We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

554 This server requires PTR for unauthenticated connections.

PUB_UL
PUB_UL asked
on
Medium Priority
5,723 Views
Last Modified: 2012-08-14
Hi,

When trying to send email to a few domain, I get this error: 554 This server requires PTR for unauthenticated connections.

I read that it is all about the PTR / Reverse DNS record.
The thing I don't understand is that what if I have 10 domains installed on 1 IP. How can this one IP reverse DNS to all 10 domains?

Thanks
Comment
Watch Question

Expert of the Year 2007
Expert of the Year 2006

Commented:
You can only have one reverse DNS record per IP address.

Therefore you will have to decide which is your primary domain and have the reverse DNS set accordingly.
Ideally the reverse DNS should match what the server announces itself as, and the MX records.

So if you telnet to the server on port 25, you will get something like this (which is an Exchange server, but you will see something similar with other SMTP servers)

220 mail.domain.net Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at
  Fri, 27 Oct 2006 13:40:58 +0100

Remember that MX records do not have to be in the same domain that they are serving. So if your server is mail.domain.net then that can be the host in the MX record for all the domains that you have. That is how web hosts work.

Simon.

Author

Commented:
yeah.. but we found easier for our customer to have mail.domain.com where domain is theirs !

So you're telling me that there is no way all our domains to have their own mail.domain.com that would avoid such an error msg?

Thanks
Expert of the Year 2007
Expert of the Year 2006
Commented:
You can do that if you wish. I have seen many sites allow the user to use their own domain - as DNS lets you have as many hosts pointing to an IP address as you like.

However for outbound traffic, the server can only have one identity. Make sure that it resolves correctly - so the forward and reverse DNS both match the SMTP banner.
That will deal with the PTR error you are receiving.
On the MX records it depends on how strict the receiving site is being. You cannot control that, so all you can do is limit the risk.

If you haven't already, make suer that you have SPF records for all domains that allows your server's real name to be able to send email for that domain.

Simon.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
what's the SPF record?


So I should have a single MX record for all our domains?

so mail.serverdomain.com for all domain we have. that way, the outgoing IP would reverse dns to that mail.serverdomain.com and we'd get rid of that PTR error?
Expert of the Year 2007
Expert of the Year 2006

Commented:
SPF is the latest idea to deal with spam. It isn't deployed wide enough to use as a blocking tool, but can be used for scoring. http://www.openspf.org/

When I have done multiple domain deployments I use the same information for all domains - same MX records etc. It doesn't really matter unless you hit on a site that is using the MX record information to block email messages.

Having any PTR record will get rid of the error you have seen above. However you may then find that you get another error on the lines of the PTR not resolving correctly or similar. If you are going to make changes, then get everything lined up correctly.

Simon.

Author

Commented:
Ok, thanks.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.