Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1175
  • Last Modified:

PTR record for emailing

Hi.

I am working in a Market Research Company. As so, I have to send lots of email invitations to people to participate to online surveys. Those people agreed to give us their email address, and declared explicitely being available for research. I want to stress that it should not be considered as spam, although those emails might be harassing after a while.

In order to offer the best quality of service, we recently subscribed to a specific Internet DSL connection, with its ip addresses range, and I am sending the emails through the ISP's smtp server. However, as we want to be transparent and reachable, the sender's email address of these messages is an existent company address.

The company mail server, though, is on the other Internet connection (other ip addresses range). Also the company web and mail domain names are registered to this other Internet ip range.

One of the problems I encounter is the error
554 #5.5.4 Relaying denied. IP name lookup failed for [new ip]

To solve the problem, I read that I should assign a reverse DNS address. Could anyone suggest what entry I could safely have my ISP to add in its PTR database? Do I need to buy any new domain name, or should I assign a name matching the sender's email address? If I do assign a name matching the senders's email address, is it safe to do so for the day to day emailing of the company through the company mail server connected through the other ISP?

More generally speaking, I would be pleased to learn about the rules I should apply for this activity, in order to limit the stress for the people, the networks and the servers, and in order to be able to send as many emails as possible successfully?

Thank you for your help in advance.

Vincent
0
Beringhs
Asked:
Beringhs
  • 2
1 Solution
 
grbladesCommented:
You can either buy a new domain or use a hostname off your own domain. For example if your domain name is example.com then you could use mailout.example.com for the hostname of your mail server.
Your mail servers IP address should match the IP address for mailout.example.com and you should also put a PTR record for the mail servers IP address pointing back to mailout.example.com.
You mail server will also be configured with a hostname to use which it tells the mail server it is connecting to when it issues the EHLO command and this should also be set to mailout.example.com.

You should also not be sending out mail through your ISP's mail server if you have a mail server itself.
If you are sending mail with a from address belonging to a different company then you will also need to inform them and request that they update their SPF record if they have one and provide them with the IP address of your mail server. This is one reason why you dont want to use the ISPs mail server as they will add you to their SPF record but wont want to add an entire ISP to it.
0
 
BeringhsAuthor Commented:
Thank you for your reply.

I had to research about SPF records, and it seems interesting, although I am not sure it is much in use already. If I build a SPF record, it should look like this:

usual_domain_name.com. IN TXT "v=spf1 ip4:new.ip.network mx include:new.isp.domain ?all"

Do you agree?

My new ISP proposes to add a PTR record on his servers like this:
new.ip.address --> usual_domain_name.com

Of course, usual_domain_name.com still has to be registered in the master DNS as
usual_domain_name.com --> usual.ip.address

Could this lead to a problem? Should I do both?

I think I have to send emails through my ISP right now, as I do not have an email server on the same network.

Thanks
0
 
grbladesCommented:
The SPF record looks correct.

Yes you should make both of the DNS changes
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now