Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange Server Public IP Reverse DNS

Posted on 2015-02-21
7
Medium Priority
?
118 Views
Last Modified: 2015-04-20
We have an Exchange server with an assigned public IP.  Our website/email is hosted by our ISP.  When email is sent from our Exchange server, reverse DNS fails and we can't send email to certain clients.

I am going to set up a PTR record with our ISP to forward the email automatically to our Exchange server so I can implement reverse DNS to the exchange server's public IP address.

if our company's website/email domain name is mycompany.com and the exchange server public ip is 10.9.8.7 then should the reverse DNS point to mycompany.com, mail.company.com or what?

Lastly, is this the only solution to reconciling Reverse DNS to our Exchange Server?

thanks,
0
Comment
Question by:frdbadf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Expert Comment

by:RantCan
ID: 40623144
I think your question is broader than DNS and PTR records.

I need some clarification: when you say "email is hosted" do you mean MX records or a mail server that is literally forwarding mail?

If your exchange is Internet available on Port 25, then you should ensure it is significantly hardened. From a security perspective, using exchange in this manner is supported but massively insecure. I have used a variety of providers that use the mxlogic portal (McAfee, Spamsoap) and this helps keep your exchange from getting essentially DDOS'd on 25, as exchange will only take SMTP traffic from one IP address.
0
 

Author Comment

by:frdbadf
ID: 40623397
I have a similar setups with other locations, some have the mail forwarded to AppRiver who scrubs for spam and the forwards to the Exchange server public IP, and in all cases we have firewalls that forward port 25 on the public IP to the Exchange server on the internal LAN.

when I use http://ipadmin.junkemailfilter.com/rdns.php to check RDNS on the Public IP it responds with

RDNS for xx.xxx.xx.xx is: [mail.ourdomain.com] - (PTR record - xx.xx.xxx.xx.in-addr.arpa)

ERROR - Lookup Failed for [mail.ourdomain.com]

ERROR - Reverse Lookup Failed
IP [xx.xxx.xx.xx] does not match []

I perform NSLookup of mail.ourdomain.com and it says Server:  unknown

I'm missing a record?  MX?

thanks,
0
 
LVL 10

Expert Comment

by:cpmcomputers
ID: 40623974
You need to request your ISP to set rdns on their system for the external ip to "mail.yourdomain.com" not those of your own Dns management
This is why it is returning an in arpa address
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:frdbadf
ID: 40624095
I worked over the phone with the ISP yesterday setting up rdns but it still does not resolve correctly.
0
 
LVL 10

Accepted Solution

by:
cpmcomputers earned 1500 total points
ID: 40624147
The rdns for the primary ip needs setting by whoever controls it
Not sure how your provision is done
But by way if example

Myclient has an exchange server on their LAN in their local office
It is port mapped on port 25 to their public external IP address of their broadband connection provided by BT
Their mydomain.com has a website with 123-reg their ISP and this company also hosts their external DNS records for the domain (A records,MX,CNAME,PTR,etc

In order to get rDNS to resolve correctly we have to apply a request to BT ( the broadband provider) not 123reg (the domain ISP) as it is they that provide the external ip
0
 

Author Comment

by:frdbadf
ID: 40624157
We are using CBeyond, bought recently by Birch communications.  I will pass this on and get back to you.

thanks,
0
 
LVL 10

Expert Comment

by:cpmcomputers
ID: 40624164
Hi

Just to illustrate the point you might want to see this link

http://btbusiness.custhelp.com/app/answers/detail/a_id/8763/~/how-can-i-set-up-a-reverse-dns-on-my-domain-name%3F



Hope you get it sorted soon
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question