Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5521
  • Last Modified:

554 This server requires PTR for unauthenticated connections.

Hi,

When trying to send email to a few domain, I get this error: 554 This server requires PTR for unauthenticated connections.

I read that it is all about the PTR / Reverse DNS record.
The thing I don't understand is that what if I have 10 domains installed on 1 IP. How can this one IP reverse DNS to all 10 domains?

Thanks
0
PUB_UL
Asked:
PUB_UL
  • 3
  • 3
1 Solution
 
SembeeCommented:
You can only have one reverse DNS record per IP address.

Therefore you will have to decide which is your primary domain and have the reverse DNS set accordingly.
Ideally the reverse DNS should match what the server announces itself as, and the MX records.

So if you telnet to the server on port 25, you will get something like this (which is an Exchange server, but you will see something similar with other SMTP servers)

220 mail.domain.net Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at
  Fri, 27 Oct 2006 13:40:58 +0100

Remember that MX records do not have to be in the same domain that they are serving. So if your server is mail.domain.net then that can be the host in the MX record for all the domains that you have. That is how web hosts work.

Simon.
0
 
PUB_ULAuthor Commented:
yeah.. but we found easier for our customer to have mail.domain.com where domain is theirs !

So you're telling me that there is no way all our domains to have their own mail.domain.com that would avoid such an error msg?

Thanks
0
 
SembeeCommented:
You can do that if you wish. I have seen many sites allow the user to use their own domain - as DNS lets you have as many hosts pointing to an IP address as you like.

However for outbound traffic, the server can only have one identity. Make sure that it resolves correctly - so the forward and reverse DNS both match the SMTP banner.
That will deal with the PTR error you are receiving.
On the MX records it depends on how strict the receiving site is being. You cannot control that, so all you can do is limit the risk.

If you haven't already, make suer that you have SPF records for all domains that allows your server's real name to be able to send email for that domain.

Simon.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
PUB_ULAuthor Commented:
what's the SPF record?


So I should have a single MX record for all our domains?

so mail.serverdomain.com for all domain we have. that way, the outgoing IP would reverse dns to that mail.serverdomain.com and we'd get rid of that PTR error?
0
 
SembeeCommented:
SPF is the latest idea to deal with spam. It isn't deployed wide enough to use as a blocking tool, but can be used for scoring. http://www.openspf.org/

When I have done multiple domain deployments I use the same information for all domains - same MX records etc. It doesn't really matter unless you hit on a site that is using the MX record information to block email messages.

Having any PTR record will get rid of the error you have seen above. However you may then find that you get another error on the lines of the PTR not resolving correctly or similar. If you are going to make changes, then get everything lined up correctly.

Simon.
0
 
PUB_ULAuthor Commented:
Ok, thanks.
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now