Solved

Reverse DNS lookup

Posted on 2008-06-25
9
419 Views
Last Modified: 2012-05-05
Hi,
    We have installed Exchange 2007 on a new server.All works fine except AOL emails.
They are not able to get our emails but i am able to receive them.
I know to fix it we need to have forward lookup zone which we already have on our  ISP  dns.
Now my question is that do we have to configure our internal dns  to do forward lookup?
If so  then how AOL will be able to do a reverse lookup to my intrnal DNS.

scenario
-----------
External ip :169.25.265.25
Exchange 2007:  192.168.0.6
Internal DNS : 192.168.0.4




   
0
Comment
Question by:WannabeNerd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 6

Assisted Solution

by:powercram
powercram earned 100 total points
ID: 21866285
Your internal IP addresses will NOT be seen outside the firewall, therefore you do not need to provide reverse DNS for them.

The RDNS needs to resolve to the name/address combo of the mail server / public IP of the device (possibly firewall) where the email exits your network and goes onto the public Internet.
0
 
LVL 19

Assisted Solution

by:MrLonandB
MrLonandB earned 100 total points
ID: 21866515
From Internet Explorer on your Exchange Server: www.whatismyip.com...should be the IP that you are sending mail out on. Do you have a Reverse DNS Record (public) for that IP?
0
 

Author Comment

by:WannabeNerd
ID: 21866604
Thx for the reply(powercram)

U made me a bit confused.I do understand that the name/add need to be resolved.But  our email server is in our internal  domain and the edge is DMZ.

So u mean that i have to configure our DNS to do a RDNS for our exchange server.Not our ISP DNS?
=============================================================================
MrLonandB

Thx . I have RDNS record for my ip address.
By the way i have more then one  domain names belonging to same IP.
WIll this make any trouble

======================
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 14

Accepted Solution

by:
Roachy1979 earned 200 total points
ID: 21866788
Reverse DNS checks work by simply checking that a PTR record exists for your mailservers IP in GLOBAL DNS.  They don't check what that entry states, just that it exists.  For example, you could host mail for a few domains on the same Exchange server, but you would only need a single reverse DNS entry.

You can test whether your reverse DNS meets AOL's criteria by checking

http://postmaster.aol.com/tools/rdns.html

More sophisticated tools are now being used by some organisations to prevent spam now though.  SPF records are also worth looking into (although this is outside the context of your question....)
0
 

Author Comment

by:WannabeNerd
ID: 21867070
I tired  this aol tool and my RDNS works but the only  diffrence is that it resolves IP to  domain name which is not used  for email.
But if i am right it should hardly make any diffrence as we have diffrent domains with same ip address.
Even if i try to email with the domain name i get from aol RDNS , it still does not work.
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 21867507
You might be blacklisted by AOL.....?  Thats the other possibility.  While AOL publish SPF records, they don't require them from senders.....

Have you tried to run a manual test?  This can be done by following the instructions here

http://postmaster.info.aol.com/tools/telnet.html

If you have been blacklisted, you can request whitelist status here:

http://postmaster.info.aol.com/tools/whitelist_guides.html

or here

http://postmaster.info.aol.com/contact/
0
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 100 total points
ID: 21867672
First of all, DNS is done by delegation and with authority.

Forward zones delegation starts at the registrar.  The registrar has the nameservers listed for the zone.  When querying those nameservers, they should answer authoritatively.  If those nameservers identify other nameservers not listed at the registrar, those nameservers should also answer authoritatively.

Inverse zone DNS delegation starts with the RIR (ARIN, RIPE, etc).  And again, those nameservers for the inverse zones should answer authoritatively.

IANA shows 169/8 as legacy address space in the ARIN region.  ARIN has no data (that I can find) on that network.  The inverse DNS servers cannot be found without it.  Setting up inverse DNS won't matter until ARIN can provide the nameservers for the block in question.
0
 

Author Comment

by:WannabeNerd
ID: 21873965
Hi,
   I think i got the answer.I have to change the send connectors in Exchange 2007.
This link might be helpfull to all:

http://www.amset.info/exchange/smtp-connector.asp

Cheers
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 21875063
hehe....Sembee's not around anymore and he still gets the points ;)
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
Resolve DNS query failed errors for Exchange
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question