• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1014
  • Last Modified:

ISP (Web Host) doesn't support TXT records

Hey guys,

So I just recently setup Exchange 2010 on my internal company server (running Server 2008), and everything seems to be working OK so far, except certain email addresses are giving us this error when we send out emails to them:
escanner2.cmc.ec.gc.ca rejected your message to the following e-mail addresses:
 
Name,Name [Ontario] (Name.Name@ec.gc.ca)
 
escanner2.cmc.ec.gc.ca gave this error:
XX.XX.XX.XX: on real-time blacklist stj9d4lx6jgzlaudhr3k7ku29v2vecg.r.mail-abuse.com 
 
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.

Open in new window


And another one said..
smtp1.telebecinternet.com rejected your message to the following e-mail addresses:
 
Name Name (name.name@cablevision.qc.ca) (name.name@cablevision.qc.ca)
 
smtp1.telebecinternet.com gave this error:
No reverse DNS found 

Open in new window


After doing some research I realized that it was because I don't have SPF records setup.. so I contact my ISP (who is also my web host), and they said they don't support it..

What do I do now? Find a new web host to manage my DNS? Any you guys can recommend?

Thanks.
0
barbs1
Asked:
barbs1
  • 4
  • 4
  • 3
2 Solutions
 
Adam BrownSr Solutions ArchitectCommented:
If they don't support TXT records, they really aren't trying very hard and I'd ditch them out of principal :D Any of the big guys (Godaddy, Networksolutions, etc.) will do TXT records and should work well for you. There really isn't a lot of difference between DNS providers if that's all you're going for (If you go for a smaller one, make sure they support TXT records, of course. If you end up needing to move your website, that might be another thing to think about. As long as you are able to pry management of your Domain name from your ISP (Which can be tricky) you shouldn't need to worry about moving anything, though.
0
 
barbs1Author Commented:
I have no issues on doing that and know how to proceed with this. Thanks for your help!
0
 
BWaringCommented:
Although I agree with acbrown2010, and you should have SPF/TXT records established for your domains/hosts,  the second error is related to reverse DNS, not SPF/TXT records. And the first error may be the same; it doesn't say why you are blacklisted (may be a dynamic IP block), so those issues need to be resolved as well, regardless of where you host your DNS.....
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Adam BrownSr Solutions ArchitectCommented:
BWaring, SPF utilizes a reverse DNS lookup to ensure that an email came from the server it purports to be from. If an NDR mentions that no reverse lookup could be done, it's because they are requiring an SPF lookup to receive mail and there is no SPF set up on the sending server.
0
 
barbs1Author Commented:
Are you able to describe how to setup a reverse DNS then?
0
 
BWaringCommented:
Yes, what you say can be true, but it is not the only case. Many devices use simple reverse DNS lookup to verify that the server IP matches what the server name claims it is WITHOUT using SPF functionality. And SPF does not necessarily require reverse DNS, as you can create an SPF record that is completely valid using IP addreses alone.... for example "v=spf1 ip4:8.8.8.8 ~all" would be perfectly valid (although not realistic) if your only mail server was 8.8.8.8....

You can and will get reverse DNS errors even if you have a properly configured SPF/TXT record, if you have no reverse DNS setup for your hosts....

In most cases, your ISP will need to set up the reverse DNS records for your hosts. You would need to provide them the fully-qualified domain name of your hosts and the public IP addresses associated with them (presumably these are within the static range they have assigned you)... and I am assuming you are using static public IP addresses for your mail servers....

There are many web sites that can analyze your domain name and mail hosts for proper configuration of both reverse DNS, SPF records, and more.... for example, http://www.dnsstuff.com/
0
 
barbs1Author Commented:
Would GoDaddy.com provide reverse DNS too? My ISP is now also telling me that they don't support reverse DNS..

And by FQDN, do you mean the name of the A name record I created (exchange.domain.com) that points to my external static IP?
0
 
Adam BrownSr Solutions ArchitectCommented:
I just checked my Godaddy account to see what they support. They actually have the SPF records set up by default on the domain that I have, but that may be due to the fact that I bought it through them. From what I can tell, they also support Reverse DNS.

As a side note, I'd highly recommend looking for a new ISP if you can. Sounds like they don't really know what they're doing...
0
 
Adam BrownSr Solutions ArchitectCommented:
Also, FQDN is the full name of a server on the internet or network. exchange.company.com is an FQDN for the exchange server on the company.com Domain Name.
0
 
barbs1Author Commented:
Funny, this is Bell Canada (major company in Canada), the other major ISP is probably the same way. I think its best just to switch hosts. Thanks for all the help.
0
 
BWaringCommented:
Godaddy does definitely support all of this... Agree on switching!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 4
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now