Reverse DNS for Mail Server with failover (so 2 possible Public IP addresses)

I've got a mail server configured to send mail directly (not via ISP mail server).

All is OK and I have set reverse DNS with ISP which works.  So:

Mail server:
Sends via public IP:
Which when checked for reverse DNS returns
which is configured via DNS to IP address

All is fine, but we have recently added a failover router that allows us to use an alternative broadband connection (different ISP) in case of problems.

In that case,  the mail server will send via Public IP:  I have created a new DNS entry for this IP in our DNS as and configured Reverse DNS with this ISP so Public IP: reverts to  However, the mail server is still called

So my question (finally!) - does the reverse DNS test used as a Spam filter by some ISPs & Mail Servers use the Mail Server name in the test at all - or does is simply use the sending IP.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris DentPowerShell DeveloperCommented:

The reverse lookup must match up to the name used by the SMTP service.

You should be able to create a reverse lookup for the new IP pointing to the original server name to satisfy that requirement.

WestcountryBusinessAuthor Commented:
Thanks Chris,

So does the rDNS test not look at the corresponding entry in my domain DNS table?  If so, I can set the rDNS entries with both ISPs so that they both resolve back to  

However, a lookup of the IP address of will (can) only refer to one of the ISP IP addresses.  Just to confirm, you're saying that's not a problem - is that right?

Chris DentPowerShell DeveloperCommented:

The standard reverse check looks at the SMTP service name and connecting IP, then looks up the IP and expects to get the name back.

You may fail the less-used Forward-Confirmed Reverse DNS (FCrDNS) check though. That expects you to have a corresponding A record in your forward lookup zone for the server.

If that creates a problem with mail delivery you should consider separating the inbound and outbound names. Bear in mind that an inbound connection will not verify the SMTP service name at all, that tends to make such separation easier.

For example:  IN MX 10 IN A <IP1> IN A <IP1> IN A <IP2>



Some mail servers (Exchange 2007 / 2010 for example) will let you set different names for inbound and outbound connectors anyway.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
WestcountryBusinessAuthor Commented:
I've no issue with inbound email as, in this case, it actually comes in via POP using fetchmail - so works regardless of the ISP connection being used.

From what you say, it looks like, in case of failover,  I may have a few issues with anyone using the FCrDNS test, but as failure to the main connection should be (hopefully) infrequent, I guess this is a small inconvenience to bear for an otherwise uninterrupted email service.

Thanks for your help
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.