get black-listed because of it? Also, just how difficult is this to set up ? How many minutes per IP address on the box should it take ? My understanding is that all email on our box may be going outbound from one of several hundred domains... but since we don't have a dedicated mail server, it actually appears as if our email is coming from ONE IP address? This is apparently what rDNS is suppossed to solve? Am I grasping all of this correctly? If I am, then I'm thinking I should be able to use an rDNS tool like the one at http://www.dnsstuff.com to verify what my provider is telling me.... that all my accounts and my customers' accounts have rDNS enabled ?? I'm just trying to figure out if my expectations are too high here... or if the level of service I'm getting is too low. And I'd really like to figure out if I'm being told the truth. Although I've provided my customers with work-arounds, they are really, really starting to complain. And lately, my pleadings only get me further messages saying "We're waiting on AOL." I've had great service from this provider for the first six months I was with them. But these last few months their service has been less consistent. Thanks! -= Dave =-
Posted by thedavid, 07-31-2003, 02:27 PM
Dave, Here's basically how we handle RDNS - everytime we get a block of IP addresses issued to us from our DC, we request rdns be setup on *all* of them - this usually happens and everything is staged before any customers get put on those IP's, though sometimes we wait on the DC to have these staged while the customers are just getting their sites. This may mean a day or two without rdns, max. All of these records are staged by default as 'servername.ourcustomprivatelabeldomainname.com' Now, that handles rdns for connections to our server. All outgoing mail will be issued from the main server IP address for all clients on that server, which also has that rdns on it. The rdns setup on the main server IP should occur *before* any sites get put on it, as this is the most sensitive area. That said, you should be able to check all of your domains in dnsstuff.com to ensure their IP addresses that the MX points to have rdns. You should also be able to send yourself an email to determine which address is the one that handles the outgoing mail. You can then check this at dnsstuff.com. Finally, if they are truly waiting on aol - believe me, they can take their sweet time. AOL's blocking is something that's dealt with by lots of service providers, and from what I've heard it's a pretty automated system that they've setup. -David
Posted by DR4296, 07-31-2003, 02:39 PM
David, Thanks for the response! Funny.... I just received an update on this issue a few minutes ago. It seems the boys in the datacenter may have installed rDNS on our OLD server, not the new one. What you've said makes me wonder.... once the boys in the datacenter actually DO set up rDNS on the box.... will AOL automatically detect this when we start sending email out to them again? I wonder if a call to AOL is really necessary, given that, like you say, they use a lot of automation. I honestly wonder why this problem suddenly started happening on July 14th. I mean, one of the other resellers said he thinks one of his clients sent an email message out to six friends... and one of those friends was an AOL customer who then complained. But this sounds more like our box wasn't meeting AOL's technical requirements. Which makes me wonder if AOL suddenly tightened their rules? If not, then I wonder why we didn't have this trouble for our first 6 weeks on the new box? Strange.... Thanks!! -= Dave =-
Posted by thedavid, 07-31-2003, 03:04 PM
Well, AOL's been known in the past to suddenly tighten their rules. Here's a good example: A while ago, a new aol client came out that had a 'report spam' button right in the email interface. I don't know which version or anything else more specific as I don't use that service. Anyway, when someone @aol.com receives something that they deem as spam, they can hit this button. Once they do, it goes to aol's automated system. If X number of people reported the same server as spamming them, then aol would reject all mail from that server for X times how many reports. I'm not sure as to the specifics on this, as AOL keeps it under wraps. However large ISP's fell victim to this a lot, and likely produced millions of bounced emails - not just from the same domain, but from all of the domains on their blacklisted servers. This change happened overnight. I'm not sure what the outcome was, but at the time there was no way to get out of being blacklisted - it happened automatically. You just had to wait howevermany hours that they deemed as appropriate. This change happened overnight. I'm not sure if they're still doing this. Hopefully the rDNS changes the DC will make will be instant - otherwise you might have to wait till aol deems it appropraite to allow mail from your servers. -David
Posted by DR4296, 07-31-2003, 03:36 PM
David, Thanks for helping me get a better grasp of the situation. I feel better about all of this now and it seems my provider's now making a renewed effort. The datacenter is suppossedly putting a rush order on getting rDNS up for the server I'm on. Hopefully, that means it will be done by the end of the day. Thanks! -= Dave =-
Posted by Ankheg, 08-01-2003, 10:09 AM
When talking to AOL (who promised they'd un-blacklist one of my servers Real Soon Now), they said that a lot of times, it isn't spam that's causing the blacklisting, it's bounced emails. It seems you can get listed, even if you have rDNS, blah blah blah, if 10% of the email your site sends AOL over some vague period bounce. Now, considering how often AOL users abandon their accounts when the 30-day free trial is up, this seems like a REALLY bad idea to me. Thankfully, it hasn't affected my primary email business, just a second site I've got, but... AOL made no guarantee as to how soon that site would again be able to send email to AOL addresses, and they've kept good to their promise. Two weeks now...

Add to Favourites Print this Article