Link to home
Start Free TrialLog in
Avatar of Malevolo
Malevolo

asked on

How do you update PTR Records

I'm managing an in-house exchange server which ran solely off of a business class DSL line.  Recently, we added a T1 connection to the network and setup load balancing between the two lines for automatic fail over and better throughput.   The issue now is that since our email server is now sending out emails over two IPs instead of just one, some ISPs have started to flag our second (t1) IP address and a possible spammer/abuse IP.  I'm fairly certain that this is a PTR issue (correct me if I'm wrong) but I'm not entirely sure how to update our records in a manner that says both of these IPs belong to our company and our exchange server and emails from them are OK. We have one exchange server and two DNS servers; all running on windows 2003.

thanks.
ASKER CERTIFIED SOLUTION
Avatar of DeanC30
DeanC30
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Malevolo
Malevolo

ASKER

So I need to speak to the ISP whch is supporting the T1 line and ask them to associate it?

If I they make any changes, will it affect the other DSL IP address' association with the email server or will their record only ADD to my PTR records?

So I don't need to update anything in my in-house dns servers then?
Are you hosting your own DNS?
Sorry looks like you answered my question before I posted.  Are your DNS servers the name servers for your real world domain, not just internal servers?
To be on the safe side you can do a self test of your IP address(es) to see if they have been identified as spammer. It may not necessary by a PTR record.

http://spamcop.net/bl.shtml
It looks like our DNS servers are not just internal, for the external domain as well.  I'm fairly certain that we need to create or update some records somewhere, I'm just not sure which, where, or how.

Neither of our two IP addresses are listed on the spamlist.

I just contacted our T1 carrier who is looking into the issue as well, and am expecting a call back soon to hear what they've got to say about the issue.
Scratch that--- I don't think our DNS servers are resolving for the external/real world domain.  All of the IP addresses there are mostly internal, so I guess we're using someone else's dns servers.
You can check for reverse DNS settings via www.dnsstuff.com  It may not be that your IP addresses are on a spamlist, but mails could be getting rejected if no Reverse DNS associated.  Your T1 carrier *should* be able to help you out with the PTR settings for the 2nd IP
I checked dnsstuff and the following warning came up which caught my eye.

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

mail.XXXX.com claims to be invalid hostname 'SMTP': <br />   220 SMTP server ready 4.2 <br />

I'll look into fixing that, and I'm working with my T1 carrier to hopefully add that IP to my records so people know its us, from either of the two IPs.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks very much.  I will read it over right now although I grasp the basic concept of what you're saying.

Another new issue is that our exchange server manages 4 domains for email. From what I was told by my ISP was that they could setup a new PTR so that the ip is associated with one domain, but I can't have it set for all four. I'm not quite sure how I can get around this. When I call back Covad to setup the PTR they're going to ask me for one domain; what can I do, if anything to get around this?
The 4 domains part will not be an issue at all.  You can accept mail for hundreds of domains but the mail server can only have a name associated wiht one domain obviously.  You can still accept mail for all those domains by defining your mail server as the MX record for those domains.  In other words say your main domain is called company1.com, and  your mail server is called mail.company1.com.  You can also receive mail for company2.com, company3.com, etc.  In the zone file for the other domains you just need the MX record to point to mail.company1.com (and you need to setup the appropriate domains in the recipent policy of the server, which I am assuming was already done.)  It should not affect your load balancing and the PTR records will only need to be created for mail.company1.com.  The other domain names have nothing to do with it.  

You will also need to setup the multiple host records for the other domain's zone files if you want fault tolerance as well.  Let me know if you need any help with this.  It's a very standard setup, and a good idea using the fault tolerance.