[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Is it OK to have 2 Reverse DNS records each at separate ISPs?

Posted on 2016-10-26
5
Medium Priority
?
109 Views
Last Modified: 2016-11-18
I have an exchange server behind a Sonicwall and just added a second ISP with static IP for failover. In terms of outgoing email, I currently have a reverse dns entry for our domain at ISP 1. Can I add a second reverse DNS entry at ISP 2, in the event ISP1 is down and mail goes out ISP 2? (The thought being that the email will originate from the second ISP static IP, and a reverse look up will point to the same domain.
0
Comment
Question by:dseli
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 17

Assisted Solution

by:Ivan
Ivan earned 1000 total points
ID: 41861249
Hi,

yes, you can and should add PTR record for secondary ISP link. If you don't have PTR and fallback to secondary link, some mail servers will reject/ spam your email. Also, configure new public DNS name for that public ip address, and configure additional MX record, with higher value then MX on ISP 1 link.

If you have configured SPF record, then modify it, and add value for secondary link.

Regards,
Ivan.
0
 
LVL 41

Accepted Solution

by:
footech earned 1000 total points
ID: 41861444
Yes you should have a PTR record for the second ISP static IP.  Don't point it at the same name as you use for the IP from ISP 1, use a different one.  Create an A record with the new name to point at the IP from ISP 2.

Configuring another MX record for the secondary connection - even if you configure the MX record with lower priority (higher number) then your other, it's still possible that some mail could get sent to the lower priority MX.  You would have to determine if you want to allow incoming email on the secondary connection.
0
 

Author Comment

by:dseli
ID: 41892121
Thank You for your response. So to clarify, MX points to an external filter, so that would not need to change except the "forward to" if it has to forward to the mail server behind ISP2.  As far as the second PTR,  so if I had a PTR record at ISP 1, for example, ISP1 PTR----> 1.1.1.1 resolves to mail.domain.com, I can set up at ISP2 PTR ----> 2.2.2.2 resolves to mail2.domain.com with out any confusion on lookups?
0
 
LVL 41

Assisted Solution

by:footech
footech earned 1000 total points
ID: 41892348
Yes, that's correct.
Recipients can be different in what they check.  Some don't check anything.  Some check that you have a PTR record, but don't care what it is.  Some check for forward confirmed reverse DNS (which is what I described above).  Other checks can be performed for SPF records, and whether your SMTP banner matches the name in your PTR record (this last one's pretty rare).
0
 

Author Closing Comment

by:dseli
ID: 41892859
Thank you for your reply!
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question