Solved

Configure reverse DNS to match SMTP banner and Forward DNS

Posted on 2013-06-25
9
3,573 Views
Last Modified: 2013-07-01
Hello All,

In an effort to mitigate the residual effects of our recent virus outbreak, I am now finding out our IP rating is poor and through a few searches, I have found out others in my poisition have been able to increase the rating by resolving reverse DNS issues.

I ran a few SMTP diagnostics on our public IP and this is the results I have received;

Reverse DNS (PTR) exists and claimes to be: mail.imgps.com

Forward DNS for mail.imgps.com is: 100.43.235.40


WARNING: Forward-DNS does NOT match Reverse-DNS.
DNS is INCONSISTENT.
Please request your Admin or Provider to fix this.


My questions;

What do I need to do in order to resolve this issue?
Where can I find out my current SMTP domain in order to match this with what is being published?
0
Comment
Question by:Coupee46
  • 4
  • 4
9 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39275803
You need to talk to Telepacific and ask them to configure Reverse DNS on your Static IP Address as mail.imgps.com.

Currently your Reverse DNS record shows:

100-43-235-40.static-ip.telepacific.net

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275857
Alan,

I ran another stmp diag. @ mxtools and this is the results I received...

SMTP Reverse Banner Check
 
OK - *.168.15*.* resolves to mail.imgps.com

 





SMTP Reverse DNS Mismatch
 
Warning - Reverse DNS does not match SMTP Banner
 
Ignore





SMTP TLS
 
Warning - Does not support TLS.
 
Ignore





SMTP Connection Time
 
14.165 seconds - Not good! on Connection time
 
Ignore





SMTP Open Relay
 
OK - Not an open relay.
 





SMTP Transaction Time
 
29.281 seconds - Not good! on Transaction Time
 
Ignore



Session Transcript:


 220 barracuda.pcd.com ESMTP (9b71f137fd973042a158ebc6358db572) [14040 ms]
 EHLO please-read-policy.mxtoolbox.com
 250-barracuda.pcd.com Hello please-read-policy.mxtoolbox.com [64.20.227.133], pleased to meet you
 250-SIZE 100000000
 250-AUTH PLAIN LOGIN
 250-AUTH=PLAIN LOGIN
 250-PIPELINING
 250-8BITMIME
 250 HELP [671 ms]
 MAIL FROM: <supertool@mxtoolbox.com>
 250 Sender <supertool@mxtoolbox.com> OK [671 ms]
 RCPT TO: <test@example.com>
 550 No such domain at this location (test@example.com) [13728 ms]
 QUIT
 
SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)
 
MXTB-PWS3v2 29812ms
 

Open in new window


I masked the public IP, but can message you directly it if needed...
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39275873
You can post the IP address if you like and then I can obscure it - I am a Zone Advisor and have extra powers !!

Alternatively, you can look at my profile for my email address.

MXToolbox will always report incorrectly on Exchange 2007 / 2010 / 2013 as it tests your Receive Connector, not your SEND Connector, so pay no attention to that!

Alan
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 1

Author Comment

by:Coupee46
ID: 39275895
Awesome, IP is : xx.168.15x.xxx :)
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39275903
Any help is appreciated.. I just want to nail this revers DNS issue asap, in order to help my IP reputation.. which is currently listed as "poor"
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 39275927
Okay running nslookup (followed by your IP Address) returns mail.imgps.com

Then running nslookup mail.imgps.com returns IP 100.43.235.40.

So - you either need to change the A record for mail.imgps.com to point to your Public IP address or create a new DNS record e.g., outbound.domain.com and point that to your Public IP Address and then change your reverse DNS record on that IP to outbound.domain.com

You should also check your IP on http://www.blacklistalert.org/ as it is listed in a couple of places, although you should drop off those listings (UCEPROTECT) on the 1st July automatically.

Alan
0
 
LVL 1

Author Comment

by:Coupee46
ID: 39276067
Thanks Alan..

So i'll call my ISP shortly and have them change the A record for mail.imgps.com to point to public IP?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39276111
Yep - you don't receive mail directly, so that should be fine.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Find out what you should include to make the best professional email signature for your organization.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question