Required DNS Entries for EMail Server (Best Practices)

I just rolled out SBS 2011 with Exchange 2010 on it. Everything is working great.

I have discovered that a few emails do not go through to their destination. (Less than 1%).

I suspect that I have not properly configured my DNS with the minimum required entries for best practices.

The only thing I did was to create an MX record but I did not create an SPF or PTR or rDNS or anything else.

Can someone give me a list of the records I need to be running under best practices with the least chance of problems?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You can create a SPF record and RDNS (PTR) record. As some of the mail servers does not accept emails from the domain that does not have RDNS/PTR record.
GenesisTechAuthor Commented:

Thank you for your response but you only kind of addressed my question.

I am asking for a list of all DNS records that should be created as a best practices for setting up a mail server.

Simon Butler (Sembee)ConsultantCommented:
For an Exchange server you only NEED three: (common name)

MX record (Which can be

You will then need to speak to your ISP and get them to set a PTR on your static IP address to
Ensure that is on the Send Connector. If you are using SBS to setup the server then that should be done for you.

Everything else is optional.
SPF records can help, and would be considered good practise.

However if you suspect the problem is with DNS records then you should get NDRs, those NDRs will tell you if something is wrong.
There are lots of reasons why email delivery can fail, for example if you are using logos in your signatures then that can trip content based filtering (rather than host based filtering) which can result in email being dropped silently as spam.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

GenesisTechAuthor Commented:

Awesome, complete answer. THANK YOU SO MUCH.

I did everything you listed correct right from the start and everything is functioning great.

We did have 1 domain that was rejecting our email with an NDR of 4.4.7. I did some research and everything I could find said this was probably happening because there was no SPF or PTR record. Hence the reason I asked about correct DNS records to make sure I had done everything correct.

Any quick thoughts on the NDR 4.4.7?

Simon Butler (Sembee)ConsultantCommented:
The codes on their own are useless - need the full text.
You should have a PTR - if you don't then a lot of major email providers will reject the email. I would go as far as to say a PTR is mandatory.

SPF is optional. I do configure it as a matter of course, but you shouldn't have problems if you don't have one.

GenesisTechAuthor Commented:
OK - If it happens again I will create a new question and post the full NDR to see if I can get some help with it.

Thanks again!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.