Mark Foster wrote:
Surely if you have _a_ matching forward and reverse DNS pair, that'd get you started?
The problem in our case is that this wasn't an email issue. Any service (http/ftp/nntp/etc) which performed rDNS lookups prior to handling the connection would end up timing out the connection due to the fact that AT&T had setup a CNAME which pointed to a nameserver that no longer existed (from when the IP was owned by someone else). The actual complaint was failure to ftp files from the location due to the ftp server doing rDNS. AT&T refused to remove the old CNAME which was defunct. We didn't need matching anything. NXDOMAIN would have even been acceptable. However, forwarding the request to non-existent nameservers is not.
The issue was where there was no matching A/PTR set, this would increase the likelyhood of a spam host or something... right?
The issue was that when revoking an IP from a customer, AT&T did not remove the rDNS configuration for that IP. Had they done so, their own servers would have reported back that there wasn't any rDNS (NXDOMAIN) which would have been perfectly acceptable. Jack Bates