• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 404
  • Last Modified:

Exchange Email Fails from invalid rerverseDNS ptr

I have an issues that stems from a previous post that is resulting in many domains to give me an 554 error on my edge server for outgoing email. The issue is that the rDNS is seeing my sonicwall firewall IP and trying to perform an rdns and failing because the firewall IP is not the rdns entry for my Edge server IP. What can I do to correct this?

Here is the link from the original post.
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_27845035.html
0
GMSMRM
Asked:
GMSMRM
  • 7
  • 4
1 Solution
 
GMSMRMAuthor Commented:
An additional note: I am not blacklisted on any sites.
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
What can I do to correct this? - What is your MX and PTR pointing to ?
Who receives emails from Internet to deliver inside and other way ?

- Rancy
0
 
GMSMRMAuthor Commented:
My MX record is pointing to mail.gmsminerepair.com (my edge server). My SPF record, if you saw on the last post, I had to point to both my edge server IP and my firewall IP. but my DNS for my firewall does not poin to mail.gmsminerepair.com.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
So if you EDGE is the MX is it directly able to send receive emails or not .... it not and your firewall sends and receives how does that match with your MX ?

What is First accepting server for email from Internet ? and which is the last server used before the email hits Internet ?

- Rancy
0
 
GMSMRMAuthor Commented:
The firewall performs the NAT for the public address to the Edge server. Yes the edge sever send and receives email, and it flows through the firewall, as it does in most user's cases. Did you not read the posts from the link I attached?
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Is the IP of Firewall same as MX or PTR ?

- Rancy
0
 
Manpreet SIngh KhatraSolutions Architect, Project LeadCommented:
Look if the MX is pointing to EDGE and its not open to Internet how would the reverse query work .... as it wont be able to connect to that IP hence reject

So what i understand is either your EDGE should be open to Internet for for resolving reverse Queries or MX should be pointing to Firewall if thats the gateway

- Rancy
0
 
GMSMRMAuthor Commented:
Ok. I will attempt to make the IP of the firewall the mx record instead of the IP of the edge server routed through the firewall. I will post my resutlts once the MX record has updated on the DNS.
0
 
GMSMRMAuthor Commented:
How will I get incoming mail then if I have my MX record point to mail.mydomain.com and my A Host for mail point to IP of my edge server. IF i change  this to the IP of my firewall, it will stop there and never get to my edge server...right?
0
 
Simon Butler (Sembee)ConsultantCommented:
In most firewalls you can set a 1:1 NAT, so that traffic from a certain IP address appears to be coming from a certain external IP address. Sonicwall is an established product, so it must be able to do that. Could be called alias IP or something similar.

Simon.
0
 
GMSMRMAuthor Commented:
I am performing a 1:1 NAT but I guess the firewall stamps the emails as it being the last hop and using its own public IP address instead of the NAT address of the mail server it came from.
0
 
GMSMRMAuthor Commented:
There was an issue with my firewall NAT Policy.  A specific rule became disabled on it's own. I enabled it and the emails went through.
Thanks.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now