[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Reverse DNS lookup

Posted on 2008-06-25
9
Medium Priority
?
426 Views
Last Modified: 2012-05-05
Hi,
    We have installed Exchange 2007 on a new server.All works fine except AOL emails.
They are not able to get our emails but i am able to receive them.
I know to fix it we need to have forward lookup zone which we already have on our  ISP  dns.
Now my question is that do we have to configure our internal dns  to do forward lookup?
If so  then how AOL will be able to do a reverse lookup to my intrnal DNS.

scenario
-----------
External ip :169.25.265.25
Exchange 2007:  192.168.0.6
Internal DNS : 192.168.0.4




   
0
Comment
Question by:WannabeNerd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 7

Assisted Solution

by:powercram
powercram earned 300 total points
ID: 21866285
Your internal IP addresses will NOT be seen outside the firewall, therefore you do not need to provide reverse DNS for them.

The RDNS needs to resolve to the name/address combo of the mail server / public IP of the device (possibly firewall) where the email exits your network and goes onto the public Internet.
0
 
LVL 19

Assisted Solution

by:MrLonandB
MrLonandB earned 300 total points
ID: 21866515
From Internet Explorer on your Exchange Server: www.whatismyip.com...should be the IP that you are sending mail out on. Do you have a Reverse DNS Record (public) for that IP?
0
 

Author Comment

by:WannabeNerd
ID: 21866604
Thx for the reply(powercram)

U made me a bit confused.I do understand that the name/add need to be resolved.But  our email server is in our internal  domain and the edge is DMZ.

So u mean that i have to configure our DNS to do a RDNS for our exchange server.Not our ISP DNS?
=============================================================================
MrLonandB

Thx . I have RDNS record for my ip address.
By the way i have more then one  domain names belonging to same IP.
WIll this make any trouble

======================
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 14

Accepted Solution

by:
Roachy1979 earned 600 total points
ID: 21866788
Reverse DNS checks work by simply checking that a PTR record exists for your mailservers IP in GLOBAL DNS.  They don't check what that entry states, just that it exists.  For example, you could host mail for a few domains on the same Exchange server, but you would only need a single reverse DNS entry.

You can test whether your reverse DNS meets AOL's criteria by checking

http://postmaster.aol.com/tools/rdns.html

More sophisticated tools are now being used by some organisations to prevent spam now though.  SPF records are also worth looking into (although this is outside the context of your question....)
0
 

Author Comment

by:WannabeNerd
ID: 21867070
I tired  this aol tool and my RDNS works but the only  diffrence is that it resolves IP to  domain name which is not used  for email.
But if i am right it should hardly make any diffrence as we have diffrent domains with same ip address.
Even if i try to email with the domain name i get from aol RDNS , it still does not work.
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 21867507
You might be blacklisted by AOL.....?  Thats the other possibility.  While AOL publish SPF records, they don't require them from senders.....

Have you tried to run a manual test?  This can be done by following the instructions here

http://postmaster.info.aol.com/tools/telnet.html

If you have been blacklisted, you can request whitelist status here:

http://postmaster.info.aol.com/tools/whitelist_guides.html

or here

http://postmaster.info.aol.com/contact/
0
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 300 total points
ID: 21867672
First of all, DNS is done by delegation and with authority.

Forward zones delegation starts at the registrar.  The registrar has the nameservers listed for the zone.  When querying those nameservers, they should answer authoritatively.  If those nameservers identify other nameservers not listed at the registrar, those nameservers should also answer authoritatively.

Inverse zone DNS delegation starts with the RIR (ARIN, RIPE, etc).  And again, those nameservers for the inverse zones should answer authoritatively.

IANA shows 169/8 as legacy address space in the ARIN region.  ARIN has no data (that I can find) on that network.  The inverse DNS servers cannot be found without it.  Setting up inverse DNS won't matter until ARIN can provide the nameservers for the block in question.
0
 

Author Comment

by:WannabeNerd
ID: 21873965
Hi,
   I think i got the answer.I have to change the send connectors in Exchange 2007.
This link might be helpfull to all:

http://www.amset.info/exchange/smtp-connector.asp

Cheers
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 21875063
hehe....Sembee's not around anymore and he still gets the points ;)
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question