PTR Record for mail server

Hi, some of my client email are returned me and having the issue with PTR record.
We do have exchange 2010 in house to send email and having the pop server on mail hosting company to receive email through pop connector on exchange server.

this is the error we getting:
Your server IP address [209.151.130.209] does not have a valid reverse DNS entry [broadband-net130-ip209.ica.net]

I  called our ISP to fix the rDNS, but he asking me to provide rDNS record for the IP which your mail server is using.

i don't know, what i should do from my end. As i mention, incoming email coming from mail hosting outsource through pop connector, and outgoing using our exchange 2010 SMTP.

Please help...
NinousAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Wayne88Commented:
Can't you use your SMTP server IP address as PTR anyway because it's only concerned with sending side?  Just tell your ISP that you want the PTR record to point to the IP address you provide (which is your SMTP server).

OR

You can get your POP mail hosting company to allow you to relay to their SMTP server if you want the inbound and outbound mail server to be the same.
0
Ugo MenaCommented:
What is the domain name?
Do you know what your MX record is?
0
NinousAuthor Commented:
triphasegroup.com   38.117.80.2   which is the IP of my incoming mail hosting. I use pop connector to download email to my exchange in house 209.151.130.209.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Wayne88Commented:
Ok, then can you add a second MX record with your SMTP IP address then point the PTR to the second one?  You can do this at the domain hosting company (e.g. Go Daddy allow you to do so via their web interface).
0
NinousAuthor Commented:
is it the public IP or private IP of the smtp server?
0
Wayne88Commented:
You want the public IP of the SMTP server because outsiders can't check private IP.
0
NinousAuthor Commented:
what I should do, If I want to use the same mail hosting to route my outgoing mail as well as incoming mail. do I need to configure anything on my end?
0
Wayne88Commented:
No, just leave everything the way it is.  All PTR does is check to make sure that the PTR/rDNS can be matched with an MX record related to your domain name.

Companies like IBM and MS, etc. will have multiple MX records because they have mail server farms.  But your MX record only returned one.  Just add a second MX with your SMTP IP address then tell your ISP to point the PTR to that second MX record.
0
NinousAuthor Commented:
is there anything I should configure on my exchange server or network, if I want to go with the 2nd option that you gave, going outbound also with mail hosting company?
0
Wayne88Commented:
With the second option you will first check with your mail hosting company that they will allow you to relay (it may cost extra) then you will need to configure your Exchange server to relay the sent emails to the mail host SMTP server.

IMHO, this is a step more complex and it can be a pain when you're trying to troubleshoot email sending issues.  I will keep it simple and go with:

Just leave everything the way it is.   Just add a second MX with your SMTP IP address then tell your ISP to point the PTR to that second MX record.

This is the easiest and it doesn't require you to change anything on the Exchange server.
0
NinousAuthor Commented:
could you give me the step by step, how to add the second MX for smtp?
My mail.triphasegroup.com 38.117.80.2 is my incoming mail from mail hosting. my public IP for my firewall is 209.151.130.209 which my email server and everything else using on my network.
0
Ugo MenaCommented:
While I agree with what Wayne88 has stated above, the fix for your specific issue will be to ask your ISP to add or update their DNS servers with these records.

Forward: 209.151.130.209   smtp.triphasegroup.com
Reverse: 209.130.151.209.in-addr.arpa   name = smtp.triphasegroup.com  (this one is currently missing)
0
Ugo MenaCommented:
There are a number of issues that come up with your specific domain configuration. You can use an online tool like MXToolbox or similar to find these issues:

http://mxtoolbox.com/domain/triphasegroup.com/

Screen-Shot-2015-08-05-at-4.10.04-PM.pdf
0
NinousAuthor Commented:
do I need to configure anything on my end about smtp.triphasegroup.com on my network. is smtp.triphasegroup.com entry should be in my DNS server also?
0
Ugo MenaCommented:
nothing is required on your end. Unless you are in charge of your external DNS records.

Otherwise, you just need to have your your ISP (rebelnetwork) add the DNS records on their DNS servers.

The smtp.triphasegroup.com address is already pointing to your firewall Public IP at 209.151.130.209
0
Ugo MenaCommented:
I  called our ISP to fix the rDNS, but he asking me to provide rDNS record for the IP which your mail server is using.

Give him this info:
Forward: 209.151.130.209   smtp.triphasegroup.com
Reverse: 209.130.151.209.in-addr.arpa   name = smtp.triphasegroup.com  (this one is currently missing)
0
Wayne88Commented:
It's easier to just create a second MX record but I will leave this to Ninous to decide.  If he is going to relay the emails then he will also have to configure the Exchange server.
0
NinousAuthor Commented:
My ISP for 209.151.130.209 is ICA Wireless network. my (rebelnetwork) is my incoming mail hosting. Do I should inform my public 209.151.130.209 is ICA Wireless network about the SMTP.Triphasegroup.com?
0
Ugo MenaCommented:
It seems like you have multiple hosts configured to use the same public IP address. So your firewall is handling multiple host services using some type of NAT.

SMTP.triphasegroup.com is already listed as 209.151.130.209

You need the reverse DNS record to reflect that same thing. Right now it shows up as the default ISP entry

That is what email servers are complaining about when your server attempts to deliver mail for your domain.
0
Ugo MenaCommented:
The records that need to be updated are with rebelnetworks. These are the DNS servers that are answering for triphasegroup.comName servers for triphasegroup.com
0
Ugo MenaCommented:
OK. After checking deeper into how your DNS is setup. You should ask rebelnetworks to add the following Address record to their DNS

209.151.130.209   smtp.triphasegroup.com

That's an A record. For address.

That should fix this issue. :)
0
NinousAuthor Commented:
Rebelnetworks already have the A record for smtp.triphasegroup.com 209.151.130.209. do I should inform my ISP ICA Wireless Network to update below entries?

 Forward: 209.151.130.209   smtp.triphasegroup.com
 Reverse: 209.130.151.209.in-addr.arpa   name = smtp.triphasegroup.com  (this one is currently missing)

Because when ever I send email from my exchange to outside, it is using this: [broadband-net130-ip209.ica.net]

secure.bcwan.com gave this error:
Your server IP address [209.151.130.209] does not have a valid reverse DNS entry [broadband-net130-ip209.ica.net]. See http://www.linuxmagic.com/best_practices/check_dynamic_reverse_dns.html for more information. Protection provided by MagicSpam 2.1-1 http://www.magicspam.com
0
Ugo MenaCommented:
Is it correct to assume that you are not receiving mail directly to your Exchange server?

Is it just picking up email through the POP connector to rebelnetworks which handles ALL mail delivery to you?
0
Wayne88Commented:
If I understand correctly you are currently sending email out from 209.151.130.209 and that's why you're getting the "Your server IP address [209.151.130.209] does not have a valid reverse DNS entry" message.

With the new configuration, you want to relay your emails to the SMTP server at triphasegroup.com.  Is this corrrect?  If that's the case then your PTR should be pointed to triphasegroup's SMTP server because they will be the actual SMTP server communicating with other email servers.
0
NinousAuthor Commented:
Yes, I am using my incoming email through pop connector, which pop server is RebelNetworks mail hosting. I already using my exchange 2010 in house to send my email out, which is my only ip 209.151.130.209. my email are going out, but sometimes have delivery failed, because of PRT record.
I do have the entry for SMTP.triphasegroup.com at the RebelNetwork DNS, but my ISP 209.151.130.209 doesn't know my mail server name.
Please advise what is the beast way to fix this issue, without interrupting my outgoing emails. thanks...
0
Wayne88Commented:
Ok thanks, I understand.  I provided two possible solutions above and depending on which one you want to implement then the setup will be different.

It also seems that you're set in using your mail hosting server as your SMTP server.  Is this still the case?  Or do you still want to use your current email server as your mail server that "talk" to the "outside world"?

The difference between the two above is that one option is keeping everything the same and leaving your current email server as the one that communicate to the "outside world".  The other option have your email server relay the email to your mail hosting email server which in turn will communicate with the "outside world".
0
Ugo MenaCommented:
It will be up to you Ninous as to how you fix this issue. There are two ways as Wayne88 has said above.

1. Continue using the current setup as is and address the DNS issues. Specifically, you need to update the A record for 209.151.130.209 with your ISP.  Or if they are unable to change it, have them add an ALIAS record for you.

This will fix your reverse DNS error on Exchange.

2. As Wayne88 has indicated, you can also change how your server sends email by setting up a relay with Rebelnetworks email server. This removes your server from sending email out on its own behalf and sends it through Rebelnetworks servers.

You will need to check with Rebelnetworks to see if they allow this configuration.
0
NinousAuthor Commented:
I'd like to keep my exchange server to talk to out side, but my incoming use pop connector to download incoming email from mail hosting. what are the steps I should take to fix this issue? Please provide step by step instruction. thanks..
0
Wayne88Commented:
In this case, then simply:

1. Go to your DNS hosting company, add an additional MX record using 209.151.130.209

2. Call your ISP and tell them to point the PTR record to 209.151.130.209

Then wait a couple of hours for the change to start propagating throughout the internet then test again using http://mxtoolbox.com

That's all you need to do.

Wayne
0
NinousAuthor Commented:
How to update the A record for 209.151.130.209 with my ISP. what information I should provide to my ISP?
0
Wayne88Commented:
ultralites, what do you think of just adding a 2nd MX record?  I think that's the easiest way without Ninous needing to change anything at this end.

Ninous, it's not from your ISP.  This addition of a second MX record must be done at where your domain name is hosted.  If it's with GoDaddy for example then you can simply login to GoDaddy's website and do this.http://www.experts-exchange.com/questions/28703239/PTR-Record-for-mail-server.html#
0
NinousAuthor Commented:
Can I use A record smtp.triphasegroup.com 209.151.130.209, that is in my Rebelnetwork DNS entries and give it to my ISP (ICA Wireless)? Thanks...
0
Wayne88Commented:
If you already have an A record for it then it is perfect!  Then all you need to do is to call your ISP and tell them to point the PTR record to 209.151.130.209
0
Ugo MenaCommented:
Agreed. That is what will fix your reverse DNS issue.


Wayne88, I dont think that adding a second MX record is going to fix this issue. Here is my reasoning, Rebelnetworks is already getting email for triphasegroup.com domain and the local exchange is just picking up via POP connector.
Email is going out from the local ok, it is just the rDNS check issue that is making it look like a SPAM server to other SMTP servers. Once the RDNS check passes, the error will go away. Best practice would be to also setup an SPF record to keep other servers from being able to send as that domain...

In any case, I dont think they want email being delivered directly to the local exchange server.
0
Wayne88Commented:
Sorry, it's my mistake to mix A record with MX.  My thought was that adding a second MX record was for the purpose so that the PTR can point to it.  However, you're correct that it's supposed to be for the A record which Ninous already got.

I have done a similar setup for a site before this way and it worked without much problem once properly setup.
0
NinousAuthor Commented:
Thanks guys, I request the change from my ISP. Now RPT shows smtp.triphasegroup.com instate of default one.
But I just received this error today before change:

[216.8.159.220] rejected your message to the following e-mail addresses:
oscarcst@mnsi.net (oscarcst@mnsi.net)
[216.8.159.220] gave this error:
g_spam_allow_disable SPF or RBL failure - see http://netwinsite.com/spf.htm 209.151.130.209
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.
0
Wayne88Commented:
Hi Ninous,

As ultralites mentioned that you should also set up an SPF record.

You will need to contact your DNS hosting company and ask them to add an SPF information to your DNS records. Or, if you can log into the control panel for your DNS, you can make this change yourself.

Wayne
0
NinousAuthor Commented:
I do have access to DNS. what are the step that I should take? thanks...
0
Wayne88Commented:
It's easy, here is an example:

How do I add SPF or TXT records for my domain?
0
Ugo MenaCommented:
add this to your DNS records. It should be a TEXT record.

v=spf1 a mx ptr mx:smtp.triphasegroup.com ~all

Once it is setup, you can test it using this tool. http://www.kitterman.com/spf/validate.html
0
Ugo MenaCommented:
This link provides helpful info on SPF and will show you where/how this information is determined:  
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
0
NinousAuthor Commented:
I went to A record for smtp.triphasegroup.com on Rebelnetworks, but I cannot find a field to entre the script.
0
Ugo MenaCommented:
The SPF record will be a new DNS TXT record.

Do not change the A record you already have setup.

Here is the link for Rebelnetworks DNS support:

http://my.rebelnetworks.com/knowledgebase/227/DNS-Records-Explained.html

you can probably start a chat session and have them set up the SPF record for you.
0
NinousAuthor Commented:
what I should call the Name and TTL? is this the way should be?
Name:
TTL:
Type:  TXT
TXT Data: v=spf1 a mx ptr mx:smtp.triphasegroup.com ~all

in the DNS entry.
0
Ugo MenaCommented:
I think you can leave the name and ttl blank
0
NinousAuthor Commented:
I asked the Rebelnetwork to add it. but I know, will take sometime for them.
0
NinousAuthor Commented:
Rebelnetworks telling me:
This triphasegroup.com doesn’t seems using our servers to send emails out. So SPF need to create for the server it sending mails out.
is this the way should be done?
0
Ugo MenaCommented:
The spf record above allows for both your local exchange and the MX server on record (in DNS) to send email for triphasegroup.com

The SPF record needs to be on rebelnetworks DNS servers.
0
Ugo MenaCommented:
I just tested the above SPF using both your local server IP and rebelnetworks' MX server IP and it works as expected.
Screenshot-2015-08-06-19-07-00.png
Screenshot-2015-08-06-19-07-55.png
0
NinousAuthor Commented:
I just add the SPF at Rebelnetwors my self and works great. Also adding smtp.triphasegroup.com at Rebelnetworks and adding the entry to my ISP, fix the issue of rDNS. It was great solution from both of you and I really appreciate your expertise to solve my exchange problem. Thanks you a lot guys...
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Wayne88Commented:
Glad we were able to help Ninous. Cheers!
0
Ugo MenaCommented:
Your welcome! :)
0
NinousAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for Ninous's comment #a40919438
Assisted answer: 167 points for Wayne88's comment #a40916292
Assisted answer: 167 points for ultralites's comment #a40916446
Assisted answer: 166 points for ultralites's comment #a40916469

for the following reason:

I just add the SPF at Rebelnetwors my self and works great. Also adding smtp.triphasegroup.com at Rebelnetworks and adding the entry to my ISP, fix the issue of rDNS. It was great solution from both of you and I really appreciate your expertise to solve my exchange problem. Thanks you a lot guys...
0
Wayne88Commented:
Glad you got it solved!  Cheers!
0
Ugo MenaCommented:
I don't agree with how the points are being distributed for this solution. The author is pointing to their own comment as the solution when in fact their comment is just reiterating the information provided to them.

That is not how this is supposed to work, is it?
0
Wayne88Commented:
No, he didn't. He didn't give himself any point.  He gave you 2/3 and 1/3 for me.
0
Ugo MenaCommented:
Ok. I get it. Just never seen someone assign their own comment as the accepted solution and then assign expert comments as assists.
0
Wayne88Commented:
That I agree.  I think it's just a small mistake.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Servers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.