Reverse DNS when hosting multiple domains

Hi all,

I've encountered something new for me and could use a little advice.

I recently set up Exchange for a small client and pointed their MX record to their public IP and all works well. However, they have 2 domains and I pointed both MX records to their IP -- they only host e-mail for these 2 domains - web site is elsewhere. So I have mail.abc.com pointing to their IP address and mail.2abc.com pointing to their IP address. Mail comes in fine and I have their default e-mail addresses in Active Directory set up.

However, I started getting bounces because their ISP didn't have a reverse DNS pointer. I contacted their ISP and learned that there can only be 1 reverse DNS pointer per IP address (makes sense, now that I think about it). So right now a reverse DNS lookup of their IP address returns mail.abc.com -- how do I handle the mail.2abc.com record?

Thanks in advance for the replies.

Tom
LVL 1
tgreendykAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:

Hi Tom,

The Reverse DNS Entry is used when your server is sending mail out. As your server can only send out on one name the requirement for multiple names doesn't enter into it (as that's only used for mail receipt).

For Exchange you can configure the name it uses in it's SMTP banner by opening Exchange System Manager, then expanding:

Administrative Groups
Your Administrative Group
Servers
Your Server
Protocols
SMTP

Open the Properties for the Virtual SMTP Server, select Delivery then Advanced. The Fully-Qualified Domain Name for the server can be configured here and should match the entry used for the Reverse Lookup Record.

HTH

Chris
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
tgreendykAuthor Commented:
Perfect...for some reason the FQDN was something very different.

Will this also now be OK for the second domain as well?
0
Chris DentPowerShell DeveloperCommented:

Yep, it should be fine for both as it'll only send out on that one name.

Chris
0
Redefining Cyber Security w/ AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Join our webinar on Sept. 21st to learn more about leveraging AI and machine learning to protect your business.

malbotejuCommented:
hi I know this questions is closed, but out of many possibilities of dealing with reverse DNS for multiple domains hosted on the same box, what is in fact the best practice, any pros and cons would be most useful
0
Chris DentPowerShell DeveloperCommented:

Unless you have multiple SMTP Services there is no question of multiple Reverse Lookup Entries. The Reverse Lookup Entry is not specific to the sender domain, only to the FQDN of the SMTP Service.

Chris
0
malbotejuCommented:
thanks a lot Chris, i have seen many ISPs, etc using a third domain with a generic name to tackle this issue, so that the main FQDN used doesn't reflect any one client's domain or your own. But always wondered if there could be a better approach, and i guess the practical answer is no. thanks a lot for your reply anyway.

Mal
0
Chris DentPowerShell DeveloperCommented:

No problem, it's very common to have a single SMTP FQDN sending out for many domains.

Chris
0
MetafuseCommented:
I don't think that this solution answers the real problem here at all.   We have this problem too and we have our SMTP server in Exchange configured properly.   The problem is that when you have two domains "abc.com" and "2abc.com" and let's say "abc.com" is the main domian, and the DNS entry for the box matches "mail.abc.com" and the reverse IP lookup also matches that "mail.abc.com" then you decide to send a message out as "2abc.com", the domain that it is being sent from doesn't match the domain that you say you are "from" in your reply to etc.    Some SPAM filters will see that this is a relay and will automatically block you from doing that.   I don't think you can have 2 domains on a reverse IP lookup and/or perhaps that won't work properly all of the time.

The bottom line is for us we have 2 domains, one is our main company, and the 2nd is for our product.  We send email for our product from our data center which is not in our company, and then we also do tech support, but have a help desk in our offices, so we also send out email for "2abc.com" on our exchange server, and sometimes we are being blocked because the reverse IP for that machine points to "abc.com" not "2abc.com"

Please help!
0
Chris DentPowerShell DeveloperCommented:

> Some SPAM filters will see that this is a relay and will automatically block you from doing that.  

No they don't. Or at least if they do they have no business doing it. Having a setup that blocked based on that would utterly kill companies like MessageLabs, Postini and many many others.

> I don't think you can have 2 domains on a reverse IP lookup and/or perhaps that
> won't work properly all of the time.

Yes you can.

The Reverse Lookup check only cares about the advertised name of the SMTP Server. That is treated completely separately from the sender domain. Unless you have multiple SMTP Servers, and therefore multiple IP addresses you cannot maintain separate SMTP Server identities on the server for each domain.

Besides, Exchange cannot filter to different SMTP servers based on the sender address so in your scenario the only way to have more than one SMTP domain is to run separate Exchange organisations (separate AD forests) per domain name.

Are you certain you're being blocked because of reverse lookup failure? And how have you verified your configuration?

Chris
0
MetafuseCommented:
Chris,

Thanks for the response.   I wonder why we are getting blocked.   We don't have multiple SMTP servers on the same exchange server, but we do have an SMTP server in the data center which handles email from our web sites.   We have a support account which sends both from the web site, and then from our CRM system, which uses the exchange SMTP.   So the exchange is our main domain, and we only use a handful of the other domain for support and business processes.  I'll have to look into what's going on.   We're able to send email fine from the data center to certain customers, but the email from the CRM system is being blocked for some reason or another.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.