Hmm. I expect low-touch, but given the reverse appears generated (<ipaddr>.foo.isp.net.nz) or similar, the forward would also be generated to match. And to host services (which I consider entirely reasonable for a home or any other user), I'd need a more useful dns setup than that. All this is doing is giving me a warning in my mail server logs, but it's irritating :-) Cheers, Richard On 5/11/20 5:53 pm, Liam Farr wrote:

That would really depend on your ISP, for the likes of Spark/Voda/Vocus/2Degrees etc and their various sub brands I would say no it’s not, residential plans are low margin low-touch cookie cutter products.

Matching forward / reverse DNS is something that would creep into into their business product offering / scope, as it lets you could let self host services etc which I would consider a business feature. (If you can get all the features on the low / zero margin type product, why would you pay for business grade products that the ISP needs to sell to make some actual margin on tails?).

If you’re with a smaller boutique ISP then you might find a friendly admin who could set some records for you 🤷‍♂️

Cheers

Liam

Sent from my iPhone

...

On 5/11/2020, at 5:30 PM, Richard Hector wrote:

Hi all,

Is it reasonable to expect that a residential ISP, that provides a generated reverse resolution to a home IP address, will also provide a matching forward resolution that goes back to the same IP?

Cheers, Richard _______________________________________________ NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

---

NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

But you do consider it a customisation, rather than a default? Ah well. Cheers, Richard On 5/11/20 6:11 pm, Michael Hallager wrote:

I second what Liam said.

My personal policy is if its a business plan then yes, I will do those sorts of customisations and others as required.

If its a standard plan I will consider it on a case by case basis. The key here is what the clients total relationship value is. In context it should be said this sort of thing is something the vast majority of clients don't care about and the ones that do tend to be low profit clients.

On 2020-11-05 18:00, Richard Hector wrote:

...

Hmm. I expect low-touch, but given the reverse appears generated (<ipaddr>.foo.isp.net.nz) or similar, the forward would also be generated to match.

And to host services (which I consider entirely reasonable for a home or any other user), I'd need a more useful dns setup than that.

All this is doing is giving me a warning in my mail server logs, but it's irritating :-)

Cheers,

Richard

On 5/11/20 5:53 pm, Liam Farr wrote:

...

That would really depend on your ISP, for the likes of Spark/Voda/Vocus/2Degrees etc and their various sub brands I would say no it’s not, residential plans are low margin low-touch cookie cutter products.

Matching forward / reverse DNS is something that would creep into into their business product offering / scope, as it lets you could let self host services etc which I would consider a business feature. (If you can get all the features on the low / zero margin type product, why would you pay for business grade products that the ISP needs to sell to make some actual margin on tails?).

If you’re with a smaller boutique ISP then you might find a friendly admin who could set some records for you 🤷‍♂️

Cheers

Liam

Sent from my iPhone

...

On 5/11/2020, at 5:30 PM, Richard Hector wrote:

Hi all,

Is it reasonable to expect that a residential ISP, that provides a generated reverse resolution to a home IP address, will also provide a matching forward resolution that goes back to the same IP?

Cheers, Richard _______________________________________________ NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

---

NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

_______________________________________________ NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

---

NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

On 5/11/20 6:26 pm, Michael Hallager wrote:

If what you have is a mass market account - Myself and everyone else I know engineers these accounts to be cheap and cheerful. This is what the vast majority of the market place wants. Additionally, the vast majority of businesses do not host their own email servers - they either use a cloud service like Gmail or they get me to do it for them and pay me extra for this. This is good for them (My systems are hosted in a proper data centre and subject to ongoing professional maintenance) and good for me (I make more profit on these services).

And you don't mind that your customers don't have matching forward and reverse, presumably.

Experience has shown to me the small number of customers who are more technically inclined and want to host their own stuff off a basic broadband connection are more often high maintainence, use a lot more traffic and only buy a basic account which I am making stuff all on.

I'm not trying to host here (in this case). My mailserver is at a hosting provider, where all is good (barring the lack of IPv6 ...). It's when my home machine connects to my mailserver that I see what I thought was considered a misconfiguration of DNS. There are lots of things customers don't care about, because they don't know about it, but are nevertheless looked after by their ISP for the general health of the internet. But as Pete says, maybe I'm 20 years out of date. I'm a fan of boutique providers, btw - unfortunately I'm not currently the customer, but the flatmate of the customer, so I don't get to pick :-(

On 2020-11-05 18:00, Richard Hector wrote:

...

Hmm. I expect low-touch, but given the reverse appears generated (<ipaddr>.foo.isp.net.nz) or similar, the forward would also be generated to match.

And to host services (which I consider entirely reasonable for a home or any other user), I'd need a more useful dns setup than that.

All this is doing is giving me a warning in my mail server logs, but it's irritating :-)

Cheers,

Richard

---

NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz

On 5/11/20 7:15 pm, Jasper wrote:

On Thu, Nov 05, 2020 at 06:33:42PM +1300, Richard Hector wrote:

...

I'm not trying to host here (in this case). My mailserver is at a hosting provider, where all is good (barring the lack of IPv6 ...).

It's when my home machine connects to my mailserver that I see what I thought was considered a misconfiguration of DNS.

I'd argue that a mail server is misconfigured if it logs a warning when an authenticated client submitting mail on tcp/587 doesn't have matching forward and reverse DNS.

Point taken. Unnecessary, at least; not sure about misconfigured. I'll probably change it.

Mail submission != mail transfer, and DNS records the client does or does not have are not all that relevant for mail submission.

I see it from a client's server that sends me mail too - but then I set it up ... and it should probably be sending via a relay. Richard

Hi, [clears throat, it's been a while] If we don't make it easy for people to provide 'content' at the edge of the Internet or put it in the bucket of 'business service' then people will just put what they want to produce or communicate on centralised platforms that make it easy for them to do so. This is a small part of why we have Gmail and Facebook. Respect to the ISP's who are still enabling their customers to participate at the edge of the Internet. Long may you continue. Your customers that take advantage of this are future network operators. And that is good for all of us. jamie On Fri, 6 Nov 2020 at 10:08, Ewen McNeill wrote:

On 2020-11-05 17:53, Liam Farr wrote:

...

That would really depend on your ISP, for the likes of Spark/Voda/Vocus/2Degrees etc and their various sub brands I would say no it’s not, residential plans are low margin low-touch cookie cutter products.

...

Matching forward / reverse DNS is something that would creep into into their business product offering / scope, as it lets you could let self host services etc which I would consider a business feature.

!!

There's a fair amount of difference in effort between putting a *couple* of *matching* entries, something like:

$GENERATE A-B-C-D.ip.ISP.nz IN A A.B.C.D $GENERATE A.B.C.D IN PTR A-B-C-D.ip.ISP.nz.

and providing *customised* reverse DNS (to a customer's matching forward DNS of their own domain). The $GENERATE wildcard pattern is something that takes a few minutes, once, and is then "low touch", and it's not that hard to make the entries *match*.

I'd definitely agree that *customised* reverse DNS is a business feature, but it's still disappointing that many NZ ISPs either don't provide *any* reverse DNS at all for their residental customer IPs (ie, not even a pattern answer, just no answer), or if they do, don't/won't configure forward DNS (in their own domain!) to match those patterns.

It's a pretty damming statement on the cooperation of the Internet if residental ISPs are *deliberately* not providing {any|matching} reverse DNS "so customers cannot run servers". Especially because ironically the lack of reverse DNS is most likely to affect *outgoing* *client* connections -- historically things like FTP servers, IRC servers, etc, were the ones checking the *client* had reverse DNS... there are very few protocols where the *client* check for the reverse DNS of the *server* :-)

(But in practice, "has reverse DNS" has been a poor check for a decade, because so few networks are "well run" by 20+ year old standards of things like reverse DNS, or matching reverse/forward DNS.)

Ewen _______________________________________________ NZNOG mailing list -- nznog(a)list.waikato.ac.nz To unsubscribe send an email to nznog-leave(a)list.waikato.ac.nz