Solved

Email PTR Reverse Lookup Issue

Posted on 2013-06-01
4
611 Views
Last Modified: 2013-06-14
I currently have a Trend Micro SPAM server and one Exchange 2007 server.  Our MX record points to our Spam server (mail.abc.com) for all inbound mail.

Our Exchange server sends mail directly out to the internet without going through the Spam server.

My question is given this configuration.... for receiving email servers that perform reverse lookups like AOL, Comcast, etc. I know I need to have a PTR record in place.  Does that PTR record have to point to my MX record (Spam Server) or does it need to point to the Exchange server (The outbound SMTP server).
0
Comment
Question by:BSModlin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 20

Expert Comment

by:woolnoir
ID: 39213865
It doesnt matter, whatever IP the email server goes out on, needs to have the same forward and reverse DNS. Does your email server, NAT through the same IP address as your MX (spam) server ? if so, it's irrelevent.

If they are different IP's then just ensure the IP that the email server comes out to, resolves to a hostname, and that hostname, resolves back to the same IP.
0
 
LVL 20

Expert Comment

by:woolnoir
ID: 39213866
The only other consideration is the SPF records which define what IP's should be sending emails for each domain, make sure that side of things is covered.
0
 

Author Comment

by:BSModlin
ID: 39213876
Thank you.... One more question....if my email servers host name is exchange then I will need an A record for that host name and then associate that record with the PTR, correct?
0
 
LVL 20

Accepted Solution

by:
woolnoir earned 500 total points
ID: 39213882
you need to do the following... find out the 'external' IP that your exchange server talks out on. Do a reverse lookup on this Ip to find what it resolves to currently, if you control this, set it to i.e 'mail.blah.com', then make sure mail.blah.com points at this IP.

Its easier if you control both forward and reserve lookups, if your IP block is supplied via an ISP then you will potentially need to get them to change the reverse look up. if you do control both, i.e you have access to the DNS server that is forward and reverse authoritative then yes, do as you suggest above.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question