Solved

Configure reverse DNS to match SMTP banner and Forward DNS

Posted on 2013-06-25
9
3,453 Views
Last Modified: 2013-07-01
Hello All,

In an effort to mitigate the residual effects of our recent virus outbreak, I am now finding out our IP rating is poor and through a few searches, I have found out others in my poisition have been able to increase the rating by resolving reverse DNS issues.

I ran a few SMTP diagnostics on our public IP and this is the results I have received;

Reverse DNS (PTR) exists and claimes to be: mail.imgps.com

Forward DNS for mail.imgps.com is: 100.43.235.40


WARNING: Forward-DNS does NOT match Reverse-DNS.
DNS is INCONSISTENT.
Please request your Admin or Provider to fix this.


My questions;

What do I need to do in order to resolve this issue?
Where can I find out my current SMTP domain in order to match this with what is being published?
0
Comment
Question by:Coupee46
  • 4
  • 4
9 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39275803
You need to talk to Telepacific and ask them to configure Reverse DNS on your Static IP Address as mail.imgps.com.

Currently your Reverse DNS record shows:

100-43-235-40.static-ip.telepacific.net

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275857
Alan,

I ran another stmp diag. @ mxtools and this is the results I received...

SMTP Reverse Banner Check
 
OK - *.168.15*.* resolves to mail.imgps.com

 





SMTP Reverse DNS Mismatch
 
Warning - Reverse DNS does not match SMTP Banner
 
Ignore





SMTP TLS
 
Warning - Does not support TLS.
 
Ignore





SMTP Connection Time
 
14.165 seconds - Not good! on Connection time
 
Ignore





SMTP Open Relay
 
OK - Not an open relay.
 





SMTP Transaction Time
 
29.281 seconds - Not good! on Transaction Time
 
Ignore



Session Transcript:


 220 barracuda.pcd.com ESMTP (9b71f137fd973042a158ebc6358db572) [14040 ms]
 EHLO please-read-policy.mxtoolbox.com
 250-barracuda.pcd.com Hello please-read-policy.mxtoolbox.com [64.20.227.133], pleased to meet you
 250-SIZE 100000000
 250-AUTH PLAIN LOGIN
 250-AUTH=PLAIN LOGIN
 250-PIPELINING
 250-8BITMIME
 250 HELP [671 ms]
 MAIL FROM: <supertool@mxtoolbox.com>
 250 Sender <supertool@mxtoolbox.com> OK [671 ms]
 RCPT TO: <test@example.com>
 550 No such domain at this location (test@example.com) [13728 ms]
 QUIT
 
SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)
 
MXTB-PWS3v2 29812ms
 

Open in new window


I masked the public IP, but can message you directly it if needed...
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39275873
You can post the IP address if you like and then I can obscure it - I am a Zone Advisor and have extra powers !!

Alternatively, you can look at my profile for my email address.

MXToolbox will always report incorrectly on Exchange 2007 / 2010 / 2013 as it tests your Receive Connector, not your SEND Connector, so pay no attention to that!

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275895
Awesome, IP is : xx.168.15x.xxx :)
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 1

Author Comment

by:Coupee46
ID: 39275903
Any help is appreciated.. I just want to nail this revers DNS issue asap, in order to help my IP reputation.. which is currently listed as "poor"
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39275927
Okay running nslookup (followed by your IP Address) returns mail.imgps.com

Then running nslookup mail.imgps.com returns IP 100.43.235.40.

So - you either need to change the A record for mail.imgps.com to point to your Public IP address or create a new DNS record e.g., outbound.domain.com and point that to your Public IP Address and then change your reverse DNS record on that IP to outbound.domain.com

You should also check your IP on http://www.blacklistalert.org/ as it is listed in a couple of places, although you should drop off those listings (UCEPROTECT) on the 1st July automatically.

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39276067
Thanks Alan..

So i'll call my ISP shortly and have them change the A record for mail.imgps.com to point to public IP?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39276111
Yep - you don't receive mail directly, so that should be fine.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now