Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

Email rejected because of rDNS

Posted on 2007-12-05
9
Medium Priority
?
1,454 Views
Last Modified: 2008-02-01
Some of our emails are rejected with this message:

There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            <mail.example.org #5.5.0 smtp;554 <unknown[1xx.xxx.xx.x]>: Client host rejected: rDNS/DNS validation failed. Please setup matching DNS and rDNS records.

The email IP address resolves to mail.example.org and our main IP address resolves to host.example.org.

 It looks like the receiving side of the email sees the email coming from the host IP address instead of the mail IP address, so because it cannot solve the DNS it rejects my email.
How should I solve that? Why do they see it coming from the host IP address instead of the mail IP address.

Please let me know if you need more details

Thank you for your help!
0
Comment
Question by:adrian1976
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 12

Assisted Solution

by:bhnmi
bhnmi earned 400 total points
ID: 20413740
When you do a reverse lookup (PTR) on the IP that the MX record resolves too, does it match the host that is defined in the MX record? Sometimes is you are not the SOA for you block of IP's it will resolve to a record created by your ISP.
0
 

Author Comment

by:adrian1976
ID: 20414077
Thank you for your answer!

 Our MX records resolve to a third party spam filter solution. We forwarded our MX records to them, so all incoming emails are getting through their filters and then get to our email server. Our outgoing emails are not going through these filters. The IP address of the filter is different from the ones I mentioned in my first post. Could this setup be a problem?

Thanks!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 20418533

Hi,

Ignore the MX as it doesn't define the server which sends Outbound Mail.

For outbound mail your SMTP Server must have a valid Public Name, e.g. mail.yourdomain.com. That Name must exist in your Public DNS Zone and link to the Public IP of your Mail Server (or Firewall address if it just uses NAT to get there).

Then you must ask your ISP to add a Reverse Lookup Record (PTR) for the Public IP Address which, in turn, points back to the name (e.g. mail.yourdomain.com).

Chris
0
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

 

Author Comment

by:adrian1976
ID: 20421460
Chris-Dent,

Your suggestion is very helpful. Thanks!

As I specified in my first post, I have different public IP addresses for my firewall and for the email. would there be any problems if I were to change the firewall IP address public name from host.example.com to mail.example.com? Should I have both IP addresses with the same name (mail.example.com)

Thank you for your help!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 20422842

There's nothing to stop you doing that, no. There's nothing really to stop you adding that as another record as well if you choose to.

As long as when your server, when it connects to another mail server, has a valid name and a PTR record that takes it from the Public IP it connects with back to that name.

Chris
0
 

Author Comment

by:adrian1976
ID: 20423770
Forgive my ignorance but if both public Ip addresses would have the same name (mail.example.com), wouldn't that be a problem?

Thank you!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 20423857

Not really, the most important part here is to get the Reverse Lookup Record in, so the IP address the server connects with resolves back to a name.

The record you mention above is the Forward Lookup Zone, we just need the name we use there to resolve to that IP. It doesn't matter if another name also resolves to that same IP.

Hope that makes sense.

Chris

0
 

Author Comment

by:adrian1976
ID: 20423891
It makes sense. I will make a request to my ISP to change it.

Thank you for all your help!
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1600 total points
ID: 20423898

You're welcome.

Chris
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question