How reverse dns record (PTR) should be? - reverse-dns

My mails send to junk mail by hotmail. I've no reverse dns record and I want to add it. I use direct admin and I add a new zone. But I couldn't understand what is the true result? When I check ptr record with ip what should be the result? mail.domain.com or domain.com?
And I wait your suggestions about hotmail mail problem. Thanks.

I understood the questions as this:
You have a domain and the emails you send from your domain goes go Hotmail Spam filter.
provided that you are not sending spam ;) this should help:
Find out if you are blacklisted
find out what IP you are using (and make sure it is not dynamic)
Find out where you got the IP address from (use ripe.net - NOT .org)
Convince your IP maintainer to setup PTR record to the hostname of your email server.
check that it is done correctly, and wait 24-48 hours (add 24-48 hours to the TTL of the arpa zone).
When Hotmail mail servers now receive your emails they will look up the reverse IP to check if the hostname match the hostname your Email server ID itself as.
This means if your mailserver: chad.domain.tld [127.0.0.1] is setup to identify itself as Chad [127.0.0.1] the reverse lookup will find: 0.0.127.in-addr.arpa ptr chad.domain.tld
Background:
PTR records are setup in the arpa zonefile of your IP address
Your mailserver IP : 127.127.1.1

Related

Editing IP source range in GCP

I understand that 0.0.0.0/0 this means that i'm allowed whatever my IP is to connect to this instance(server).
I'm trying to modify my GCP instance firewall rule, to allow my IP only to access this instance, I'm accessing it via ssh as it's an ubuntu server. So I've to specify in the rule some adress in the form of 0.0.0.0/0 where my public IP is not in this format.
I don't understand the following
what is /0 means ?
How to generate an IP that match this format ?
Should I be using my public IP or another kind of IP ?
Have a look at this Wiki Article on CIDR notation.
https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation
In GCP (and possibly elsewhere), the CIDR range of 0.0.0.0/0 is used to donate any address at all.
If you want to restrict traffic to your Compute Engine instance at the IP level, then:
Determine your own IP address ... for example 1.2.3.4
Change the firewall rule to allow only traffic from 1.2.3.4/32
Given that an IP address (ipV4) is 32 bits then when we suffix a CIDR range with /32 we are saying the whole IP address must match.
1) Get the external ip from where you going to ssh with typing ( what is my ip ) in any browser , copy that ip
2) create firewall rule and use that external ip e.g 35.34.36.37/32 for port 22 (ssh ) with "apply to all instance" option set
3) If you are using putty for ssh then make sure to export the ssh key to the instance
After following all above step if should work
The best recommendation I would give is to open a case on issuetracker where your project will inspect closely by GCP team if you dont have any support package orthherwise open a case directly from your project.
The reason behind this recommendation is because some needs to inspect your project for solving your problem
I tired to provide my IP4/32 it still wasn't working. But i found a solution for this problem.
solution
First go to IAP
Copy this IP 35.235.240.0/20 under Preparing your project for IAP TCP forwarding
This range contains all IP addresses that IAP uses for TCP forwarding
Paste the copied IP inside the IP source of your firewall rule.
Go to What_Is_My_IP and copy your IPv4
Add your copied IP to the IP source range inside your firewall rule
save, and start your ssh connection to the VM

How do I find the IP address to use in an HTTP request?

I want to make an http request via the fetch() method in React Native, and I need the IP address of the machine I'm sending the request to. I have access to the machine, and googled "what's my IP" on it. It said my public IP was 162.250.198.98, but when I googled it on another computer nearby, it gave the same address. Is this the right IP to use in a fetch request like this? If not, how do I find the right one to use?
If you have multiple machines connected to the internet via a NAT-enabled router, they will all share the same public IP address. You need to forward a specific port to the machine you want to connect to in the router's configuration e.g. to send your request on port 5000, add a rule to the router to forward port 5000 to your desired machine, then send the request to 162.250.198.98:5000
For your application to work you need a "server" with a public ip address. Later you assign a domain name to that server/ip address ex. api.domain.com
Since you don't have a server and you are using your computer to test your development, you can do this 2 options:
Use your computer IP address usually 192.168.x.x , 10.x.x.x or 172.16.x.x This will allow you to test it if your phone is connected wireless to the same network.
Since you are behind a NAT you can do a port forward to send the traffic to X port to your desired host(ip/port) behind the nat. Usually we create API's that run on port 80 or 443 do a port forward in your router to pass the traffic from this port to your computer ip/port.

Configuring apache on ipv6 no connection

Solution: It turns out ipv6 has got it's own firewall which I didn't know and it filtered out 80 and 443! Thanks so much Nicholas Pipitone!
I'm having difficulties to get apache to accept ipv6 connections (everything perfect on ipv4). Results from ready.chair6.net:
What I tested/tried:
Disabling firewall doesn't change the result
Getting apache to listen on all interfaces or specifically the ipv6 interface doesnt change the result
Executing 'curl https://v6.ident.me/' correctly sends me back my ipv6 address
Netstat tells me that both the ipv4 AND ipv6 address are listening for connections on 80 and 443
I'm really stuck here, what else can I do?
The MX record error means it's having a problem getting the IP address from the DNS servers.
Solution: Try dig +short AAAA $hostname and dig +short MX $hostname, with $hostname being your URL. If you don't see an IPv6 IP in the terminal, then you don't have DNS fully setup. If you just recently setup your URL, then wait a day for caches to be updated. If it's been a while, talk to who you bought the domain name from / who's responsible for making your URL point to your IP.
Note: MX is only for mail. If you don't want incoming mail / that's not what the problem is, then that test is testing something it doesn't have to test, and you can ignore it.
More possibilities: Is the hostname on line 4 the same as the host name on the second to last line? Try pinging that IPv6 address from line 4 on a different computer (Not on the same private network); what do you get?
If you get a response, try nmaping the IPv6 on another computer to see if port 80 is open to the public.
-If the nmap fails then try checking your port forwarding settings if you're behind a NAT. If you're not behind the NAT then something might be blocking the request in-between their computer and your computer (Very unlikely); you can try telnet'ing to port 80 remotely and see if you're getting the requests - because then it's just an apache issue.
-If nmap succeeded, then what do you get? Send an HTTP request over command line from the another computer and see if you get a response.
If pinging doesn't work, then you're just not connected to the internet (o.O), idk how to help with that. If pinging the IPv6 works but pinging the URL doesn't, then dig must not be showing anything and it's the DNS as mentioned previously. If dig does show something in that case, then I'm lost.

move domain from one server to another?

I have a website on a shared hosting and I'm trying to move it to an unmanaged VPS
the thing that I have set up my server and tried this tutorial to make my domain name point at my server but I had no luck.
because when ever I try to do this : ping www.mydomain.com
I still get the old host ip instead of mu new one.
I have waited more than 48 hours.
Do I have to delete some files on my old host ? or there is something i'm missing ?
thanks
There should be no need to delete anything at your old host.
You are getting old host IP address in ping result which tells that your domain is still resolving to old host instead of your own VPS.
Checkout the outputs of following things to confirm that DNS records are correct:
[1] Check DNS records of your domain from online DNS verification tool like intodns.com.
[2] Verify whether the new DNS records are propagated across the globe or not. You can check it from here - whatsmydns.net.
[3] Check the ping result without "www" i.e. ping yourdomain.com
Create a file at location /etc/bind/
Name it db.your_domain
Add the following in this file:
$TTL 86400
;SPF records
your_domain. IN TXT "v=spf1 a -all"
# IN SOA ns.your_domain. admin(or any email id).your_domain. (
5 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
your_domain. IN NS ns.your_domain.
; MX records
your_domain. IN MX 5 mail.your_domain.
;A records
your_domain. IN A ipv4 address
your_domain. IN AAAA ipv6 address
ns IN A ipv4 address
ns IN AAAA ipv6 address
mail IN A ipv4 address
mail IN AAAA ipv6 address
;CNAME
www IN CNAME your_domain.

Certificate Error Accessing HTTPS by IP Address

So, I've gone through the process of ensuring the certificate has the IP address in the subject alternative name, but when I go to visit the site via IP, it says that name does not match the certificate. The IP is obviously listed in the certificate and the CA Chain is trusted, but for some reason it continues to throw the warning. I am still waiting for the DNS names to be created, so I cannot yet test if it has the error with the DNS name.
In theory the IP address has to be listed in the SAN section as type IP, not DNS. In practice some broken applications require it the other way. Try to enter it as both IP and DNS to make it work in all cases.
I am still waiting for the DNS names to be created, so I cannot yet test if it has the error with the DNS name.
Just add the relation between name and IP address to the local hosts file on the computer. Then you don't have to wait for propagation of DNS setups.