Solved

Multiple reverse DNS records for a single Exchange server environment

Posted on 2010-09-06
2
919 Views
Last Modified: 2012-08-14
One of our clients has multiple companies working out of the same building.  All of these
companies, as far as the outside world should understand, are not part of a single entity.

They have a single Exchange 2007 server environment.

The problem we have is when company B sends a mail out, the header comes back with the details of Company A, as this is the reverse DNS setting.  I understand this is how Reverse DNS works, it doesn’t matter what address you send out from, as long as there is a “valid” Reverse DNS record in place, then the mail will send out ok.

All email is sent through a Sophos ES1000 appliance, and this appliance is set as the smart host for the Exchange server and this appliance is only capable of handling a single FQDN.

The company has multiple IP addresses to use.

What I would like to seems simple.

I would like the ability to set up multiple connectors in Exchange 2007, each with a different FQDN, and each one with a different Reverse DNS record to a separate public facing IP.

I do understand that this will not be possible if all email is going out through the Sophos mail appliance, so for the purpose of this question, let us rule that out.

There is a Sonicwall NSA2400 in place, and the whole environment is ESX4.0 if this has a bearing on anything.

Do me a favour and don’t past me any links on how Reverse DNS works and how to configure you Reverse DNS record, I do understand this.  This problem is I need multiple reverse DNS records.

¿  Thanks
0
Comment
Question by:Coast-IT
2 Comments
 
LVL 12

Expert Comment

by:RobinHuman
ID: 33610211
You should be able to set an external MX record for each domain with the domain registrar of the domain (whoever the domain is managed by) pointing to your client's external IP address - this should then resolve reverse DNS queries back to your IP. Check that the provider has set this up for reverse lookup.
Reverse DNS put simply is where the receiving mail server does a dns query for the mail domain of the incoming message (ie. a lookup of the MX record) and if it resolves to the correct IP then it accepts the message as being genuine
Hope this helps
0
 
LVL 11

Accepted Solution

by:
Coast-IT earned 0 total points
ID: 33610575
Reverse DNS doesn't do a lookup on the domain that has sent the message, only that it has come from a valid source with a valid reverse DNS field.

I do appreciate your time to comment though.

My proposed solution is as follows ;

1. register a domain such as mysecureemail.com
2. set up reverse DNS for a public facing ip to look at that domain
3. set the new domain as the FQDN on the Sophos applicance
4. forward all mail through the email appliance as a smarthost.

Using this method, there will be little detail back to the link between companies (I say little because I know about Exchange 2007 mail headers and internal hosts)

It doesn't answer my multiple reverse DNS entries question, but I am sue this method will work perfectly.

0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now