Solved

reverse dns - spam blacklist issue

Posted on 2014-02-25
7
607 Views
Last Modified: 2014-08-15
We have a client that uses Mimecast for sending and recieving emails via their own local Exchange 2007 server

Recently some of the clients that they have been sending to have not received the emails from them apparently.

I have been advised by Mimecast that we setup reverse DNS correctly for the domain in question as they are listed on the blacklist for spamrats - due to the following mesasage:

--------------------------------------------------

Does IP Address resolve to a reverse hostname... Passed!

Does IP Address comply with reverse hostname naming convention... Failed!

--------------------------------------------------

Can you please advise as to how we go about complyng with this reverse hostname naming convention??
0
Comment
Question by:phoenix81
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39885339
If you pop your (their) IP address into www.blacklistalert.org it will tell you if reverse DNS is setup properly.

You can also check this using NSLOOKUP:

nslookup IP_Address

should return the Reverse DNS Record e.g., mail.domain.com

Then run:

nslookup mail.domain.com

and it should return the same IP_Address as you used in the first nslookup.  If it does, all is good, if not, then something needs to be changed so that the two line up properly.  Either change the Reverse DNS record to one that does resolve to the IP Address, or setup a new A record to match the Reverse DNS record and point it to the IP_Address.

Alan
0
 
LVL 13

Expert Comment

by:Andy M
ID: 39885636
The reverse dns on the internet line is usually handled by your internet provider and generally should be setup so it matches the external hostname of the exchange email server.

If you don't know what the external address is, do a telnet directly to the exchange 2007 server - the header message you get following connection should tell you the hostname (i.e. could be mail.domain.com, smtp,domain.com, remote.domain.com, etc).

You will then need to get your ISP to setup the reverse dns to match this by contacting them with the IP address of the internet line and the hostname you want it to be set as. As mentioned by Alan you can use nslookup to check what the current reverse dns is set to
0
 
LVL 27

Expert Comment

by:skullnobrains
ID: 39886767
same as @alan + you had better make sure the HELO that is sent also matches the PTR for the corresponding ip address, and possibly set an SPF record as well
0
NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

 

Author Comment

by:phoenix81
ID: 39985636
this seemed to resolve itself guys without us making changes so thanks for your assistance
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 39985647
Long may it stay that way ;)

Alan
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 500 total points
ID: 39986131
mimecast must have whitelisted their ip. if mimecast acts like a smarthost (meaning no mail is issued without going through them), this should not be a problem in the future. if not, you will have the same problem with many other peers
0
 

Author Closing Comment

by:phoenix81
ID: 40262681
thanks
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question