Solved

Email PTR Reverse Lookup Issue

Posted on 2013-06-01
4
559 Views
Last Modified: 2013-06-14
I currently have a Trend Micro SPAM server and one Exchange 2007 server.  Our MX record points to our Spam server (mail.abc.com) for all inbound mail.

Our Exchange server sends mail directly out to the internet without going through the Spam server.

My question is given this configuration.... for receiving email servers that perform reverse lookups like AOL, Comcast, etc. I know I need to have a PTR record in place.  Does that PTR record have to point to my MX record (Spam Server) or does it need to point to the Exchange server (The outbound SMTP server).
0
Comment
Question by:BSModlin
  • 3
4 Comments
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
It doesnt matter, whatever IP the email server goes out on, needs to have the same forward and reverse DNS. Does your email server, NAT through the same IP address as your MX (spam) server ? if so, it's irrelevent.

If they are different IP's then just ensure the IP that the email server comes out to, resolves to a hostname, and that hostname, resolves back to the same IP.
0
 
LVL 20

Expert Comment

by:woolnoir
Comment Utility
The only other consideration is the SPF records which define what IP's should be sending emails for each domain, make sure that side of things is covered.
0
 

Author Comment

by:BSModlin
Comment Utility
Thank you.... One more question....if my email servers host name is exchange then I will need an A record for that host name and then associate that record with the PTR, correct?
0
 
LVL 20

Accepted Solution

by:
woolnoir earned 500 total points
Comment Utility
you need to do the following... find out the 'external' IP that your exchange server talks out on. Do a reverse lookup on this Ip to find what it resolves to currently, if you control this, set it to i.e 'mail.blah.com', then make sure mail.blah.com points at this IP.

Its easier if you control both forward and reserve lookups, if your IP block is supplied via an ISP then you will potentially need to get them to change the reverse look up. if you do control both, i.e you have access to the DNS server that is forward and reverse authoritative then yes, do as you suggest above.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now