Solved

Reverse DNS lookup

Posted on 2011-02-10
46
1,627 Views
Last Modified: 2012-05-11
our mail server is mail.externaldomainname.com when i do a reverse lookup using a site like mxtoolbox or testexchangeconnectivity, it shows reverse lookup failed. My reverse DNS is being displayed as: mail.internaldomainname.com; which is different than our external domain name. How can i resolve?
0
Comment
Question by:mray77
  • 23
  • 19
  • 2
  • +1
46 Comments
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Most commonly this means contacting your ISP and asking them to set or correct the PTR record.

We can check exactly where if you feel your ISP is not responsible for the record.

Chris
0
 

Author Comment

by:mray77
Comment Utility
ATT is our ISP, and we manage our own DNS through their site. I have an A record for MAIL pointing to the external ip address of our mail server.
0
 
LVL 6

Expert Comment

by:mattconroy
Comment Utility
Add a reverse lookup (PTR record).
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Sure, but Forward and Reverse Lookup are not delegated down the same paths.

That means you can have company X who look after your forward lookup zone (the mail records, etc), and company Y who look after reverse lookup.

Company Y is typically your ISP, or whoever provides you with the internet connection. In a (very) small number of cases reverse lookup is delegated to you. However, you generally know about it if that is the case because you'd have had to ask for it.

If ATT provide both DNS hosting and the connection for you, then you may still need to get in touch with them. A PTR record may not be exposed in your regular DNS interface. It depends on your hosting agreement: If you pay for hosted servers (on their site) then it may be available; if you pay for DNS and a net connection seperately (technically if not administratively) then it's unlikely to be so easily available.

Chris
0
 

Author Comment

by:mray77
Comment Utility
There is an option to add/update the PTR record when i create the A record for MAIL. Should this PTR record be mail.internal.com or mail.external.com? That's where i'm unclear. It seems like right now it's mail.internal.com and that is wrong.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Where are you looking? That sounds like an MS DNS option? :)

If it's in their, your ISPs interface, then you need the public name, and public IP (mail.external.com and its IP).

Chris
0
 

Author Comment

by:mray77
Comment Utility
No, it's an ATT tool called https://www.businessdirect.att.com it's for managing our external dns
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Ahh good, just checking :)

In that case you want the PTR record to point to mail.external.com. Does it give you the option to change it?

Chris
0
 

Author Comment

by:mray77
Comment Utility
Yes, but i get the feeling that it's not updating. I'm on hold now with ATT. i'm going to have them check it. Thanks for the help!
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

It might take time, these things are very rarely instant. It's not unreasonable to expect it to take a few days for a change to flow through.

Still, check with them anyway, that's well worth doing, waiting 2 days and seeing nothing would be poor form :)

Chris
0
 
LVL 6

Expert Comment

by:mattconroy
Comment Utility
Sometimes it can take 24 hours for the DNS change.
0
 

Author Comment

by:mray77
Comment Utility
ATT is telling me my PTR record is correct. They even used dnsstuff.com.
0
 

Author Comment

by:mray77
Comment Utility
They are basically using the same tools i have access too.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

We can test it without any tools. Let me walk you through:

1. Lookup the servers responsible for the IP address, where 1.2.3.4 is the IP

Note: The IP is reversed in our commands intentionally.

nslookup -q=ns 4.3.2.1.in-addr.arpa

You should get a response like this:

3.2.1.in-addr.arpa
        primary name server = ns1.somedomain.com.

2. Lookup the record on the primary name server:

nslookup -q=ptr 4.3.2.1.in-addr.arpa ns1.somedomain.com

We're executing the query for the PTR record against the system that claims it's responsible. This bypasses all caching and update intervals, you should get the changed version of the record this time.

Chris
0
 

Author Comment

by:mray77
Comment Utility
You are a genius! Check this out...

Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\jjenkins.FSDOMAIN>nslookup -q=ns 1.2.3.4.in-addr.arpa
Server:  UnKnown
Address:  a.b.c.d

Non-authoritative answer:
1.2.3.4.in-addr.arpa.fsdomain.com nameserver = ns1.dsredirection.com
1.2.3.4.in-addr.arpa.fsdomain.com nameserver = ns2.dsredirection.com

ns1.dsredirection.com   internet address = x.x.x.x

C:\Users\jjenkins.FSDOMAIN>nslookup -q=ptr 1.2.3.4.in-addr.arpa ns1.dsredi
rection.com
Server:  UnKnown
Address:  a.b.c.d

*** No domain name pointer (PTR) records available for 1.2.3.4.in-addr.arp
a

C:\Users\jjenkins.FSDOMAIN>
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility
Ahh it's got a bit confused. Try this one instead:

nslookup -q=ns 4.3.2.1.in-addr.arpa.
nslookup -q=ptr 4.3.2.1.in-addr.arpa. ns1.somedomain.com

Notice how I've added the . after arpa? That'll stop it adding fsdomain.com on the end, we don't want it to do that.

There are better tools for this, I generally recommend this one:

http://members.shaw.ca/nicholas.fong/dig/

But my resolver can do it too (although you have to have PowerShell):

http://code.msdn.microsoft.com/dnsshell/Release/ProjectReleases.aspx?ReleaseId=5028

For the first, we'd do:

dig 1.2.3.4 ptr +trace

Or in mine:

Get-Dns 1.2.3.4 ptr -Trace

In each case we're most interested in the final block, the bit that shows us the response. The advantage here is that it takes the hard work of figuring out where to send a request out of your hands :)

Chris
0
 

Author Comment

by:mray77
Comment Utility
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\jjenkins.FSDOMAIN>nslookup -q=ns 1.2.3.4.in-addr.arpa.
Server:  UnKnown
Address:  a.b.c.d

2.3.4.in-addr.arpa
        primary name server = adns01.bigpond.com
        responsible mail addr = hostmaster.bigpond.com
        serial  = 9
        refresh = 43200 (12 hours)
        retry   = 3600 (1 hour)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

C:\Users\jjenkins.FSDOMAIN>nslookup -q=ptr 1.2.3.4.in-addr.arpa. ns1.bigpo
nd.com
*** Can't find server address for 'ns1.bigpond.com':
Server:  UnKnown
Address:  a.b.c.d

Non-authoritative answer:
1.2.3.4.in-addr.arpa      name = CPE-4-3-2-1.lns1.wel.bigpond.net.au


2.3.4.in-addr.arpa nameserver = adns01.bigpond.com
2.3.4.in-addr.arpa nameserver = adns02.bigpond.com
2.3.4.in-addr.arpa nameserver = adns03.bigpond.com
2.3.4.in-addr.arpa nameserver = adns04.bigpond.com

C:\Users\jjenkins.FSDOMAIN>
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility
Remember we had to reverse the IP address for nslookup ? :)

So if your IP is 212.213.214.215 it becomes this for the PTR record:

215.214.213.212.in-addr.arpa.

Fun, isn't it? :)

Chris
0
 

Author Comment

by:mray77
Comment Utility
So what you are saying is that in my PTR record, i need update it and reverse? Or are we talking about a mistake i made running the nslookup?
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Just a mistake in the nslookup run.

Pick up the install for dig above, it'll make the checks a lot simpler. Unfortunately nslookup itself isn't a particularly comprehensive debugging tool.

Chris
0
 
LVL 5

Expert Comment

by:alreadyinuse
Comment Utility
If you are using att direct and you login do you see the reverse DNS zone for your IP Address range available? If you do not see this then you cannot add or update records for that IP range from the ATT DNS console.

You then have two options.

1. Ask the ISP that controls the reverse lookup zone to create the record.
2. Have the RR zone delegated to your ATT direct account. If this is your choice contact ATT Support and confirm the DNS servers that the ISP should delegate the the RR zone to. Then ask the ISP to delegate the RR Zone to the listed servers. Some will not do this.

Another bit of trivia, the PTR record is best if it matches the A record but not necessary. Also if you are actually sending out your email through a gatway that is not the same ip address as your MX record then that ip address also requires an A and an RR record.
0
 

Author Comment

by:mray77
Comment Utility
Chris, quick question on the install. I'm running in to this issue; which is in the instructions:
Import-Module will throw an error on import if the Execution Policy requires all files to be signed. The format file is not signed.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Run:

Set-ExecutionPolicy RemoteSigned

That should let it carry on, until I get around to getting myself a proper certificate.

Chris
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:mray77
Comment Utility
Another observation...When i do a simple telnet test, the HELO response from my mail server is mail.Internal_Domain_Name.com
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

That may not necessarily matter, it depends on the FQDN value you have listed in the Send Connector (Org Config \ Hub Transport).

Chris
0
 

Author Comment

by:mray77
Comment Utility
My FQDN listed on the Send Connector is set to mail.external_domain.com my receive connector is set to mail.internal_domain.com as it does not let me configure this for internal domain.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Cool, that's good. Ignore the one you see when you run telnet ..., it's showing you the FQDN for the Receive Connector.

Chris
0
 

Author Comment

by:mray77
Comment Utility
Gotcha. I think it's important to note that we are using MXLogic for spam filtering. Could there be something there? I just keep coming back to the message when using mxtoolbox.com which says: Warning - Reverse DNS does not match SMTP Banner. I'm really scratching my head here since everything looks right. ATT confirmed DNS and PTR are correct and the FQDN on my send connector is correct.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Is that sending out for you? Or is it only inbound mail that comes through that?

mxtoolbox...

It's limited.

You know the test you did with Telnet? That's what it just did, there's no way for it to find out the name used by your Send Connector.

It means you can generally ignore the result of that test as long as mail is flowing properly.

Chris
0
 
LVL 5

Expert Comment

by:alreadyinuse
Comment Utility
We used to use postini and had the same banner mismatch. And we did experience in that some remote smtp systems would reject our emails due to the banner mismatch at that time.
0
 

Author Comment

by:mray77
Comment Utility
So if i have an email address that is not accepting our mail, can i try to send via telnet and post the response?
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Yep, you can indeed.

Chris
0
 

Author Comment

by:mray77
Comment Utility
I don't have there mail server name, they are actually using MXLOGIC just like we are. Domain i'm trying to send to:
buckenmeyer-king-cpa.com
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

In that case you'd do what your mail server does, look up the MX record:

nslookup -q=mx buckenmeyer-king-cpa.com

Your server takes those, then picks one of the servers with the lowest MX Preference. For example this one:

buckenmeyer-king-cpa.com        MX preference = 15, mail exchanger = buckenmeyer-king-cpa.com.inbound15.mxlogic.net

Then your server will attempt to connect to the exchanger:

telnet buckenmeyer-king-cpa.com.inbound15.mxlogic.net 25

Once you're there, you can start your conversation:

helo mail.external_domain.com
mail from: you@domain.com
rcpt to: recipient@domain.com
data
.

Chris
0
 

Author Comment

by:mray77
Comment Utility
Here is something that is odd. i just sent from Telnet and the recipient received it and responded. I about fell out of my seat. I sent from Outlook, and have not heard back from them.
0
 

Author Comment

by:mray77
Comment Utility
The message i sent from Outlook is just sitting in my exchange 2010 mail queue.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

When you did the telnet test, that was from your Exchange server?

Chris
0
 

Author Comment

by:mray77
Comment Utility
it was from my workstation; which is on the same network. Could there be a difference?
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Yeah, I'd only expect your Exchange server to have the problematic IP address. I reckon you should give it a try from the Exchange server itself.

Chris
0
 

Author Comment

by:mray77
Comment Utility
It worked from the exchange server too using telnet. I now have a technical contact we can work with on their side. Again, still not working when sent from Outlook. Message is stuck in the queue.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

What's the message it's logging while it's stuck in the queue?

Chris
0
 

Author Comment

by:mray77
Comment Utility
Identity: mail\9075\128950
Subject: last test
Internet Message ID: <CC6239D8EE38044C8E677E019F6A785A146079E4@mail.mydomain.com>
From Address: sender@mydomain.com
Status: Ready
Size (KB): 41
Message Source Name: FromLocal
Source IP: 255.255.255.255
SCL: -1
Date Received: 2/11/2011 9:52:52 AM
Expiration Time: 2/13/2011 9:52:52 AM
Last Error: 400 4.4.7 Message delayed
Queue ID: mail\9075
Recipients:  someone@buckenmeyer-king-cpa.com
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility
Hmm well it does suggest that it hasn't figured out the PTR record yet, but I'd have expected it to refuse to talk to you using telnet if that were the case.

Is any mail flowing out?

Chris
0
 

Author Comment

by:mray77
Comment Utility
Yes, currently that is the only external domain in the queue not sending.
0
 

Accepted Solution

by:
mray77 earned 0 total points
Comment Utility
No forwarders were configured in DNS.
0
 

Author Closing Comment

by:mray77
Comment Utility
No forwarders were configured in DNS.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now