?
Solved

Reverse DNS when hosting multiple domains

Posted on 2008-02-06
10
Medium Priority
?
6,367 Views
Last Modified: 2012-08-13
Hi all,

I've encountered something new for me and could use a little advice.

I recently set up Exchange for a small client and pointed their MX record to their public IP and all works well. However, they have 2 domains and I pointed both MX records to their IP -- they only host e-mail for these 2 domains - web site is elsewhere. So I have mail.abc.com pointing to their IP address and mail.2abc.com pointing to their IP address. Mail comes in fine and I have their default e-mail addresses in Active Directory set up.

However, I started getting bounces because their ISP didn't have a reverse DNS pointer. I contacted their ISP and learned that there can only be 1 reverse DNS pointer per IP address (makes sense, now that I think about it). So right now a reverse DNS lookup of their IP address returns mail.abc.com -- how do I handle the mail.2abc.com record?

Thanks in advance for the replies.

Tom
0
Comment
Question by:tgreendyk
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1000 total points
ID: 20831908

Hi Tom,

The Reverse DNS Entry is used when your server is sending mail out. As your server can only send out on one name the requirement for multiple names doesn't enter into it (as that's only used for mail receipt).

For Exchange you can configure the name it uses in it's SMTP banner by opening Exchange System Manager, then expanding:

Administrative Groups
Your Administrative Group
Servers
Your Server
Protocols
SMTP

Open the Properties for the Virtual SMTP Server, select Delivery then Advanced. The Fully-Qualified Domain Name for the server can be configured here and should match the entry used for the Reverse Lookup Record.

HTH

Chris
0
 
LVL 1

Author Closing Comment

by:tgreendyk
ID: 31428466
Perfect...for some reason the FQDN was something very different.

Will this also now be OK for the second domain as well?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 20836273

Yep, it should be fine for both as it'll only send out on that one name.

Chris
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 

Expert Comment

by:malboteju
ID: 22059096
hi I know this questions is closed, but out of many possibilities of dealing with reverse DNS for multiple domains hosted on the same box, what is in fact the best practice, any pros and cons would be most useful
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22059749

Unless you have multiple SMTP Services there is no question of multiple Reverse Lookup Entries. The Reverse Lookup Entry is not specific to the sender domain, only to the FQDN of the SMTP Service.

Chris
0
 

Expert Comment

by:malboteju
ID: 22062398
thanks a lot Chris, i have seen many ISPs, etc using a third domain with a generic name to tackle this issue, so that the main FQDN used doesn't reflect any one client's domain or your own. But always wondered if there could be a better approach, and i guess the practical answer is no. thanks a lot for your reply anyway.

Mal
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 22063933

No problem, it's very common to have a single SMTP FQDN sending out for many domains.

Chris
0
 

Expert Comment

by:Metafuse
ID: 23638487
I don't think that this solution answers the real problem here at all.   We have this problem too and we have our SMTP server in Exchange configured properly.   The problem is that when you have two domains "abc.com" and "2abc.com" and let's say "abc.com" is the main domian, and the DNS entry for the box matches "mail.abc.com" and the reverse IP lookup also matches that "mail.abc.com" then you decide to send a message out as "2abc.com", the domain that it is being sent from doesn't match the domain that you say you are "from" in your reply to etc.    Some SPAM filters will see that this is a relay and will automatically block you from doing that.   I don't think you can have 2 domains on a reverse IP lookup and/or perhaps that won't work properly all of the time.

The bottom line is for us we have 2 domains, one is our main company, and the 2nd is for our product.  We send email for our product from our data center which is not in our company, and then we also do tech support, but have a help desk in our offices, so we also send out email for "2abc.com" on our exchange server, and sometimes we are being blocked because the reverse IP for that machine points to "abc.com" not "2abc.com"

Please help!
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 23640266

> Some SPAM filters will see that this is a relay and will automatically block you from doing that.  

No they don't. Or at least if they do they have no business doing it. Having a setup that blocked based on that would utterly kill companies like MessageLabs, Postini and many many others.

> I don't think you can have 2 domains on a reverse IP lookup and/or perhaps that
> won't work properly all of the time.

Yes you can.

The Reverse Lookup check only cares about the advertised name of the SMTP Server. That is treated completely separately from the sender domain. Unless you have multiple SMTP Servers, and therefore multiple IP addresses you cannot maintain separate SMTP Server identities on the server for each domain.

Besides, Exchange cannot filter to different SMTP servers based on the sender address so in your scenario the only way to have more than one SMTP domain is to run separate Exchange organisations (separate AD forests) per domain name.

Are you certain you're being blocked because of reverse lookup failure? And how have you verified your configuration?

Chris
0
 

Expert Comment

by:Metafuse
ID: 23642522
Chris,

Thanks for the response.   I wonder why we are getting blocked.   We don't have multiple SMTP servers on the same exchange server, but we do have an SMTP server in the data center which handles email from our web sites.   We have a support account which sends both from the web site, and then from our CRM system, which uses the exchange SMTP.   So the exchange is our main domain, and we only use a handful of the other domain for support and business processes.  I'll have to look into what's going on.   We're able to send email fine from the data center to certain customers, but the email from the CRM system is being blocked for some reason or another.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
If you try to migrate from Elastix to Issabel, you will face a lot of issues. These problems are inevitable but fortunately, you can fix them. In the guide below, I will explain how I performed the migration while keeping all data and successfully t…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question