tgreendyk
asked on
Reverse DNS when hosting multiple domains
Hi all,
I've encountered something new for me and could use a little advice.
I recently set up Exchange for a small client and pointed their MX record to their public IP and all works well. However, they have 2 domains and I pointed both MX records to their IP -- they only host e-mail for these 2 domains - web site is elsewhere. So I have mail.abc.com pointing to their IP address and mail.2abc.com pointing to their IP address. Mail comes in fine and I have their default e-mail addresses in Active Directory set up.
However, I started getting bounces because their ISP didn't have a reverse DNS pointer. I contacted their ISP and learned that there can only be 1 reverse DNS pointer per IP address (makes sense, now that I think about it). So right now a reverse DNS lookup of their IP address returns mail.abc.com -- how do I handle the mail.2abc.com record?
Thanks in advance for the replies.
Tom
I've encountered something new for me and could use a little advice.
I recently set up Exchange for a small client and pointed their MX record to their public IP and all works well. However, they have 2 domains and I pointed both MX records to their IP -- they only host e-mail for these 2 domains - web site is elsewhere. So I have mail.abc.com pointing to their IP address and mail.2abc.com pointing to their IP address. Mail comes in fine and I have their default e-mail addresses in Active Directory set up.
However, I started getting bounces because their ISP didn't have a reverse DNS pointer. I contacted their ISP and learned that there can only be 1 reverse DNS pointer per IP address (makes sense, now that I think about it). So right now a reverse DNS lookup of their IP address returns mail.abc.com -- how do I handle the mail.2abc.com record?
Thanks in advance for the replies.
Tom
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yep, it should be fine for both as it'll only send out on that one name.
Chris
hi I know this questions is closed, but out of many possibilities of dealing with reverse DNS for multiple domains hosted on the same box, what is in fact the best practice, any pros and cons would be most useful
Unless you have multiple SMTP Services there is no question of multiple Reverse Lookup Entries. The Reverse Lookup Entry is not specific to the sender domain, only to the FQDN of the SMTP Service.
Chris
thanks a lot Chris, i have seen many ISPs, etc using a third domain with a generic name to tackle this issue, so that the main FQDN used doesn't reflect any one client's domain or your own. But always wondered if there could be a better approach, and i guess the practical answer is no. thanks a lot for your reply anyway.
Mal
Mal
No problem, it's very common to have a single SMTP FQDN sending out for many domains.
Chris
I don't think that this solution answers the real problem here at all. We have this problem too and we have our SMTP server in Exchange configured properly. The problem is that when you have two domains "abc.com" and "2abc.com" and let's say "abc.com" is the main domian, and the DNS entry for the box matches "mail.abc.com" and the reverse IP lookup also matches that "mail.abc.com" then you decide to send a message out as "2abc.com", the domain that it is being sent from doesn't match the domain that you say you are "from" in your reply to etc. Some SPAM filters will see that this is a relay and will automatically block you from doing that. I don't think you can have 2 domains on a reverse IP lookup and/or perhaps that won't work properly all of the time.
The bottom line is for us we have 2 domains, one is our main company, and the 2nd is for our product. We send email for our product from our data center which is not in our company, and then we also do tech support, but have a help desk in our offices, so we also send out email for "2abc.com" on our exchange server, and sometimes we are being blocked because the reverse IP for that machine points to "abc.com" not "2abc.com"
Please help!
The bottom line is for us we have 2 domains, one is our main company, and the 2nd is for our product. We send email for our product from our data center which is not in our company, and then we also do tech support, but have a help desk in our offices, so we also send out email for "2abc.com" on our exchange server, and sometimes we are being blocked because the reverse IP for that machine points to "abc.com" not "2abc.com"
Please help!
> Some SPAM filters will see that this is a relay and will automatically block you from doing that.
No they don't. Or at least if they do they have no business doing it. Having a setup that blocked based on that would utterly kill companies like MessageLabs, Postini and many many others.
> I don't think you can have 2 domains on a reverse IP lookup and/or perhaps that
> won't work properly all of the time.
Yes you can.
The Reverse Lookup check only cares about the advertised name of the SMTP Server. That is treated completely separately from the sender domain. Unless you have multiple SMTP Servers, and therefore multiple IP addresses you cannot maintain separate SMTP Server identities on the server for each domain.
Besides, Exchange cannot filter to different SMTP servers based on the sender address so in your scenario the only way to have more than one SMTP domain is to run separate Exchange organisations (separate AD forests) per domain name.
Are you certain you're being blocked because of reverse lookup failure? And how have you verified your configuration?
Chris
Chris,
Thanks for the response. I wonder why we are getting blocked. We don't have multiple SMTP servers on the same exchange server, but we do have an SMTP server in the data center which handles email from our web sites. We have a support account which sends both from the web site, and then from our CRM system, which uses the exchange SMTP. So the exchange is our main domain, and we only use a handful of the other domain for support and business processes. I'll have to look into what's going on. We're able to send email fine from the data center to certain customers, but the email from the CRM system is being blocked for some reason or another.
Thanks for the response. I wonder why we are getting blocked. We don't have multiple SMTP servers on the same exchange server, but we do have an SMTP server in the data center which handles email from our web sites. We have a support account which sends both from the web site, and then from our CRM system, which uses the exchange SMTP. So the exchange is our main domain, and we only use a handful of the other domain for support and business processes. I'll have to look into what's going on. We're able to send email fine from the data center to certain customers, but the email from the CRM system is being blocked for some reason or another.
ASKER
Will this also now be OK for the second domain as well?