CITES | University of Illinois

news/2007/rdns.html

info The events in this news item are no longer applicable

This document is kept for historical purposes, but does not describe the current configuration of the campus email system.

Overview

As of July 24, our campus email infrastructure requires more stringent verification that email into campus comes from a legitimate source (i.e., not from a spammer or spoofed site).

While this has resulted in a 30% reduction in spam on campus, some non-spam messages have been blocked as well. The problem occurs when a legitimate site fails to configure its internet presence properly, causing email originating from that service provider to appear to be forged.

How does it work?

Our new requirement is called reverse DNS (Domain Name Service) lookup, and is emerging as an industry standard. Reverse DNS lookup has already been adopted by many of our peer institutions.

Each computer on the internet has a unique numerical IP address and corresponding hostname. Whenever you send an email message, your email server's IP address is attached to the message headers. Reverse DNS lookup attempts to resolve the IP address against the server's DNS hostname. If the IP address and DNS name don't match, the message is rejected. In most cases of delivery failure, the IP address and hostname can't be resolved because the IP address has been forged. Occasionally, however, the sender's mail server has not been configured to include the proper DNS information.

What can you do if a message sent to you fails the reverse DNS lookup?

If a legitimate e-mail fails the lookup test, the sender will receive an automated message from our server telling them to fix reverse DNS for that IP address. The sender will then need to work with his or her email administrator to have their mail server configured properly.

For a more technical overview, please see or refer your email administrator to the CITES Security news release regarding reverse DNS lookups (https://wiki.cites.uiuc.edu/wiki/x/zgGs).

Where to get help

The CITES Help Desk, in conjunction with the email-relay service manager and IT Pro support, is available to assist campus network and system administrators, faculty, staff, and students by doing the legwork to contact non-campus senders and technical staff to resolve the issue.

Please contact the CITES Help Desk for further assistance:

Phone: (217) 244-7000 or (800) 531-2531
Email: consult@uiuc.edu
Fax: (217) 333-4368

Last updated Sunday, March 4, 2012, 11:59 pm