DNS multiple domains?

[klabacita]

Hi my friends,

I have my domain under my control, now, I would like to add a second domain, I have read a lot about I will give a try. My questions related to my ISP, my first domain have a email server, went we switch our ISP I had to request a ptr to my email server. But now, I will add a second domain and have a email server, can my ISP add other PTR to the same public IP?

Or how does BIND handle multiple domains and each one with his own email server and ISP?

Thanks!

 

[SirDice]

But now, I will add a second domain and have a email server, can my ISP add other PTR to the same public IP?

Sure, you can have as many MX records from as many domains pointing to the same IP as you want.

NB. A PTR record is for reverse DNS, i.e. resolving an IP address back to a hostname. It can only point to one hostname.

 

[klabacita]

Hi SirDice.

When you test your DNS PTR, what happens when one IP has a lot of PTRs? You test for example with nslookup: A.B.C.D. It returns the record, with multiple domains will it return all the records?

I have just this doubt, thanks

 

[SirDice]

You can have only one PTR record per IP address.

 

[klabacita]

What would happen when you want to manage multiple domains with the same BIND server?

 

[SirDice]

That's not a problem and has nothing to do with PTR records.

 

[klabacita]

I ask this, because I remember the day we switched ISPs, we didn't add the PTR in our ISP and we could not receive emails from a lot of clients, this is why this doubt crossed my mind in a multiple domain setup.

Thanks.

 

[SirDice]

Well, you can have multiple domains but there's always only one in-addr.arpa reverse domain.

 

[klabacita]

This will not cause any issue like the one I mention with my second domain?

 

[SirDice]

Only with braindead spamfilters.

 

[klabacita]

SirDice, thanks for your great help.

 

[kpa]

To summarise this in a way others would understand because the above discussion is almost on the level of SMS talk.

There's a domain domain1.com with an MX record mail.domain1.com and there is an A record for mail.domain1.com with a value of 192.0.2.1. There's another domain domain2.com with an MX record mail.domain2.com and the A record for that address also happens to be 192.0.2.1

Now for the IP address 192.0.2.1 there can be only one PTR record for the reverse DNS queries. The PTR record can point to either mail.domain1.com or mail.domain2.com but not both.

There are some totally broken mailers on the net that would reject mail from/to mail.domain2.com if the reverse DNS for 192.0.2.1 returned mail.domain1.com instead of mail.domain2.com. That's quite rare though fortunately.

 

[DutchDaemon]

Most critical mail servers tend to handle it the other way around: they look at the connecting IP address, grab the PTR record, and perform an A record lookup against that. If both match, the SMTP connection is accepted.

So if 192.0.2.1's PTR lookup returns 'mail.domain1.com', and the A record for 'mail.domain1.com' points at 192.0.2.1, the mail server will accept the SMTP connection, regardless of the <Envelope-From> domain or DNS records associated with it.

There may be additional checks done on that (like SPF or DKIM checks), but on a 'connecting IP' basis, matching PTR/A records are usually considered OK. When they don't match, it usually triggers no more than a warning, like Sendmail's [may be forged] in maillog and email headers.