Solved

Exchange Server Public IP Reverse DNS

Posted on 2015-02-21
7
111 Views
Last Modified: 2015-04-20
We have an Exchange server with an assigned public IP.  Our website/email is hosted by our ISP.  When email is sent from our Exchange server, reverse DNS fails and we can't send email to certain clients.

I am going to set up a PTR record with our ISP to forward the email automatically to our Exchange server so I can implement reverse DNS to the exchange server's public IP address.

if our company's website/email domain name is mycompany.com and the exchange server public ip is 10.9.8.7 then should the reverse DNS point to mycompany.com, mail.company.com or what?

Lastly, is this the only solution to reconciling Reverse DNS to our Exchange Server?

thanks,
0
Comment
Question by:frdbadf
  • 3
  • 3
7 Comments
 
LVL 9

Expert Comment

by:RantCan
ID: 40623144
I think your question is broader than DNS and PTR records.

I need some clarification: when you say "email is hosted" do you mean MX records or a mail server that is literally forwarding mail?

If your exchange is Internet available on Port 25, then you should ensure it is significantly hardened. From a security perspective, using exchange in this manner is supported but massively insecure. I have used a variety of providers that use the mxlogic portal (McAfee, Spamsoap) and this helps keep your exchange from getting essentially DDOS'd on 25, as exchange will only take SMTP traffic from one IP address.
0
 

Author Comment

by:frdbadf
ID: 40623397
I have a similar setups with other locations, some have the mail forwarded to AppRiver who scrubs for spam and the forwards to the Exchange server public IP, and in all cases we have firewalls that forward port 25 on the public IP to the Exchange server on the internal LAN.

when I use http://ipadmin.junkemailfilter.com/rdns.php to check RDNS on the Public IP it responds with

RDNS for xx.xxx.xx.xx is: [mail.ourdomain.com] - (PTR record - xx.xx.xxx.xx.in-addr.arpa)

ERROR - Lookup Failed for [mail.ourdomain.com]

ERROR - Reverse Lookup Failed
IP [xx.xxx.xx.xx] does not match []

I perform NSLookup of mail.ourdomain.com and it says Server:  unknown

I'm missing a record?  MX?

thanks,
0
 
LVL 10

Expert Comment

by:cpmcomputers
ID: 40623974
You need to request your ISP to set rdns on their system for the external ip to "mail.yourdomain.com" not those of your own Dns management
This is why it is returning an in arpa address
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:frdbadf
ID: 40624095
I worked over the phone with the ISP yesterday setting up rdns but it still does not resolve correctly.
0
 
LVL 10

Accepted Solution

by:
cpmcomputers earned 500 total points
ID: 40624147
The rdns for the primary ip needs setting by whoever controls it
Not sure how your provision is done
But by way if example

Myclient has an exchange server on their LAN in their local office
It is port mapped on port 25 to their public external IP address of their broadband connection provided by BT
Their mydomain.com has a website with 123-reg their ISP and this company also hosts their external DNS records for the domain (A records,MX,CNAME,PTR,etc

In order to get rDNS to resolve correctly we have to apply a request to BT ( the broadband provider) not 123reg (the domain ISP) as it is they that provide the external ip
0
 

Author Comment

by:frdbadf
ID: 40624157
We are using CBeyond, bought recently by Birch communications.  I will pass this on and get back to you.

thanks,
0
 
LVL 10

Expert Comment

by:cpmcomputers
ID: 40624164
Hi

Just to illustrate the point you might want to see this link

http://btbusiness.custhelp.com/app/answers/detail/a_id/8763/~/how-can-i-set-up-a-reverse-dns-on-my-domain-name%3F



Hope you get it sorted soon
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question