Solved

Email Rejections due to Invalid Reverse PTR Record

Posted on 2009-03-31
5
1,633 Views
Last Modified: 2013-11-30
We just purchased a Barracuda SPAM Filter to replace our old eSOFT Spam Filter appliance.  The SPAM Filter inspects messages and forwards them to our internal Exchange Server.  The SPAM FIlter sites on our LAN along with our Exchange Server, and both sit behind our Corporate Firewall.

Needless to say, every since I switched to the Barracuda, our email's are getting rejected by some Domains. For example, we can't send to "Comcast.net".  In our SMTP log on our Exchange server, I see an error regarding an invalid Reverse PTR record.   Our ISP hosts our DNS for our mail server, and I had them switch the hostname to resolve to the hostname of our Barracuda SPAM filter.  However, I still can't sent to comcast.  The emails are sitting in our Exchange server queue for up to 24 hours, and eventually we receive an NDR.  

Finally, according to some of the free DNS online tools, my MX record seems to resolve properly.  Any suggestions?
0
Comment
Question by:elecdave
  • 3
5 Comments
 
LVL 12

Accepted Solution

by:
Steve earned 250 total points
ID: 24036247
You need to get your ISP to check the 'in-arpa' addresses for you.. you'll find that even though they've changed your DNS to resolve correctly.. the reverse DNS is still setup to the wrong name.. once they change that and restart their DNS it'll be fine..

0
 

Author Comment

by:elecdave
ID: 24037466
PsychoFelix,

Thanks for your quick response.  Meanwhile, I'll contact our ISP this morning, but their's one other piece to this puzzle.  When I implemented the Barracuda, our internal Private IP Addressing scheme changes.  We went from a 169.254.92.0 to a 192.168.1.0  for our LAN.   Our internal DNS servers are are only servicing our AD domain, and they are acting as DNS forwarders for all external resolution.  You don't think that our internal DNS servers have anything to do with this issue, do you?  
0
 
LVL 65

Assisted Solution

by:Mestha
Mestha earned 250 total points
ID: 24039500
Internal DNS would have nothing to do with this. It is purely down to how your server is seen by the internet. PTR records and preferably how the appliance announces itself, the SMTP banner or EHLO/HELO banner.

Simon.
0
 

Author Comment

by:elecdave
ID: 24060999
I found my solution.  The issue was related to our Cisco ASA.  For some reason, the ASA NAT policies were not functional any longer.  We had seperate NAT policies for SMTP, POP and HTTS. For some reason STMP was redirecting out of hte default interface for packets that weren't specific to the NAT policies. Needless to say, we resolved the issue on our ASA and all is well.  Thanks again for your help.
0
 

Author Closing Comment

by:elecdave
ID: 31565173
Thanks again for all your help.  Since neither issue was correct, I split the points between the two experts who replied.  If I could, I'd give you both a million points just for your quick responses!!!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is Usenet? There are many different opinions on exactly what Usenet is an isn't. Many opinions are incorrect simply out of ignorance. The Wikipedia listing about Usenet does a good job of explaining it, so instead of repeating it all here I wi…
There was an incident about the POP3 issue for the double read receipts and delivery receipts in Exchange 2013.  There was huge research been done and found solution for the duplicate mails. Especially when the user gets  duplicate mails.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question