Ok, here's a typical setup (ignoring NS records) that people use for hosting domains
Your main zone is mydomain.com A 123.456.789.123 www.mydomain.com CNAME mydomain.com mydomain.com MX 10 mydomain.com Lets assume you have a full Class C, since it's simpler than classless delegation (when you have 8/16/32/64/128 IP addresses) Then your reverse zone includes: 123.789.456.123.in-addr.arpa PTR mydomain.com So you're typically sending mail with your address ([EMAIL PROTECTED]) via your SMTP server at mydomain.com which passes the reverse lookup test. Your client at herdomain.com is using virtual hosts on yours server and is set up as: herdomain.com A 123.456.789.123 www.herdomain.com CNAME herdomain.com herdomain.com MX 10 herdomain.com There can't be a single pointer to two A records, so when [EMAIL PROTECTED] sends mail, the reverse lookup points to mydomain.com! This causes the mail to bounce if the reverse lookup test is used. >Very Interesting! I have multiple domains and a single mail server. >The mail server has its own domain (smtpmirage.net). >All the hosted domains A records point directly to the IP address. The MX >record points to mail@<domain>.com (and mail@<domain>.com is an A record >that points to the IP address). >Seems to work OK...... > >Mark Bushaw > >----- Original Message ----- >From: "Ben Johansen" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Thursday, June 19, 2003 2:36 PM >Subject: RE: Witango-Talk: including snippets of code [OT] > > >> Interesting >> >> Didn't realize that because I have multiple domains on mine. >> >> >Anyway, it's just a rant. I had a server crash on me earlier this year >> >> >when it got hijaced by a spammer, and I've spent a lot of hours this >> year >> >fighting off spam. But I still think it's better to allow mail from >> >senders that don't pass the reverse lookup, and instead rely on black >> >hole lists at the server, and some simple filters on the mail readers. >> >> >Because I don't want to have to tell my clients that we can't receive >> >mail from them. >> >> Considering turning it off. >> >> Ben Johansen - http://www.pcforge.com >> Authorized Witango Reseller http://www.pcforge.com/WitangoGoodies.htm >> Authorized MDaemon Mail Server Reseller >> http://www.pcforge.com/AltN.htm >> >> >> -----Original Message----- >> From: Bill Conlon [mailto:[EMAIL PROTECTED] >> Sent: Thursday, June 19, 2003 2:11 PM >> To: [EMAIL PROTECTED] >> Subject: RE: Witango-Talk: including snippets of code [OT] >> >> Off-topic: >> >> I would send this directly, but it might bounce. >> >> One problem w/ PTR records is they map one-to-one to A records. But >> many >> names (both A and CNAME records) map to one PTR. Hence if you support >> many domains with a single mail server, you can't satisfy the reverse >> lookup condition. >> >> Also, you can't always keep PTRs up to date unless you run the reverse >> zone for your subnet. Some ISPs will NOT provide classless delegation, >> so you have to depend on the ISP to maintain your PTRs, leaving you at >> their mercy -- not a good thing in my opinion. >> >> For most of our clients for whom we provide mail, I ask them to use our >> server for POP, but continue to use their ISP for SMTP. Some though >> prefer to use our server for both, and the consequence is that AOL just >> doesn't get messages from them. >> >> Of course AOL's hypocracy is the big story, since they and hotmail have >> been big spam sources. And much spam now flows through open relays, >> which may still have PTR records that match the A record, so what does >> that do? >> >> Anyway, it's just a rant. I had a server crash on me earlier this year >> when it got hijaced by a spammer, and I've spent a lot of hours this >> year >> fighting off spam. But I still think it's better to allow mail from >> senders that don't pass the reverse lookup, and instead rely on black >> hole lists at the server, and some simple filters on the mail readers. >> >> Because I don't want to have to tell my clients that we can't receive >> mail from them. >> >> >Hi, >> > >> >Sorry you couldn't connect. >> > >> >I went to dnsreport.com and your mail server doesn't reverse DNS >> >(checkout fail in MX section) >> > >> >http://www.dnsreport.com/tools/dnsreport.ch?domain=internetcommercesolu >> t >> >ions.net >> > >> >In order to curb spam there is a shift in this, AOL has shifted to this >> >and those who have mail servers that don't have PTR (reverse DNS) >> cannot >> >post to AOL. There are a bunch of companies that are following suit >> > >> > >> >Ben Johansen - http://www.pcforge.com >> >Authorized Witango Reseller http://www.pcforge.com/WitangoGoodies.htm >> >Authorized MDaemon Mail Server Reseller >> >http://www.pcforge.com/AltN.htm >> > >> > >> >-----Original Message----- >> >From: Fogelson, Steve [mailto:[EMAIL PROTECTED] >> >Sent: Thursday, June 19, 2003 1:26 PM >> >To: '[EMAIL PROTECTED]' >> >Subject: RE: Witango-Talk: including snippets of code >> > >> >Ben, >> > >> >I have had that trouble in the past as well. You might want to check it >> >out. >> >I was going to buy a Witango update from you on the day before the >> price >> >increases, but couldn't get through you email server. >> > >> >Have made the update since. >> > >> >Steve Fogelson >> > >> >-----Original Message----- >> >From: John McGowan [mailto:[EMAIL PROTECTED] >> >Sent: Thursday, June 19, 2003 3:13 PM >> >To: [EMAIL PROTECTED] >> >Subject: Re: Witango-Talk: including snippets of code >> > >> > >> >Ben, >> > >> >I tried to send this post to you off the list, but your mail server >> >doesn't seem to be accepting any thing from my mail server. >> > >> >Anyway, see my comments below about nested @includes. >> > >> > >> >Ben Johansen wrote: >> > >> >>Off List, >> >> >> >>Now, I remember (coffee finally kicked in) >> >> >> >>The reason your sub-include of the TML works is because TML is one of >> >>the extensions setup in the web server to tell the web server that >> >>Witango is responsible to process this file. >> >> >> >> >> > >> >No, the @include tag doesn't interact at all with the web server. It >> >also doesn't care about file extensions. When the app server comes >> >across an @include, it doesn't care what file extension it is... it >> >simply includes the file and evaluates any meta code it comes across. >> > >> >>In the case where an included HTML file calling a SUB-HTML file this >> is >> >>not the case. The SUB would not have its metatags processed >> >> >> >> >> >Yes they are... See the enclosed example... I just tested this out. >> > >> >test.taf does an @include of test1.html >> > >> >test1.html does an @include of test2.html >> >test2.html does an @include of test3.html >> >test3.html executes @currentdate. >> > >> > >> >/John >> > >> >_______________________________________________________________________ >> _ >> >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >> >_______________________________________________________________________ >> _ >> >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >> > >> >_______________________________________________________________________ >> _ >> >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >> > >> >> >> Bill Conlon >> >> To the Point >> 345 California Avenue Suite 2 >> Palo Alto, CA 94306 >> >> office: 650.327.2175 >> fax: 650.329.8335 >> mobile: 650.906.9929 >> e-mail: mailto:[EMAIL PROTECTED] >> web: http://www.tothept.com >> >> >> ________________________________________________________________________ >> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf >> >> ________________________________________________________________________ >> TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > >________________________________________________________________________ >TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > Bill Conlon To the Point 345 California Avenue Suite 2 Palo Alto, CA 94306 office: 650.327.2175 fax: 650.329.8335 mobile: 650.906.9929 e-mail: mailto:[EMAIL PROTECTED] web: http://www.tothept.com ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
