PTR Record for mail server

What is the domain name?
Do you know what your MX record is?

triphasegroup.com   38.117.80.2   which is the IP of my incoming mail hosting. I use pop connector to download email to my exchange in house 209.151.130.209.

Ok, then can you add a second MX record with your SMTP IP address then point the PTR to the second one?  You can do this at the domain hosting company (e.g. Go Daddy allow you to do so via their web interface).

is it the public IP or private IP of the smtp server?

You want the public IP of the SMTP server because outsiders can't check private IP.

what I should do, If I want to use the same mail hosting to route my outgoing mail as well as incoming mail. do I need to configure anything on my end?

No, just leave everything the way it is.  All PTR does is check to make sure that the PTR/rDNS can be matched with an MX record related to your domain name.

Companies like IBM and MS, etc. will have multiple MX records because they have mail server farms.  But your MX record only returned one.  Just add a second MX with your SMTP IP address then tell your ISP to point the PTR to that second MX record.

is there anything I should configure on my exchange server or network, if I want to go with the 2nd option that you gave, going outbound also with mail hosting company?

With the second option you will first check with your mail hosting company that they will allow you to relay (it may cost extra) then you will need to configure your Exchange server to relay the sent emails to the mail host SMTP server.

IMHO, this is a step more complex and it can be a pain when you're trying to troubleshoot email sending issues.  I will keep it simple and go with:

Just leave everything the way it is.   Just add a second MX with your SMTP IP address then tell your ISP to point the PTR to that second MX record.

This is the easiest and it doesn't require you to change anything on the Exchange server.

could you give me the step by step, how to add the second MX for smtp?
My mail.triphasegroup.com 38.117.80.2 is my incoming mail from mail hosting. my public IP for my firewall is 209.151.130.209 which my email server and everything else using on my network.

There are a number of issues that come up with your specific domain configuration. You can use an online tool like MXToolbox or similar to find these issues:

http://mxtoolbox.com/domain/triphasegroup.com/

Screen-Shot-2015-08-05-at-4.10.04-PM.pdf

do I need to configure anything on my end about smtp.triphasegroup.com on my network. is smtp.triphasegroup.com entry should be in my DNS server also?

I  called our ISP to fix the rDNS, but he asking me to provide rDNS record for the IP which your mail server is using.

Give him this info:
Forward: 209.151.130.209   smtp.triphasegroup.com
Reverse: 209.130.151.209.in-addr.arpa   name = smtp.triphasegroup.com  (this one is currently missing)

It's easier to just create a second MX record but I will leave this to Ninous to decide.  If he is going to relay the emails then he will also have to configure the Exchange server.

My ISP for 209.151.130.209 is ICA Wireless network. my (rebelnetwork) is my incoming mail hosting. Do I should inform my public 209.151.130.209 is ICA Wireless network about the SMTP.Triphasegroup.com?

It seems like you have multiple hosts configured to use the same public IP address. So your firewall is handling multiple host services using some type of NAT.

SMTP.triphasegroup.com is already listed as 209.151.130.209

You need the reverse DNS record to reflect that same thing. Right now it shows up as the default ISP entry

That is what email servers are complaining about when your server attempts to deliver mail for your domain.

The records that need to be updated are with rebelnetworks. These are the DNS servers that are answering for triphasegroup.com

OK. After checking deeper into how your DNS is setup. You should ask rebelnetworks to add the following Address record to their DNS

209.151.130.209   smtp.triphasegroup.com

That's an A record. For address.

That should fix this issue. :)

Rebelnetworks already have the A record for smtp.triphasegroup.com 209.151.130.209. do I should inform my ISP ICA Wireless Network to update below entries?

 Forward: 209.151.130.209   smtp.triphasegroup.com
 Reverse: 209.130.151.209.in-addr.arpa   name = smtp.triphasegroup.com  (this one is currently missing)

Because when ever I send email from my exchange to outside, it is using this: [broadband-net130-ip209.ica.net]

secure.bcwan.com gave this error:
Your server IP address [209.151.130.209] does not have a valid reverse DNS entry [broadband-net130-ip209.ica.net]. See http://www.linuxmagic.com/best_practices/check_dynamic_reverse_dns.html for more information. Protection provided by MagicSpam 2.1-1 http://www.magicspam.com

Is it correct to assume that you are not receiving mail directly to your Exchange server?

Is it just picking up email through the POP connector to rebelnetworks which handles ALL mail delivery to you?

If I understand correctly you are currently sending email out from 209.151.130.209 and that's why you're getting the "Your server IP address [209.151.130.209] does not have a valid reverse DNS entry" message.

With the new configuration, you want to relay your emails to the SMTP server at triphasegroup.com.  Is this corrrect?  If that's the case then your PTR should be pointed to triphasegroup's SMTP server because they will be the actual SMTP server communicating with other email servers.

Yes, I am using my incoming email through pop connector, which pop server is RebelNetworks mail hosting. I already using my exchange 2010 in house to send my email out, which is my only ip 209.151.130.209. my email are going out, but sometimes have delivery failed, because of PRT record.
I do have the entry for SMTP.triphasegroup.com at the RebelNetwork DNS, but my ISP 209.151.130.209 doesn't know my mail server name.
Please advise what is the beast way to fix this issue, without interrupting my outgoing emails. thanks...

Ok thanks, I understand.  I provided two possible solutions above and depending on which one you want to implement then the setup will be different.

It also seems that you're set in using your mail hosting server as your SMTP server.  Is this still the case?  Or do you still want to use your current email server as your mail server that "talk" to the "outside world"?

The difference between the two above is that one option is keeping everything the same and leaving your current email server as the one that communicate to the "outside world".  The other option have your email server relay the email to your mail hosting email server which in turn will communicate with the "outside world".

It will be up to you Ninous as to how you fix this issue. There are two ways as Wayne88 has said above.

1. Continue using the current setup as is and address the DNS issues. Specifically, you need to update the A record for 209.151.130.209 with your ISP.  Or if they are unable to change it, have them add an ALIAS record for you.

This will fix your reverse DNS error on Exchange.

2. As Wayne88 has indicated, you can also change how your server sends email by setting up a relay with Rebelnetworks email server. This removes your server from sending email out on its own behalf and sends it through Rebelnetworks servers.

You will need to check with Rebelnetworks to see if they allow this configuration.

I'd like to keep my exchange server to talk to out side, but my incoming use pop connector to download incoming email from mail hosting. what are the steps I should take to fix this issue? Please provide step by step instruction. thanks..

In this case, then simply:

1. Go to your DNS hosting company, add an additional MX record using 209.151.130.209

2. Call your ISP and tell them to point the PTR record to 209.151.130.209

Then wait a couple of hours for the change to start propagating throughout the internet then test again using http://mxtoolbox.com

That's all you need to do.

Wayne

How to update the A record for 209.151.130.209 with my ISP. what information I should provide to my ISP?

ultralites, what do you think of just adding a 2nd MX record?  I think that's the easiest way without Ninous needing to change anything at this end.

Ninous, it's not from your ISP.  This addition of a second MX record must be done at where your domain name is hosted.  If it's with GoDaddy for example then you can simply login to GoDaddy's website and do this.https://www.experts-exchange.com/questions/28703239/PTR-Record-for-mail-server.html#

Can I use A record smtp.triphasegroup.com 209.151.130.209, that is in my Rebelnetwork DNS entries and give it to my ISP (ICA Wireless)? Thanks...

If you already have an A record for it then it is perfect!  Then all you need to do is to call your ISP and tell them to point the PTR record to 209.151.130.209

Agreed. That is what will fix your reverse DNS issue.


Wayne88, I dont think that adding a second MX record is going to fix this issue. Here is my reasoning, Rebelnetworks is already getting email for triphasegroup.com domain and the local exchange is just picking up via POP connector.
Email is going out from the local ok, it is just the rDNS check issue that is making it look like a SPAM server to other SMTP servers. Once the RDNS check passes, the error will go away. Best practice would be to also setup an SPF record to keep other servers from being able to send as that domain...

In any case, I dont think they want email being delivered directly to the local exchange server.

Sorry, it's my mistake to mix A record with MX.  My thought was that adding a second MX record was for the purpose so that the PTR can point to it.  However, you're correct that it's supposed to be for the A record which Ninous already got.

I have done a similar setup for a site before this way and it worked without much problem once properly setup.

Thanks guys, I request the change from my ISP. Now RPT shows smtp.triphasegroup.com instate of default one.
But I just received this error today before change:

[216.8.159.220] rejected your message to the following e-mail addresses:
oscarcst@mnsi.net (oscarcst@mnsi.net)
[216.8.159.220] gave this error:
g_spam_allow_disable SPF or RBL failure - see http://netwinsite.com/spf.htm 209.151.130.209
A problem occurred during the delivery of this message to this e-mail address. Try sending this message again. If the problem continues, please contact your helpdesk.

Hi Ninous,

As ultralites mentioned that you should also set up an SPF record.

You will need to contact your DNS hosting company and ask them to add an SPF information to your DNS records. Or, if you can log into the control panel for your DNS, you can make this change yourself.

Wayne

I do have access to DNS. what are the step that I should take? thanks...

It's easy, here is an example:

How do I add SPF or TXT records for my domain?

add this to your DNS records. It should be a TEXT record.

v=spf1 a mx ptr mx:smtp.triphasegroup.com ~all

Once it is setup, you can test it using this tool. http://www.kitterman.com/spf/validate.html

This link provides helpful info on SPF and will show you where/how this information is determined:  
http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

I went to A record for smtp.triphasegroup.com on Rebelnetworks, but I cannot find a field to entre the script.

The SPF record will be a new DNS TXT record.

Do not change the A record you already have setup.

Here is the link for Rebelnetworks DNS support:

http://my.rebelnetworks.com/knowledgebase/227/DNS-Records-Explained.html

you can probably start a chat session and have them set up the SPF record for you.

what I should call the Name and TTL? is this the way should be?
Name:
TTL:
Type:  TXT
TXT Data: v=spf1 a mx ptr mx:smtp.triphasegroup.com ~all

in the DNS entry.

I think you can leave the name and ttl blank

I asked the Rebelnetwork to add it. but I know, will take sometime for them.

Rebelnetworks telling me:
This triphasegroup.com doesn’t seems using our servers to send emails out. So SPF need to create for the server it sending mails out.
is this the way should be done?

The spf record above allows for both your local exchange and the MX server on record (in DNS) to send email for triphasegroup.com

The SPF record needs to be on rebelnetworks DNS servers.

I just tested the above SPF using both your local server IP and rebelnetworks' MX server IP and it works as expected.
Screenshot-2015-08-06-19-07-00.png
Screenshot-2015-08-06-19-07-55.png

Glad we were able to help Ninous. Cheers!

Your welcome! :)

I've requested that this question be closed as follows:

Accepted answer: 0 points for Ninous's comment #a40919438
Assisted answer: 167 points for Wayne88's comment #a40916292
Assisted answer: 167 points for ultralites's comment #a40916446
Assisted answer: 166 points for ultralites's comment #a40916469

for the following reason:

I just add the SPF at Rebelnetwors my self and works great. Also adding smtp.triphasegroup.com at Rebelnetworks and adding the entry to my ISP, fix the issue of rDNS. It was great solution from both of you and I really appreciate your expertise to solve my exchange problem. Thanks you a lot guys...

Glad you got it solved!  Cheers!

I don't agree with how the points are being distributed for this solution. The author is pointing to their own comment as the solution when in fact their comment is just reiterating the information provided to them.

That is not how this is supposed to work, is it?

No, he didn't. He didn't give himself any point.  He gave you 2/3 and 1/3 for me.

Ok. I get it. Just never seen someone assign their own comment as the accepted solution and then assign expert comments as assists.

That I agree.  I think it's just a small mistake.