Solved

Email Rejections due to Invalid Reverse PTR Record

Posted on 2009-03-31
5
1,651 Views
Last Modified: 2013-11-30
We just purchased a Barracuda SPAM Filter to replace our old eSOFT Spam Filter appliance.  The SPAM Filter inspects messages and forwards them to our internal Exchange Server.  The SPAM FIlter sites on our LAN along with our Exchange Server, and both sit behind our Corporate Firewall.

Needless to say, every since I switched to the Barracuda, our email's are getting rejected by some Domains. For example, we can't send to "Comcast.net".  In our SMTP log on our Exchange server, I see an error regarding an invalid Reverse PTR record.   Our ISP hosts our DNS for our mail server, and I had them switch the hostname to resolve to the hostname of our Barracuda SPAM filter.  However, I still can't sent to comcast.  The emails are sitting in our Exchange server queue for up to 24 hours, and eventually we receive an NDR.  

Finally, according to some of the free DNS online tools, my MX record seems to resolve properly.  Any suggestions?
0
Comment
Question by:elecdave
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 12

Accepted Solution

by:
Steve earned 250 total points
ID: 24036247
You need to get your ISP to check the 'in-arpa' addresses for you.. you'll find that even though they've changed your DNS to resolve correctly.. the reverse DNS is still setup to the wrong name.. once they change that and restart their DNS it'll be fine..

0
 

Author Comment

by:elecdave
ID: 24037466
PsychoFelix,

Thanks for your quick response.  Meanwhile, I'll contact our ISP this morning, but their's one other piece to this puzzle.  When I implemented the Barracuda, our internal Private IP Addressing scheme changes.  We went from a 169.254.92.0 to a 192.168.1.0  for our LAN.   Our internal DNS servers are are only servicing our AD domain, and they are acting as DNS forwarders for all external resolution.  You don't think that our internal DNS servers have anything to do with this issue, do you?  
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 250 total points
ID: 24039500
Internal DNS would have nothing to do with this. It is purely down to how your server is seen by the internet. PTR records and preferably how the appliance announces itself, the SMTP banner or EHLO/HELO banner.

Simon.
0
 

Author Comment

by:elecdave
ID: 24060999
I found my solution.  The issue was related to our Cisco ASA.  For some reason, the ASA NAT policies were not functional any longer.  We had seperate NAT policies for SMTP, POP and HTTS. For some reason STMP was redirecting out of hte default interface for packets that weren't specific to the NAT policies. Needless to say, we resolved the issue on our ASA and all is well.  Thanks again for your help.
0
 

Author Closing Comment

by:elecdave
ID: 31565173
Thanks again for all your help.  Since neither issue was correct, I split the points between the two experts who replied.  If I could, I'd give you both a million points just for your quick responses!!!
0

Featured Post

Major Incident Management Communications

Major incidents and IT service outages cost companies millions. Often the solution to minimizing damage is automated communication. Find out more in our Major Incident Management Communications infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is Usenet? There are many different opinions on exactly what Usenet is an isn't. Many opinions are incorrect simply out of ignorance. The Wikipedia listing about Usenet does a good job of explaining it, so instead of repeating it all here I wi…
There was an incident about the POP3 issue for the double read receipts and delivery receipts in Exchange 2013.  There was huge research been done and found solution for the duplicate mails. Especially when the user gets  duplicate mails.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question