Exchange Reverse DNS problem

HI Gurus,

       I added a PTR record in Godaddy, but my mail still get reject by certain domain like Rutgers, the error is:
goshen3.rutgers.edu #550 5.7.1 Client host rejected: cannot find your hostname [1.2.3.4]

     When i try the spf-test@openspf.org, i get the following info:
mailout02.controlledmail.com #550 5.7.1 <spf-test@openspf.org>: Recipient address rejected: SPF Tests: Mail-From Result="pass": Mail From="jason@domain.com" HELO name="mail.domain.com" HELO Result="pass" Remote IP="1.2.3.4" ##


    Here is my PTR record on DNS:

  v=spf1 a mx ptr mx:mail.domain.com ip4:1.2.3.4 -all

Is there anything wrong with my DNS record? It drives me crzay.....

Thanks!
blurmylifeAsked:
Who is Participating?
 
Alan HardistyConnect With a Mentor Co-OwnerCommented:
Please have a read of my FAQ article about problems sending mail to specific domains:
http://www.it-eye.co.uk/faqs/readQuestion.php?qid=2
Sounds like your either behind a Cisco firewall with SMTP Fixup enabled or you don't have your mail server name setup properly.
If you are behind a Cisco firewall with SMTP Fixup enabled, please disable it and reboot the firewall as this causes more problems than it fixes.
0
 
leakim971PluritechnicianCommented:
hello blurmylife,

If you recently changed this records (spf, mx, dns, ip, ...) you should wait one day or two for TOTAL propagation around Internet.

Regards.
0
 
GiladnCommented:
are you able to resolved via ip? if you don't have a revers dns record there are some servers
that do a reverse dns test at gateway.
call your isp and asp for PTR for your ip --> mail.domain.com
what I see is that you have just the mx record.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
ollfriedCommented:
The line ypou show is SPF, not PTR.
PTR is for resolving youjr public IP to a name, that record has to be set by your ISP and should match the HELO message your border mail server sends out, e.g. mail.yourdomain.com.
0
 
blurmylifeAuthor Commented:
Here is the configuration in my cisco firewall:
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
no fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69

Here is what i got from the test
Record: v=spf1 a mx ptr mx:mail.domain.com ip4:1.2.3.4 -all
Prefix Type Value Prefix Desc Description
+ a                                          Pass           Match if IP has a DNS 'A' record in given domain
+ mx                                       Pass           Match if IP is one of the MX hosts for given domain name
+ ptr                                       Pass           Match if IP has a DNS 'PTR' record within given domain
+ mx   mail.avepoint.com        Pass           Match if IP is one of the MX hosts for given domain name
+ ip4 65.211.80.6                   Pass            Match if IP is in the given range
- all                                          Fail             Always matches. It goes at the end of your record.  

 
0
 
Alan HardistyCo-OwnerCommented:
Please check your domain on http://www.mxtoolbox.com/diagnostic.aspx as per my FAQ.
Do you get a valid response for Reverse DNS?
0
 
Alan HardistyCo-OwnerCommented:
Does your SMTP Banner match your Reverse DNS name?
0
 
ollfriedCommented:
Again: You problem has nothing to to with your local setup or your firewall. It's a missing PTR-record that can be set by/at your ISP.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.