Solved

My email are being rejected at some location.

Posted on 2010-08-18
27
795 Views
Last Modified: 2012-05-10
I am using exchange 2007, and my mx record are located in godaddy.com
when  my user sent out email some of the meails get rejected, I called my isp to see if they had something to do with it, and they said no because they are not hosting the dns for the company. To call GoDaddy. I called today and they told to configure the dns section under my domain, but they could not give me instruction on how to do it. Can someone send me step by step instructions on how to configure the ptr record for my domain to point to my exchange server so the emails won't get rejected?

This is a example of an email of one of my user
This message has not yet been delivered. Microsoft Exchange will continue to try delivering the message on your behalf.

Delivery of this message will be attempted until 8/20/2010 4:11:26 PM (GMT-05:00) Eastern Time (US & Canada). Microsoft Exchange will notify you if the message can't be delivered by that time.
sample number 2
Your message wasn't delivered because of security policies. Microsoft Exchange will not try to redeliver this message for you. Please provide the following diagnostic text to your system administrator.
The following organization rejected your message: webmail.readytek.com.

Generating server: PRESSRV.prescafe.local

Tgrant@westernhay.com
webmail.readytek.com #501 5.7.1 <ricardo.blanco@giroski.com>... Sender IP must resolve ##

0
Comment
Question by:papichulodr69
  • 11
  • 7
  • 3
  • +3
27 Comments
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471207
You have to call your ISP and ask them to add a PTR record for your MX to your public IP

I dont think you need to change anything @ godaddy

How to find MX
Go here
www.mxtoolbox.com
enter your domain name

it will list out your MX and the IP

Call your ISP - give them your IP and give them your MX - and ask them to set a PTR record.

thanks
0
 

Author Comment

by:papichulodr69
ID: 33471230
I did that and they told me that they had nothing to do with the dns
0
 

Author Comment

by:papichulodr69
ID: 33471248
they sent me these email

Attn:  Ricardo
 
 
Reverse ip address range of:
 
32/29.8.174.12.in-addr.arpa
 
 
has been delegated to the name servers of:
 
ns51.domaincontrol.com
ns52.domaincontrol.com

 
 
Following is an example of how a partial c class should be set up. You should substitute your own IP block for the one used in the example below.
 
 
0/27.2.1.12.in-addr.arpa.     3600    SOA     dns2.anydomain.com.
administrator.anydomain.com.
                        1999091702      ; serial
                        3600    ; refresh (1 hour)
                        600     ; retry (10 mins)
                        expire  = 600000 (6 days 22 hours 40 mins)
                        86400 )  ; minimum (1 day)
0/27.2.1.12.in-addr.arpa.     3600    NS      dns2.anydomain.com.
 
1   3600    PTR     gw.anydomain.com.
10  3600    PTR     hidden4.anydomain.com.
11  3600    PTR     hidden5.anydomain.com.
12  3600    PTR     hidden6.anydomain.com.
13  3600    PTR     www.anydomain.com.
 
0/27.2.1.12.in-addr.arpa.     3600    SOA     dns2.anydomain.com.
administrator.anydomain.com.
                        1999091702      ; serial
                        3600    ; refresh (1 hour)
                        600     ; retry (10 mins)
                        86400   ; expire (1 day)
                        3600 )  ; minimum (1 hour)
 
 
It is a common misconception that the owner of the IP block has to create the PTR records or only the owners of the IP address can add the PTR record, but that is not the case.
Please refer to:
 
RFC 2317
 
http://www.faqs.org/rfcs/rfc2317.html for more information on IP delegations.
 
If AT&T is going to takeover your Reverse DNS we must provide primary DNS for at least 1 domain name that your company owns. Below is information explaining our policies and procedures if you desire to have AT&T maintain your DNS records.
 
 
 
Find below a listing of criteria that needs to be met for AT&T Worldnet MIS to provide reverse look-up services:
 
(1) IP block must be assigned by AT&T (Please note that just having an IP block and no forward domain is not sufficient)
 
(2) If a customer owns their own IP block it must be delegated to our name servers.
 
(3) If a customer has a IP block from another ISP it must be delegated to our name servers.
 
(4) At least one forward domain must be hosted on our servers for all three of the conditions listed above.
 
(5) The one forward domain must not be a lame delegation* but must contain valid working DNS records and not be a "dead" zone.
 
(6) The domain we host must be owned by your Company as evidenced by the Registrant information shown when doing a WHOIS look-up.
 
AT&T will host up to 15 domain names at no extra charge for each MIS Circuit your company has with AT&T. Please provide us with a list of the host domains with associated IP records.
 
 
All domain names must be owned by the customer. The registrant information found in the WHOIS lookup at Network Solutions is what we use to determine ownership.
 
 
Once we have added the request to our nameservers, we will send an email response to you confirming we have added the domain name and give you the nameserver information so that changes can be made with the registrar of your choice for your domain name.
 
Dragon Account #  77121
 
 
Thank You,
AT&T DNS Tech Team
888-613-6330 Prompts, 3 & 1
SM
 
 



--------------------------------------------------------------------------------
From: Ricardo Blanco [mailto:ricardo.blanco@giroski.com]
Sent: Thursday, August 12, 2010 10:12 AM
To: DNS Services, MIS Lifecycle; Jose Garcia
Subject: Please set this PTR


 

 Please  create a PTR/Reverse DNS for the following:

 

   12.174.8.34       hostname=mx.giroski.com

0
 
LVL 29

Expert Comment

by:Rich Weissler
ID: 33471256
If it isn't your ISP, it may be an upstream ISP that handles DNS for them.  GoDaddy won't be authoritative for the reverse lookup... it'll have to be whoever controls the IP address range in which your mail server resides.
0
 

Author Comment

by:papichulodr69
ID: 33471268
The isp tells me I need to transfer the dns to them, so they can creat the ptr record. How can I find out where my dns is located?
0
 
LVL 29

Expert Comment

by:Rich Weissler
ID: 33471297
Wow!  They already delegated the reverse lookup?
If the statement at the top there is accurate, and I'm reading this correctly:
http://whois.domaintools.com/domaincontrol.com would be authoritative for the reverse lookup.  Apparently that IS godaddy.com -- so I take back the part where I said godaddy won't be authoritative.  You should have GoDaddy make the PTR entry as sunnyc7 specified.
0
 

Author Comment

by:papichulodr69
ID: 33471311
whe i call godaddy i need to tell them to make the ptr entry as sunnyc7
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471327
Give me 10 mins. I am testing something with your MX
0
 

Author Comment

by:papichulodr69
ID: 33471332
ok thanks
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471352
Here's your MX
Pref      Hostname      IP Address      TTL            
0      mx2.giroski.com      72.151.206.57      30 min      SMTP Test      Blacklist Check
10      mx.giroski.com      12.174.8.35      30 min      SMTP Test      Blacklist Check
30      mx2.mailhop.org      216.146.33.7      12 hrs      SMTP Test      Blacklist Check


--
Your public IP of your router/firewall should be >> 72.151.206.57
from your network - go to www.canyouseeme.org

Check if that's the same as 72.151.206.57

--
your original request was for
12.174.8.34       hostname=mx.giroski.com

>> you need to call them to set a PTR record for this
mx2.giroski.com      72.151.206.57      

Call you verify your public IP and call them again.

thanks
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471359
I mean - verify if your public IP is 72.151.206.57 - and call ATT again.
0
 

Author Comment

by:papichulodr69
ID: 33471382
can i change that ip 72.151.206.57 to 12.174.8.35
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471385
When you go to - www.canyouseeme.org

What is your public IP ?
Is it
72.151

or
12.174 ?
0
Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

 

Author Comment

by:papichulodr69
ID: 33471386
12.174
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471395
Then you need to delete the first record from your Godaddy DNS -
http://help.godaddy.com/article/666#mxrecs

Check the guide over there to edit DNS records.
0
 

Author Comment

by:papichulodr69
ID: 33471398
i sould put the ip address that goe to the fire wall
i so sorry for all the question
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33471424
if you go to
www.canyouseeme.org
and the IP address is > 12.174.8.35

That is the IP address on your firewall.
--

If you are planning to use the IP address as your MX > 12.174.8.35

Then you need to delete the first mx record > 72.151.206.57

Are you receiving emails ?
I wonder how that will work since your MX is pointing somewhere else ? Email servers will deliver emails to the First MX
0
 

Author Comment

by:papichulodr69
ID: 33471485
with the configuration it had yes i did received  email
i change the
72.151.206.57 this ip looks like my dsl ip we have T1
0
 

Author Comment

by:papichulodr69
ID: 33471512
i sent another email to test and in get this error

Generating server: PRESSRV.prescafe.local

Tgrant@westernhay.com
webmail.readytek.com #501 5.7.1 <ricardo.blanco@giroski.com>... Sender IP must resolve ##

Original message headers:

0
 
LVL 6

Accepted Solution

by:
PartnerTek earned 500 total points
ID: 33471742
The issue here is that AT$T WILL NOT create a PTR (Reverse DNS) for an IP if they are not hosting the DNS.  They will delegate it to the DNS servers of your choosing.  When I run in to this, I usually use zoneedit.com.  It's free and reliable.  After creating the zone for your IP, have AT$T delegate the reverse DNS to the DNS server supplied to you by zoneedit and create your PTR.
more detail pulled from another EE post:
I used zoneedit to create RDNS records for my IP address block and it worked great.  It was just a pain to get it setup.  
We created a record in ZoneEdit.  The IP block has to be formatted as such: XX.XXX.XXX.XXX-XX where the -XX represents the subnet masks /29 for example.  After ZoneEdit assigned us name servers we had to send a request back to ATT (our T1 provider).  The email basically told ATT to change the nameservers for our IP block.
"We are requesting a change for reverse DNS zone delegation.
Please change the DNS servers for DSE IP block XX.XXX.XXX.XXX-XX on Circuit ID DHEC-XXXXXX to:
ns12.zoneedit.com
ns14.zoneedit.com"

This is the help section for RDNS on ZoneEdit's website
How do I set up reverse DNS?
If you have an entire class C netblock, and your ISP will delegate reverse DNS to zoneedit, then you can do the following:
First, you need to add the ARPA zone to the zoneedit system (example: 3.2.1.in-addr.arpa.)
Then you need to tell your ISP (or ARIN) to delegate control over that zone to the nameservers assigned to you
For these sorts of zones, there's no need to add A records, only PTR records are needed.
Example of a PTR: 4.3.2.1.in-addr.arpa. IN PTR www.mysite.com
We also can support CNAMEs to serve PTR records from our servers, so you can control less than a whole netblock
You should not delegate a single IP address using NS records. This may work, but it will be unreliable.
Reverse DNS is hard, especially because of the preponderance of virtual web servers. 9 times out of 10, you should simply get your ISP to set up a reverse DNS record for you, rather than trying to get a CNAME or an NS delegation.
Reverse DNS is not required for the correct operation of web servers and most other internet systems.

Hope this helps
 
0
 
LVL 6

Expert Comment

by:PartnerTek
ID: 33471747
The easiest way to solve you problem is to change your DNS hosting to AT&T.  Then, they will create the PTR for you.  Find out from AT$T what the name servers are, the log in to your godaddy account and change the nameservers to the ones assigned by AT&T.  Make sure you take note of your existing records in case AT$T doesn't do a proper zone transfer.
0
 
LVL 24

Expert Comment

by:bryon44035v3
ID: 33471960
sorry, i'm jumping in here after reading the first 10 comments or so.

send the request to your ISP again but DONT mention "PTR" that's going to confuse the heck out of them.  they can't create PTR records for you, but ONLY THEY can create reverse dns entries for THEIR ip address they're leasing to you.  godaddy has nothing to do with it.

"Please create us a reverse dns entry (rDNS) such that 12.174.8.34 reverses to [whatever your smtp banner is, like mail.you.com]"

this is 50% incompetence on their part, and 50% them trying to steal your dns hosting so they can charge you $20/month

i'd try all 3 of these people:
AT&T WorldNet Services ATT 12.0.0.0 - 12.255.255.255 (probably wont care)
GIROSKI OPERATING 12.174.8.32 - 12.174.8.39 (probably you)
AT&T WorldNet Services 12.174.8.0 - 12.174.15.255 (these guys are the best bet)

the bottom att contact info is:
OrgTechHandle: IPSWI-ARIN
OrgTechName:   IP SWIP
OrgTechPhone:  +1-888-613-6330
OrgTechEmail:  swipid@icorefep1.noc.att.com
OrgTechRef:    http://whois.arin.net/rest/poc/IPSWI-ARIN

OrgTechHandle: ICC-ARIN
OrgTechName:   IP Team
OrgTechPhone:  +1-732-844-5564
OrgTechEmail:  kw9864@att.com
OrgTechRef:    http://whois.arin.net/rest/poc/ICC-ARIN

if they give you any grief, remind them that you're a paying customer and if they want to to continue as such, they need to make the rdns entry.

when someone looks up an rdns entry, they can only go to the owner of the ip, in this case ATT.  there is no function for them to look up an rdns entry at godaddy or any other random dns provider


0
 
LVL 6

Expert Comment

by:PartnerTek
ID: 33472539
I'm sorry Byron, but you are mostly wrong.
1) PTR is the correct term.  
2) Also, it can be done on another DNS service, as long as you are able to create a zone. This is done by delegating the DNS for the IP address/subnet do another DNS server with a properly configured zone and PTR.
3) And, lastly, AT$T WILL NOT create a reverse DNS PTR UNLESS they host your DNS.  They do not charge a fee for the first domain DNS hosting, but I believe they do for additional domains.
0
 
LVL 8

Expert Comment

by:dosdet2
ID: 33476875
PTR may be the correct term, but I understand what Byron is saying concerning this.  Some of the "tech" people that are working the phones seem to be working off a computer screen with little real world knowledge.  If their screen doesn't say PTR, they seem to don't know what you are talking about.

Most do understand "Reverse DNS Lookup" so I recommend at least mentioning that term so they can figure out what you want from them.

My 2¢ worth.
0
 
LVL 8

Expert Comment

by:dosdet2
ID: 33477136
You can setup your PTR records in GoDaddy.com if you are using their name servers.  Here is how:

Login into your GoDaddy account, Navigate to the Domain Manager.
Double click on the domain in question to show details & manage
Underneath the DNS information there is a link called "Total DNS Control".  Click that.
Scroll down to the row that begins with TXT
On the right side of that row there is a button that says "Add New SPF Record".  Click that.
There will be an SPF Wizard, click the raidio button that applies (leave default if unknown) & click OK.
The 3rd Tab on the next window says PTR.  Click on that  to setup your PTR Records.

Write down their support number from the login page and if you have questions, call them & they will help walk you through it.

Good Luck
Let us know how it goes.

0
 
LVL 29

Expert Comment

by:Rich Weissler
ID: 33478571
Don't know if that'll give you any issues.. if it does, you'll likely need to build the SOA record for the "32/29.8.174.12.in-addr.arpa" domain.  (It might be that the web based wizard is smart enough to do that part on it's own... that's what most of the message you received from AT&T concerned...
0
 

Author Closing Comment

by:papichulodr69
ID: 33490228
I called att and they tranferd the DNS
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Easy CSR creation in Exchange 2007,2010 and 2013
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now