Solved

How to setup a SMTP server only for outgoing mails

Posted on 2010-08-23
12
675 Views
Last Modified: 2013-12-18
I need to setup a SMTP  sever only for the outgoing mails.
There should be no MX record for these servers so that there will be no incoming mails.
But I have the following queries.

1.If there is no MX record for this server & for the outgoing mails some of the receipient mail server will look for the reverse DNS record & for the valid MX record. So in this case there are chances that some of the mails will be dropped.

2. There  are chances that SPAM mails will be targetted using IP address of the SMTP server.
I dont have Anti SPAM solution so in this case . So can i configure the SMTP server to reject any incoming mail to this server.
0
Comment
Question by:SrikantRajeev
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 7

Expert Comment

by:BobintheNoc
Comment Utility
1. Your domain should have an MX record (or multiples), but they don't have to list your outgoing mail server.  Having a PTR for the IP address of the outgoing box is simple enough--usually the receiving mail server only verifies that a PTR exists, not that it matches your outgoing server's hostname.  If you don't want to RECEIVE ANY MAIL ever, you can create MX records that point to any of your addresses, whether or not they can receive mail.

2. Specifically to stop mail from reaching or being accepted by your outgoing server, you should very much consider using a firewall that blocks the incoming requests to connect.  
0
 
LVL 9

Expert Comment

by:Tomas Valenta
Comment Utility
ad 1) you are right, some e-mail should not be delivered due antispam SW on other site
in this case you can contact with other site and ask them to add your IP to the whitelist
ad 2) use firewall rules to accept smtp incoming communication only from your internal e-mails
or change configuration of the qmail server
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
for the point 1 it will be very difficult to know who are those & it will be proactive approach.
For setting up a SMTP server only for the outgoing traffic what will be the best practice.
I dont want any of my mails to be dropped.
0
 
LVL 7

Expert Comment

by:BobintheNoc
Comment Utility
Best Practices to not have your mail dropped:

1. Make sure you have a PTR record for the IP address of your outgoing mail server.  You will have to check with the DNS admins at your ISP or whomever is authoritative for the reverse lookup zone that contains your IP address.  
2. While not as popular and not usually as important, create an SPF record that lists your outgoing server's ip address for those domains that check for/require SPF.  There aren't too many that require SPF, but it's becoming more popular.
3. Keep your IP address off the common RBL/SBL lists.  If you IP lands on one of these lists, email their admins asap asking to be removed.
0
 
LVL 9

Expert Comment

by:Tomas Valenta
Comment Utility
For setting up a SMTP server only for the outgoing traffic - change configuration of the mail server for accepted hosts for receiving, or create firewall rule in this host for smtp inbound protocol
0
 
LVL 9

Expert Comment

by:Barry Gill
Comment Utility
if this host has an internet available public IP (HAS to have a public IP for PTR - but it does not have to be available FROM the internet)  then set up sasl authentication and authenticate any senders with highly complex passwords.
0
Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
So does this means even if i follow up the above points & didn't setup MX record there will be no problem for sending the outgoing mails  None of my mails will get dropped.
0
 
LVL 7

Expert Comment

by:BobintheNoc
Comment Utility
Negative.  If a receiving server requires the presence of an MX record, especially one that insists that your MX match your IP's PTR, you will not be able to deliver to that domain.

In practice though, I personally don't think you'll find that type of restriction on a domain unless that domain is one that accepts only whitelisted domains.

More potentially common would be for a receiving server that refuses mail from a host that has NO PTR record.

On a less common than PTR restriction, but more common than the MX check, would be for an SPF record check.

One solution that you might consider, relaying your mail through an SMTP service, perhaps something like a popular anti-spam service.  You might also ask your ISP to allow you to relay through them.  There are other services that will help deliver email campaigns--marketing type companies.

On your own though, without a PTR, you will run into servers that won't accept your mail.
0
 
LVL 9

Expert Comment

by:Barry Gill
Comment Utility
just for clarity you REQUIRE the following: -
1. PTR record. This is a record that returns a valid hostname when the IP address is looked up and should be the hostname of the sending server.
2. A record. This is a host record that returns an IP when the hostname is looked up and should be the IP of the sending server.
3. Valid domain. This is a registered domain that has MX records so the receiving server knows where to deliver NDR's, abuse reports etc. The MX records need have NOTHING to do with your sending servernames and IP's. This domain does not need to be related at all to the hostname of the sending server.

Additonal:
SPF: this is in my honest opinion a waste of time as spammers use this better than most, but what it does is state what IP's and hosts and host domains you will allow messages to be delivered from.
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
for the 3rd point
I can have the MX record pointing to the other server where the NDRs can be delivered. This will be my incoming server.
I don't need to have the MX record for the server by which I  will be sending mails outside.
Please confirm
0
 
LVL 9

Accepted Solution

by:
Barry Gill earned 500 total points
Comment Utility
confirmed.
0
 
LVL 7

Expert Comment

by:BobintheNoc
Comment Utility
This is true, your MX record need not match your outgoing server.  Having one present is the almost necessary part.

0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now