Solved

Reverse DNS Lookup

Posted on 2007-03-29
6
375 Views
Last Modified: 2008-01-09
How do i configure my exchange server (SBS2003) to use reverse dns lookup to block incoming mail like other servers do.  I'm looking to cut down on junk emial and i know this would help.
0
Comment
Question by:tobiaspw
6 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 63 total points
ID: 18819644
Follow the steps in this tutorial: http://www.nemx.com/products/SecurExchange/howto/reversednslookup.html

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking

0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 18819664
In properties of "Default SMTP virtual server" go to Delivery tab, click Advanced delivery and you will find checkbox "Perform reverse DNS lookup". This option is reported to slow down your server and there is another catch, are you sure that all your senders have proper PTR record, for reverse lookup to work correctly?

HTH

Toni
0
 
LVL 11

Assisted Solution

by:Zenith63
Zenith63 earned 62 total points
ID: 18819723
Yes be warned reverse lookup blocking is fairly useless these days.  Most spammers are using home broadband packages which will now have proper PTR records pre-configured for them, while quite a lot of businesses don't have PTR records setup for their domain, generally because they don't realise it's important or don't know about them at all.

I've had a few conversations with the spam guys at MailMarshal (one of the main spam filtering softwares out there at the moment), almost all recommend not turning this rule on in MailMarshal (it's similar to the Exchange one).  When we have decided to turn it on in testing it tends to have very little effect at catching spam that the normal rules don't catch, but it sure increases your false positive rate.
To be honest I think this rule would run better in reverse, identifying servers without PTR records as legit senders instead of spammers :) .  Assuming you have some other spam filtering in-place of course...
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 18819827
This is something that if you can do if you upgrade to Exchange 2007:
http://www.openspf.org/News/2006-12-14

In Exchange it's called SIDF (Sender ID Framework)
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20324298
Forced accept.

Computer101
EE Admin
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now