Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 702
  • Last Modified:

How to setup a SMTP server only for outgoing mails

I need to setup a SMTP  sever only for the outgoing mails.
There should be no MX record for these servers so that there will be no incoming mails.
But I have the following queries.

1.If there is no MX record for this server & for the outgoing mails some of the receipient mail server will look for the reverse DNS record & for the valid MX record. So in this case there are chances that some of the mails will be dropped.

2. There  are chances that SPAM mails will be targetted using IP address of the SMTP server.
I dont have Anti SPAM solution so in this case . So can i configure the SMTP server to reject any incoming mail to this server.
0
SrikantRajeev
Asked:
SrikantRajeev
  • 4
  • 3
  • 3
  • +1
1 Solution
 
BobintheNocCommented:
1. Your domain should have an MX record (or multiples), but they don't have to list your outgoing mail server.  Having a PTR for the IP address of the outgoing box is simple enough--usually the receiving mail server only verifies that a PTR exists, not that it matches your outgoing server's hostname.  If you don't want to RECEIVE ANY MAIL ever, you can create MX records that point to any of your addresses, whether or not they can receive mail.

2. Specifically to stop mail from reaching or being accepted by your outgoing server, you should very much consider using a firewall that blocks the incoming requests to connect.  
0
 
Tomas ValentaIT ManagerCommented:
ad 1) you are right, some e-mail should not be delivered due antispam SW on other site
in this case you can contact with other site and ask them to add your IP to the whitelist
ad 2) use firewall rules to accept smtp incoming communication only from your internal e-mails
or change configuration of the qmail server
0
 
SrikantRajeevAuthor Commented:
for the point 1 it will be very difficult to know who are those & it will be proactive approach.
For setting up a SMTP server only for the outgoing traffic what will be the best practice.
I dont want any of my mails to be dropped.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
BobintheNocCommented:
Best Practices to not have your mail dropped:

1. Make sure you have a PTR record for the IP address of your outgoing mail server.  You will have to check with the DNS admins at your ISP or whomever is authoritative for the reverse lookup zone that contains your IP address.  
2. While not as popular and not usually as important, create an SPF record that lists your outgoing server's ip address for those domains that check for/require SPF.  There aren't too many that require SPF, but it's becoming more popular.
3. Keep your IP address off the common RBL/SBL lists.  If you IP lands on one of these lists, email their admins asap asking to be removed.
0
 
Tomas ValentaIT ManagerCommented:
For setting up a SMTP server only for the outgoing traffic - change configuration of the mail server for accepted hosts for receiving, or create firewall rule in this host for smtp inbound protocol
0
 
Barry GillChief of StaffCommented:
if this host has an internet available public IP (HAS to have a public IP for PTR - but it does not have to be available FROM the internet)  then set up sasl authentication and authenticate any senders with highly complex passwords.
0
 
SrikantRajeevAuthor Commented:
So does this means even if i follow up the above points & didn't setup MX record there will be no problem for sending the outgoing mails  None of my mails will get dropped.
0
 
BobintheNocCommented:
Negative.  If a receiving server requires the presence of an MX record, especially one that insists that your MX match your IP's PTR, you will not be able to deliver to that domain.

In practice though, I personally don't think you'll find that type of restriction on a domain unless that domain is one that accepts only whitelisted domains.

More potentially common would be for a receiving server that refuses mail from a host that has NO PTR record.

On a less common than PTR restriction, but more common than the MX check, would be for an SPF record check.

One solution that you might consider, relaying your mail through an SMTP service, perhaps something like a popular anti-spam service.  You might also ask your ISP to allow you to relay through them.  There are other services that will help deliver email campaigns--marketing type companies.

On your own though, without a PTR, you will run into servers that won't accept your mail.
0
 
Barry GillChief of StaffCommented:
just for clarity you REQUIRE the following: -
1. PTR record. This is a record that returns a valid hostname when the IP address is looked up and should be the hostname of the sending server.
2. A record. This is a host record that returns an IP when the hostname is looked up and should be the IP of the sending server.
3. Valid domain. This is a registered domain that has MX records so the receiving server knows where to deliver NDR's, abuse reports etc. The MX records need have NOTHING to do with your sending servernames and IP's. This domain does not need to be related at all to the hostname of the sending server.

Additonal:
SPF: this is in my honest opinion a waste of time as spammers use this better than most, but what it does is state what IP's and hosts and host domains you will allow messages to be delivered from.
0
 
SrikantRajeevAuthor Commented:
for the 3rd point
I can have the MX record pointing to the other server where the NDRs can be delivered. This will be my incoming server.
I don't need to have the MX record for the server by which I  will be sending mails outside.
Please confirm
0
 
Barry GillChief of StaffCommented:
confirmed.
0
 
BobintheNocCommented:
This is true, your MX record need not match your outgoing server.  Having one present is the almost necessary part.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 4
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now