DNS Record Setup - MX Record, SPF record and PTR - For VPS Hosting multiple virtual domains

My problem:
I have set up several domains on a VPS running WHM and cPanel on CentOS 4.6. I have been unable to properly set up my MX, SPF and PRT record as to properly send mail to domains that perform reverse DNS lookups. I have not properly set up my VPS and I need some guidance. My current DNS record as it pertains to mail looks like this:

Definitions:
shared IP = xxx.xxx.xxx.173 for virtual domains without SSL
exclusive IP = xxx.xxx.xxx.182 for main domain with SSL cert
exclusive IP = xxx.xxx.xxx.30  for mail server with SSL cert

domain.com.   A           xxx.xxx.xxx.182
domain.com.  mx    0    mail.domain.com.
mail.domain.com.    A   xxx.xxx.xxx.30
xxx.xxx.xxx.182      PTR   ggtai.com.
ns1.domain.com.   A xxx.xxx.xxx.182
ns2.domain.com.   A xxx.xxx.xxx.182
domain.com.       TXT   "v=spf1 a mx ~all"
hostname.domain.com     A     xxx.xxx.xxx.173


I have screwed this up when I installed the SSL certs, i.e. changed the IP of the mail server so I could install a SSL cert...

results of a dig -x on xxx.xxx.xxx.182

[root@ruby ~]# dig -x 66.11.239.182

; <<>> DiG 9.5.0b1 <<>> -x xxx.xxx.xxx.182
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28310
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;182.239.11.66.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
182.239.11.66.in-addr.arpa. 3600 IN     PTR     xxx-xxx-xxx-182.managemyvps.com.

;; AUTHORITY SECTION:
239.11.66.in-addr.arpa. 18930   IN      NS      ns1.managemyvps.com.
239.11.66.in-addr.arpa. 18930   IN      NS      ns2.managemyvps.com.

; <<>> DiG 9.5.0b1 <<>> -x xxx.xxx.xxx..30
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13787
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;30.239.11.66.in-addr.arpa.     IN      PTR

;; ANSWER SECTION:
30.239.11.66.in-addr.arpa. 3600 IN      PTR     xxx-xxx-xxx-30.managemyvps.com.

;; AUTHORITY SECTION:
239.11.66.in-addr.arpa. 16135   IN      NS      ns1.managemyvps.com.
239.11.66.in-addr.arpa. 16135   IN      NS      ns2.managemyvps.com.

;; Query time: 37 msec
;; SERVER: 67.100.88.27#53(67.100.88.27)
;; WHEN: Fri Jan 25 02:50:07 2008
;; MSG SIZE  rcvd: 121

;; Query time: 36 msec
;; SERVER: 67.100.88.27#53(67.100.88.27)
;; WHEN: Fri Jan 25 02:03:33 2008
;; MSG SIZE  rcvd: 123

I need explicit instructions on what I need to do to correct this.

Thanks in advance.
copeaseticAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NopiusCommented:
You can't change reverse PTR records yourself, only ISP can do it.

First of all you should ask support of managemyvps.com ISP to change their PTR records for .182 and .30 to point to secure.ggtai.com and mail.ggtai.com accordingly.
And remove PTR from your DNS.

You have no use of second NS2 server because it has the same IP as NS1, so it's safe to remove it also (I know the requirement to have at least 2 NS for any domain, but once registered you have no use of second NS having the same IP, it only slows down negative name lookup response in case of your NS failure).

SSL certs are bound to the host name, not to IP. And having reverse lookup the same as direct doesn't matter for WEB, but it does for mail server only.

If you have any specific problem with SSL please provide more details.
0
IulianSurgiuCommented:
239.11.66.in-addr.arpa. 18930   IN      NS      ns1.managemyvps.com.
239.11.66.in-addr.arpa. 18930   IN      NS      ns2.managemyvps.com.

Do you have access to those nameservers? If not you can ask your ISP to do it or to delegate the zone of the 2 IPs to your DNS.

0
copeaseticAuthor Commented:
I do not have access to those nameservers and I will submit the request. Would you mind providing more detail as to what exactly I am attempting to accomplish by asking for delegation?

Thank you!
0
IulianSurgiuCommented:
Hi you have two options:

1. Ask your ISP to do RDNS for you by your specs, easiest way
2. Ask your ISP to delegate the  182.239.11.66.in-addr.arpa. and 30.239.11.66.in-addr.arpa. to your DNS, which I doubt they will
0
NopiusCommented:
Not all ISPs provide reverse IP delegation, but most of them can change one or two reverse records by a customer request.

Just submit a request to change these 2 records to point  2 IPs to your mail.ggtai.com. and secure.ggtai.com. domain names.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.