PTR on Exchange 2010 with GFI

Guys - retiring a T-1 ISP account as our primary WAN. We were using another ISP for WAN2 just for browsing, etc. Now WAN2 is our primary and ONLY ISP on the router. Public static IP's, etc. all the normal stuff.

Exchange 2010 server in house within the LAN. Cisco RV042 primary router with ONLY a WAN1 in use now on a static IP.

In the old days we did have a PTR thru our carrier on the T-1. Not sure if it is required anymore and if we need to re-load the same action on the new carrier, but for a different IP/A record. My main question is whether we need to do this at all. If YES, the next really important question is whether it should be the MX address (i.e. - our GFI cloud filtering) or simply the WAN IP on our router which mail passes in and out of now.

We use GFI in a cloud datacenter for all inbound filtering. Trying to confirm if we actually ever setup outbound filtering but not 100% sure yet. If yes, and possibly even if no, I am thinking a PTR record may need to be our inbound MX record on our DNS provider so that reverse DNS lookups would match vs. just seeing our public WAN IP. The bottom line is PTR or no PTR. Then if yes on PTR, should it match our MX inbound records for reverse DNS match or actually make it the WAN IP in front of the mail server? Seems like it would be MX record match vs. WAN IP.

Anyone have any questions, don't hesitate to post. Trying to get this perfect to avoid issues but more importantly burn in the process going forward in our KB.
David RobertsAsked:
Who is Participating?
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
The PTR will be a host name, not an IP address.
It should match the host name that resolves to the server, so that IP address resolves to host.example.com and host.example.com resolves to the same IP address.

If you are using an external host for email filtering, then it still applies, unless you are routing email out through them as well as a smart host. Then it isn't so important, but I would still set it up, so you can send email directly if required.

You should also have an SPF record, which includes the filtering service and your external IP address.

Simon.
0
 
Jamie McKillopConnect With a Mentor IT ManagerCommented:
Hello,

Yes, you will need a PTR record for the public IP of your sending server. It does not need to match your MX record, it can be any hostname. All that matters is that the record exists. Most ISPs will automatically create PTR records for their entire IP range, so one might already exist.

-JJ
0
 
David RobertsAuthor Commented:
To be clear, we use our primary WAN IP address for all mail traffic. Are PTR records normally IP's or hostnames? Seems like it would be the IP address. If a hostname, any best practices?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.