I have one email server with one IP, but several forward lookup zones in DNS. How should I set up the PTR records?

I have one Windows 2008 r2 machine with one IP Address serving up email for fourteen different domains. Not Active Directory domains, I only have one Active Directory domain, I'm just talking domains that we own the name of and want to provide email for [eg. MyCompany.com, MyCompany.net, MySideVenture.com, MyHobby.net, etc]. I have two Windows 2008 r2 servers on the outside of my network - Internet facing - which is authoritative for all of these forward lookup zones, and it has one reverse lookup zone. No, we don't use our ISP for DNS, even though that would be infinitely easier. We want the control.

How should I have my reverse lookup set up?

Should I have an A record for this email server in each forward lookup zone [eg. mail.MyCompany.com, mail.MyCompany.net, mail.MySideVenture.com, mail.MyHobby.net] and a corresponding PTR record in the reverse lookup zone for each of those A records, so that I end up having fourteen PTR records pointing to one IP Address?

Should I have only one PTR record in the reverse lookup zone pointing to the actual host name of the email server rather than "mail....."?

Need help, please. And thanks!
TronairIncAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

serchlopCommented:
Hi

PTR records point  from IP to domain names, that's why you should create only one record for your email server even if you use many domains.

The problem here is that in most cases, PTR records are hosted with ISP, and only in some cases where final user has a c class, reverse internet facing IP coulb be resolved by your own DNS server.

Here a link with some info

http://en.wikipedia.org/wiki/Reverse_DNS_lookup
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TronairIncAuthor Commented:
Serchlop.

You were 100% correct.

I've removed all PTR records that point to "mail...", added one PTR record that points straight to the FQDN and external IP address of my Exchange server, and within a minute the propagation was tearing across the Interwebs. I noticed mail that had been hung up as rejected by the other end now flowing through the email que without incident.

So the final answer on this question is, regardless of how many email domains you have, stick to having only one PTR per email server in your reverse lookup zone that points directly to the FQDN and external IP of that email server.

I've been beating my head on this issue all week. 1000x thank you!
0
serchlopCommented:
Another important record to avoid being blocked by antispam providers could be the use of SPF record for your domain, using the name for your mail server or the IP address for it.

Some info for SPF Records
https://support.microsoft.com/kb/2640313?wa=wsignin1.0

And a wizard to generate your SPF record for each domain.
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.