Does the reverse DNS lookup (PTR record) rely on the domain name is strictly the IP?

Posted on 2011-04-26
Last Modified: 2012-05-11
We are looking to at the possibility of sending out small email blasts inviting recipients, who have already opted into our customers email lists, to view pURLs (personalized URLs) generated by my system.  We are going to be sending them out via an SMTP connection to my Exchange 2003 box from an application called XMPie.  

For obvious reasons, I am concerned about my system being blacklisted for spam and am hoping someone can help me get to the bottom of a small debate.  Do the DNS reverse lookups (PTR records) point back to my Exchange IP thereby putting my system at risk?  Or, would I be able to temporarily redirect our customers domain name to my network (DNS) and have the to their domain name?

I would appreciate other opinions but documentation I can present to the powers that be would be even better.

Question by:nhawkinsVA
    LVL 13

    Accepted Solution

    You should look into Sender Policy Framework (SPF) records. The SPF records are published DNS text records describing a list of ip addresses allowed to send emails from a specific domain.
    From your description, your customer's SPF record would need to include the server that you are sending the blasts from. The SPF records are checked in a similar way to those of DNSBL (DNS-based blackhole list), except that SPF leverages the authority delegation scheme of the real Domain Name System. is a great resource for all things SPF.
    LVL 70

    Assisted Solution

    by:Chris Dent
    You can do whatever you want with the To address, the recipient address should not play a part in any checks. I guess you mean the From address?

    The Reverse DNS check is not bound to the mail domain (it does not need to match or exist under the From domain). Your server needs to have a name (and an A record), and the PTR record needs to resolve back to that name. The server, Exchange at least, can only use one name, so use of your customers domains is moot for this part.

    A typical record set would look like this:

    Your DNS zone:    IN A

    Your ISPs / Connection providers DNS zone:    IN PTR

    Any normal system would be quite happy with your server sending out a mail as, the names above need to be present, but they do not have to match either the sender or recipient domain.

    That holds until you get to the From part. Ultralites rightly raises that issue. If you're sending using a From address that belongs to your customer you'd better make sure they've given your server permission if they implement SPF at all.

    That won't necessarily keep you off blacklists, it's impossible to guarantee such a thing. All you can do is make an effort not to appear to be spamming then monitor the blacklists thereafter.


    Author Closing Comment


    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    Join & Write a Comment

    Get an idea of what you should include in an email disclaimer with these Top 5 email disclaimer tips.
    Set OWA language and time zone in Exchange for individuals, all users or per database.
    In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now