• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 701
  • Last Modified:

reverse dns - spam blacklist issue

We have a client that uses Mimecast for sending and recieving emails via their own local Exchange 2007 server

Recently some of the clients that they have been sending to have not received the emails from them apparently.

I have been advised by Mimecast that we setup reverse DNS correctly for the domain in question as they are listed on the blacklist for spamrats - due to the following mesasage:

--------------------------------------------------

Does IP Address resolve to a reverse hostname... Passed!

Does IP Address comply with reverse hostname naming convention... Failed!

--------------------------------------------------

Can you please advise as to how we go about complyng with this reverse hostname naming convention??
0
phoenix81
Asked:
phoenix81
  • 2
  • 2
  • 2
  • +1
1 Solution
 
Alan HardistyCo-OwnerCommented:
If you pop your (their) IP address into www.blacklistalert.org it will tell you if reverse DNS is setup properly.

You can also check this using NSLOOKUP:

nslookup IP_Address

should return the Reverse DNS Record e.g., mail.domain.com

Then run:

nslookup mail.domain.com

and it should return the same IP_Address as you used in the first nslookup.  If it does, all is good, if not, then something needs to be changed so that the two line up properly.  Either change the Reverse DNS record to one that does resolve to the IP Address, or setup a new A record to match the Reverse DNS record and point it to the IP_Address.

Alan
0
 
Andy MInternal Systems ManagerCommented:
The reverse dns on the internet line is usually handled by your internet provider and generally should be setup so it matches the external hostname of the exchange email server.

If you don't know what the external address is, do a telnet directly to the exchange 2007 server - the header message you get following connection should tell you the hostname (i.e. could be mail.domain.com, smtp,domain.com, remote.domain.com, etc).

You will then need to get your ISP to setup the reverse dns to match this by contacting them with the IP address of the internet line and the hostname you want it to be set as. As mentioned by Alan you can use nslookup to check what the current reverse dns is set to
0
 
skullnobrainsCommented:
same as @alan + you had better make sure the HELO that is sent also matches the PTR for the corresponding ip address, and possibly set an SPF record as well
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
phoenix81Author Commented:
this seemed to resolve itself guys without us making changes so thanks for your assistance
0
 
Alan HardistyCo-OwnerCommented:
Long may it stay that way ;)

Alan
0
 
skullnobrainsCommented:
mimecast must have whitelisted their ip. if mimecast acts like a smarthost (meaning no mail is issued without going through them), this should not be a problem in the future. if not, you will have the same problem with many other peers
0
 
phoenix81Author Commented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now