[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 431
  • Last Modified:

Reverse DNS lookup

Hi,
    We have installed Exchange 2007 on a new server.All works fine except AOL emails.
They are not able to get our emails but i am able to receive them.
I know to fix it we need to have forward lookup zone which we already have on our  ISP  dns.
Now my question is that do we have to configure our internal dns  to do forward lookup?
If so  then how AOL will be able to do a reverse lookup to my intrnal DNS.

scenario
-----------
External ip :169.25.265.25
Exchange 2007:  192.168.0.6
Internal DNS : 192.168.0.4




   
0
WannabeNerd
Asked:
WannabeNerd
4 Solutions
 
powercramCommented:
Your internal IP addresses will NOT be seen outside the firewall, therefore you do not need to provide reverse DNS for them.

The RDNS needs to resolve to the name/address combo of the mail server / public IP of the device (possibly firewall) where the email exits your network and goes onto the public Internet.
0
 
MrLonandBCommented:
From Internet Explorer on your Exchange Server: www.whatismyip.com...should be the IP that you are sending mail out on. Do you have a Reverse DNS Record (public) for that IP?
0
 
WannabeNerdAuthor Commented:
Thx for the reply(powercram)

U made me a bit confused.I do understand that the name/add need to be resolved.But  our email server is in our internal  domain and the edge is DMZ.

So u mean that i have to configure our DNS to do a RDNS for our exchange server.Not our ISP DNS?
=============================================================================
MrLonandB

Thx . I have RDNS record for my ip address.
By the way i have more then one  domain names belonging to same IP.
WIll this make any trouble

======================
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
Roachy1979Commented:
Reverse DNS checks work by simply checking that a PTR record exists for your mailservers IP in GLOBAL DNS.  They don't check what that entry states, just that it exists.  For example, you could host mail for a few domains on the same Exchange server, but you would only need a single reverse DNS entry.

You can test whether your reverse DNS meets AOL's criteria by checking

http://postmaster.aol.com/tools/rdns.html

More sophisticated tools are now being used by some organisations to prevent spam now though.  SPF records are also worth looking into (although this is outside the context of your question....)
0
 
WannabeNerdAuthor Commented:
I tired  this aol tool and my RDNS works but the only  diffrence is that it resolves IP to  domain name which is not used  for email.
But if i am right it should hardly make any diffrence as we have diffrent domains with same ip address.
Even if i try to email with the domain name i get from aol RDNS , it still does not work.
0
 
Roachy1979Commented:
You might be blacklisted by AOL.....?  Thats the other possibility.  While AOL publish SPF records, they don't require them from senders.....

Have you tried to run a manual test?  This can be done by following the instructions here

http://postmaster.info.aol.com/tools/telnet.html

If you have been blacklisted, you can request whitelist status here:

http://postmaster.info.aol.com/tools/whitelist_guides.html

or here

http://postmaster.info.aol.com/contact/
0
 
Jan SpringerCommented:
First of all, DNS is done by delegation and with authority.

Forward zones delegation starts at the registrar.  The registrar has the nameservers listed for the zone.  When querying those nameservers, they should answer authoritatively.  If those nameservers identify other nameservers not listed at the registrar, those nameservers should also answer authoritatively.

Inverse zone DNS delegation starts with the RIR (ARIN, RIPE, etc).  And again, those nameservers for the inverse zones should answer authoritatively.

IANA shows 169/8 as legacy address space in the ARIN region.  ARIN has no data (that I can find) on that network.  The inverse DNS servers cannot be found without it.  Setting up inverse DNS won't matter until ARIN can provide the nameservers for the block in question.
0
 
WannabeNerdAuthor Commented:
Hi,
   I think i got the answer.I have to change the send connectors in Exchange 2007.
This link might be helpfull to all:

http://www.amset.info/exchange/smtp-connector.asp

Cheers
0
 
Roachy1979Commented:
hehe....Sembee's not around anymore and he still gets the points ;)
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now