Solved

PTR Record

Posted on 2013-06-27
4
547 Views
Last Modified: 2013-09-27
I need to request a PTR record from ATT but have no clue what to order.

I have a SBS 2011 configured as follows;

server name: srv-sbs01
domain: domain.local

the company email\site is currently hosted we are currently using POP3 and smart host but need to bring it in-house using SMTP.

What do I have to request from ATT?
do I have to create a record on the SBS server?
Do I have to open any ports on the firewall?

Any help is appreciated.
0
Comment
Question by:rudym88
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 10

Expert Comment

by:Marshal Hubs
ID: 39283518
Hi,

DNS allows you to create multiple PTR records for a given IP address, most applications that do reverse lookup only look at the first PTR returned in the response to their DNS lookup. So to be safe, you should create only one PTR record per IP address.

PTR records are necessary for a DNS reverse lookup on an IP address to work. Some servers on the Internet do a DNS reverse lookup on the IP address of a client when a client connects to the server. E-mail servers may do this to detect attempted e-mail forgeries. Web servers and FTP servers may do this to keep a record of who visited the server or who downloaded software from the server. If you don't create PTR records for the IP addresses of your hosts, they may get rejected when they connect to such servers.

If you are using IP addresses provided to you by AT&T, AT&T can supply you with the in-addr.arpa, IPV4, or the ip6.arpa, IPV6, domains you need to create PTR records for your IP addresses. If you are using IP addresses not owned by AT&T, you must arrange with the Regional Internet Registry that provided you with your addresses to have AT&T DNS servers designated as the nameservers for your in-addr.arpa, IPV4, or the ip6.arpa, IPV6, domain(s).
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39284133
Nice copy and paste there.
https://dpt.ip.att.net/dpt_helphome/dns_faq.htm

Which doesn't answer the question.

To answer the question - you need to have an A record pointing to your server. For SBS this is usually remote.example.com.
You then ask your ISP to set the PTR to remote.example.com.

You can then change your MX records to remote.example.com, get an SSL certificate for remote.example.com. The wizards in SBS will also setup the server for remote.example.com.

You don't do anything on the SBS server - the A record has to be created by whoever looks after your domain name and public DNS records.

Simple as that.

Simon.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 39286017
Do I have to open any ports on the firewall?
At a minimum, you'll need to open TCP ports 25 (for SMTP) and 443 (for HTTPS) on your firewall. You may also want to open TCP port 987 if you wish to access the Companyweb site remotely.

(I guess it's not absolutely necessary to open TCP 443, but then you'll be missing out on OWA, not to mention Remote Web Access, which in my opinion is one of the best features of SBS.)
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 39295949
You don't say what you need the PTR record although most of the time it's needed for the email system.

Essentially you need to request the PTR record for the name matching your MX Record which would usually be pointing to an A record.

I'm basically repeating what Sembee2 said, see links below for more information:
http://technet.microsoft.com/en-us/library/ff714972.aspx
http://www.mxpolice.com/email-security/importance-of-ptr-records-for-reliable-mail-delivery/
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question