Solved

Reverse DNS lookup

Posted on 2008-06-25
9
412 Views
Last Modified: 2012-05-05
Hi,
    We have installed Exchange 2007 on a new server.All works fine except AOL emails.
They are not able to get our emails but i am able to receive them.
I know to fix it we need to have forward lookup zone which we already have on our  ISP  dns.
Now my question is that do we have to configure our internal dns  to do forward lookup?
If so  then how AOL will be able to do a reverse lookup to my intrnal DNS.

scenario
-----------
External ip :169.25.265.25
Exchange 2007:  192.168.0.6
Internal DNS : 192.168.0.4




   
0
Comment
Question by:WannabeNerd
9 Comments
 
LVL 6

Assisted Solution

by:powercram
powercram earned 100 total points
ID: 21866285
Your internal IP addresses will NOT be seen outside the firewall, therefore you do not need to provide reverse DNS for them.

The RDNS needs to resolve to the name/address combo of the mail server / public IP of the device (possibly firewall) where the email exits your network and goes onto the public Internet.
0
 
LVL 19

Assisted Solution

by:MrLonandB
MrLonandB earned 100 total points
ID: 21866515
From Internet Explorer on your Exchange Server: www.whatismyip.com...should be the IP that you are sending mail out on. Do you have a Reverse DNS Record (public) for that IP?
0
 

Author Comment

by:WannabeNerd
ID: 21866604
Thx for the reply(powercram)

U made me a bit confused.I do understand that the name/add need to be resolved.But  our email server is in our internal  domain and the edge is DMZ.

So u mean that i have to configure our DNS to do a RDNS for our exchange server.Not our ISP DNS?
=============================================================================
MrLonandB

Thx . I have RDNS record for my ip address.
By the way i have more then one  domain names belonging to same IP.
WIll this make any trouble

======================
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 14

Accepted Solution

by:
Roachy1979 earned 200 total points
ID: 21866788
Reverse DNS checks work by simply checking that a PTR record exists for your mailservers IP in GLOBAL DNS.  They don't check what that entry states, just that it exists.  For example, you could host mail for a few domains on the same Exchange server, but you would only need a single reverse DNS entry.

You can test whether your reverse DNS meets AOL's criteria by checking

http://postmaster.aol.com/tools/rdns.html

More sophisticated tools are now being used by some organisations to prevent spam now though.  SPF records are also worth looking into (although this is outside the context of your question....)
0
 

Author Comment

by:WannabeNerd
ID: 21867070
I tired  this aol tool and my RDNS works but the only  diffrence is that it resolves IP to  domain name which is not used  for email.
But if i am right it should hardly make any diffrence as we have diffrent domains with same ip address.
Even if i try to email with the domain name i get from aol RDNS , it still does not work.
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 21867507
You might be blacklisted by AOL.....?  Thats the other possibility.  While AOL publish SPF records, they don't require them from senders.....

Have you tried to run a manual test?  This can be done by following the instructions here

http://postmaster.info.aol.com/tools/telnet.html

If you have been blacklisted, you can request whitelist status here:

http://postmaster.info.aol.com/tools/whitelist_guides.html

or here

http://postmaster.info.aol.com/contact/
0
 
LVL 28

Assisted Solution

by:Jan Springer
Jan Springer earned 100 total points
ID: 21867672
First of all, DNS is done by delegation and with authority.

Forward zones delegation starts at the registrar.  The registrar has the nameservers listed for the zone.  When querying those nameservers, they should answer authoritatively.  If those nameservers identify other nameservers not listed at the registrar, those nameservers should also answer authoritatively.

Inverse zone DNS delegation starts with the RIR (ARIN, RIPE, etc).  And again, those nameservers for the inverse zones should answer authoritatively.

IANA shows 169/8 as legacy address space in the ARIN region.  ARIN has no data (that I can find) on that network.  The inverse DNS servers cannot be found without it.  Setting up inverse DNS won't matter until ARIN can provide the nameservers for the block in question.
0
 

Author Comment

by:WannabeNerd
ID: 21873965
Hi,
   I think i got the answer.I have to change the send connectors in Exchange 2007.
This link might be helpfull to all:

http://www.amset.info/exchange/smtp-connector.asp

Cheers
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 21875063
hehe....Sembee's not around anymore and he still gets the points ;)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question