Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

PTR on Exchange 2010 with GFI

Posted on 2014-01-23
3
Medium Priority
?
346 Views
Last Modified: 2014-01-30
Guys - retiring a T-1 ISP account as our primary WAN. We were using another ISP for WAN2 just for browsing, etc. Now WAN2 is our primary and ONLY ISP on the router. Public static IP's, etc. all the normal stuff.

Exchange 2010 server in house within the LAN. Cisco RV042 primary router with ONLY a WAN1 in use now on a static IP.

In the old days we did have a PTR thru our carrier on the T-1. Not sure if it is required anymore and if we need to re-load the same action on the new carrier, but for a different IP/A record. My main question is whether we need to do this at all. If YES, the next really important question is whether it should be the MX address (i.e. - our GFI cloud filtering) or simply the WAN IP on our router which mail passes in and out of now.

We use GFI in a cloud datacenter for all inbound filtering. Trying to confirm if we actually ever setup outbound filtering but not 100% sure yet. If yes, and possibly even if no, I am thinking a PTR record may need to be our inbound MX record on our DNS provider so that reverse DNS lookups would match vs. just seeing our public WAN IP. The bottom line is PTR or no PTR. Then if yes on PTR, should it match our MX inbound records for reverse DNS match or actually make it the WAN IP in front of the mail server? Seems like it would be MX record match vs. WAN IP.

Anyone have any questions, don't hesitate to post. Trying to get this perfect to avoid issues but more importantly burn in the process going forward in our KB.
0
Comment
Question by:David Roberts
3 Comments
 
LVL 37

Assisted Solution

by:Jamie McKillop
Jamie McKillop earned 1000 total points
ID: 39804593
Hello,

Yes, you will need a PTR record for the public IP of your sending server. It does not need to match your MX record, it can be any hostname. All that matters is that the record exists. Most ISPs will automatically create PTR records for their entire IP range, so one might already exist.

-JJ
0
 

Author Comment

by:David Roberts
ID: 39805609
To be clear, we use our primary WAN IP address for all mail traffic. Are PTR records normally IP's or hostnames? Seems like it would be the IP address. If a hostname, any best practices?
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 1000 total points
ID: 39805799
The PTR will be a host name, not an IP address.
It should match the host name that resolves to the server, so that IP address resolves to host.example.com and host.example.com resolves to the same IP address.

If you are using an external host for email filtering, then it still applies, unless you are routing email out through them as well as a smart host. Then it isn't so important, but I would still set it up, so you can send email directly if required.

You should also have an SPF record, which includes the filtering service and your external IP address.

Simon.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month10 days, 22 hours left to enroll

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question