Methodman85
asked on
Reverse DNS does not match SMTP Banner
Hello Everyone,
I'm getting this error on MX Toolbox.
I'm wondering what the problem is.
Currently we have:
Mail.domain.com
webmail.domain.com
servername.domain.com
All pointed to the same IP
We also have PTR records to reflect the forward records. So that one IP points to all of those names, in the reverse lookup zone.
I'm getting this error on MX Toolbox.
I'm wondering what the problem is.
Currently we have:
Mail.domain.com
webmail.domain.com
servername.domain.com
All pointed to the same IP
We also have PTR records to reflect the forward records. So that one IP points to all of those names, in the reverse lookup zone.
Do you own the IP address for your domain? Where is the MX record pointing to?
Is this exchange 2003 or 2007?
In Exchange 2003, open ESM and go to:
Organization > Servers > Exchange Servername > Protocols > SMTP > Properties of Default SMTP Virtual Server > Delivery Tab > Advanced
Check the Fully-qualified domain name: entry and verify it matches one of the records which you have listed above.
I'll post the exchange 2007 instructions next.
In Exchange 2003, open ESM and go to:
Organization > Servers > Exchange Servername > Protocols > SMTP > Properties of Default SMTP Virtual Server > Delivery Tab > Advanced
Check the Fully-qualified domain name: entry and verify it matches one of the records which you have listed above.
I'll post the exchange 2007 instructions next.
ASKER
Yes we own the IP
MX Test
10 mail.domain.com 38.125.103.120 5 min SMTP Test Blacklist Check
PTR Test
PTR 38.125.103.120 neptune2.domain.com 5 min
PTR 38.125.103.120 mail.domain.com 5 min
PTR 38.125.103.120 webmail.domain.com 5 min
PTR 38.125.103.120 pop3.domain.com 5 min
PTR 38.125.103.120 smtp.domain.com 5 min
reverse lookup smtp diag port scan blacklist
MX Test
10 mail.domain.com 38.125.103.120 5 min SMTP Test Blacklist Check
PTR Test
PTR 38.125.103.120 neptune2.domain.com 5 min
PTR 38.125.103.120 mail.domain.com 5 min
PTR 38.125.103.120 webmail.domain.com 5 min
PTR 38.125.103.120 pop3.domain.com 5 min
PTR 38.125.103.120 smtp.domain.com 5 min
reverse lookup smtp diag port scan blacklist
For Exchange 2007:
Exchange Organization Config > Hub Transport > Send Connectors tab > Default Send Connector Properties
Enter one of the records you mention above (mail.domain..) in the "Specify FQDN"
Exchange Organization Config > Hub Transport > Send Connectors tab > Default Send Connector Properties
Enter one of the records you mention above (mail.domain..) in the "Specify FQDN"
The SMTP banner might not match if you have a 3rd party filter (Postini, MailProtector, etc) in front of the Exchange Server for inbound filtering AND your Exchange Server does the outbound delivery itself. That message may not matter.
ASKER
Hey Rehamris
It's set to mail.domain.com, it's always been set to that. Any other ideas?
It's set to mail.domain.com, it's always been set to that. Any other ideas?
ASKER
Hrm, I don't think we're using a 3rd party filter
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
so if you telnet mail.domain.com 25
what banner is displayed?
what banner is displayed?
ASKER
Ah I see, neptune2
The banner is one thing, it says mail.domain.com.. But the actual server name is neptune2. Will there be an issue if I remove neptune2's PRT record from DNS? And all the others.
The banner is one thing, it says mail.domain.com.. But the actual server name is neptune2. Will there be an issue if I remove neptune2's PRT record from DNS? And all the others.
ASKER
as it stands right now, will everything work ok?
A PTR is a name from an IP Address so as DeadNight said, you can really only have one. I'd remove all PTR records EXCEPT mail.domainname.com, make sure mail.domainname.com A-record in DNS points to your IP Address and that when you telnet mail.domainname.com 25, the banner says mail.domainname.com and not neptune....
ASKER
so when our server connects to another, it uses the name neptune2, even though the banner says Mail, so wouldn't this cause an issue, how do I get it to not use it's actual server name.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think the server identifies itself through the EH/Helo as Neptune2.
But yes there are 2 A records on the internal server, mail, and of course neptune2, pointing to the same IP
When I do an internal telnet to port 25 I see Neptune2 show up. I see 220 netune2.domain.com Microsoft ESMTP MAIL Service ready
But yes there are 2 A records on the internal server, mail, and of course neptune2, pointing to the same IP
When I do an internal telnet to port 25 I see Neptune2 show up. I see 220 netune2.domain.com Microsoft ESMTP MAIL Service ready
Change the banner from neptune to mail. That's in the ESM or Management Console as posted above.
ASKER
The banner does say mail.. but when you telnet for whatever reason it says neptune instead of mail.
I'm looking straight at my main send connector right now, and it says mail.domain.com NOT neptune2
Any ideas, almost seems like it's being ignored. Is telnetting internally to mail.domain.com a valid banner test?
I'm looking straight at my main send connector right now, and it says mail.domain.com NOT neptune2
Any ideas, almost seems like it's being ignored. Is telnetting internally to mail.domain.com a valid banner test?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.