[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

need a step by step on how to setup Reverse DNS for Exchange mail server.

Posted on 2009-02-23
8
Medium Priority
?
1,391 Views
Last Modified: 2012-05-06
for years our mail server has been using a smart host to relay all outgoing comapny emails. However, due to some changes we will no longer be using the smart hosts. So we need to figure out how to setup the DNS and Reverse DNS so that when our server starts to send emails directly other email domains won't block us after doing a reverse lookup .

I'm very confused about how the revese dns lookups work and who we would have to contact to make this happen. We have Comcast business for our ISP and we have windows 2003 small business server.


thanks in advance
0
Comment
Question by:sfadmin
8 Comments
 
LVL 32

Expert Comment

by:gupnit
ID: 23717986
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 23719498

Hey,

1. Host (A) record

The record must be created in your public DNS service and it should point to the public IP address your mail server will use for sending mail.

For example, any of these is perfectly adequate:

mail.yourdomain.com.   IN A   1.2.3.4
smtp.yourdomain.com.   IN A   1.2.3.4

2. Pointer (PTR) record

The reverse lookup zone maps IP Addresses back to names using Pointer (PTR) records. This forms the basis of a simple test to see if your SMTP server looks official rather than a virus / malware ridden machine sending spam.

If your server is sending out mail to hosts on the internet (that is, not relaying through a third-party service) you must configure a PTR record for your server. If you do not you will find mail sent from your server is rejected by certain recipients.

Addition of the PTR record must, in general, be requested via your ISP; those responsible for providing the internet connection your mail server uses. The exception to this is where responsibility for the Reverse Lookup Zone has been delegated to you.

The PTR record for mail.yourdomain.com running on the public IP 1.2.3.4 would look like this:

4.3.2.1.in-addr.arpa.   IN PTR   mail.yourdomain.com.

Many ISPs will understand a request for a Reverse Lookup Record for 1.2.3.4 to mail.yourdomain.com. That is, you do not necessarily need to know the syntax above.

3. SMTP service name

If the server is sending out mail it must use a public name. Failure to do so will result in rejected mail because of the simple tests above.

The name used should have a Host (A) record and a Pointer (PTR) record configured.

For Exchange 2007 the name is set in the Properties for the Send Connector. It is possible to set the name for the Receive Connector as well however this will have no impact on mail delivery. It can be considered good practice to set a public name on the Receive Connector for the sake of consistency.

For Exchange 2003 the name is set in the Properties for the Virtual SMTP Server (Delivery, Advanced, Server FQDN).

4. (Optional) Sender Policy Framework (SPF / TXT) record

The Sender Policy Framework allows you to state explicitly which servers can send mail as your domain name.

While this is not universally used it will help reduce abuse of your domain name by third-parties and also reduce the number of non-delivery reports returned to your system for mail you didn't send in the first place.

Wizards exist for this record here:

http://www.openspf.org/
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

The record would be added as a TXT record to your public domain. It is only checked by systems receiving mail from you.

HTH

Chris
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
ID: 23721503
Normally, you ask your ISP to do it for you.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:sfadmin
ID: 23748336
when I asked our ISP for reverse dns they said they don't do that. We have comcast business

0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 23750678

If they host your internet connection they do, the difficulty is you have to get past first line support sometimes which can be painful.

There is a chance, a marginal one, that they won't do it at all, I'd be surprised to find an ISP that refuses these days. If they absolutely refuse you will have to relay main through another mail server (probably one of theirs).

Chris
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 23750775

Everything I've found about Comcast business indicates that they do set PTR / Reverse Lookup records for clients.

I'm afraid I couldn't find any articles from Comcast themselves to support that, some ISPs have rather more of a knowledge-base publicly available.

I do suggest you give them another try. It wouldn't be the first time I've had someone ring once, get a "eh? no. go away" type response, then ring again and get the help that was needed from a better employee.

Chris
0
 
LVL 1

Author Comment

by:sfadmin
ID: 23750812
Thanks Chris, will try Comcast again, see what they say ,and followup with you guys tomorrow.
0
 
LVL 1

Author Closing Comment

by:sfadmin
ID: 31550410
Thank You
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With so many activities to perform, Exchange administrators are always busy in organizations. If everything, including Exchange Servers, Outlook clients, and Office 365 accounts work without any issues, they can sit and relax. But unfortunately, it…
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question