locked
Reverse DNS lookup RRS feed

  • Question

  • Hi

    There are two Exchange organizations sharing the smtp name space @domain.com.
    The MX record ist set to mail.domain.com, which is lets say domain A.

    In domain A there is a forwarding for users in domain B, using smtp namespace @domain-temp.com.

    Both exchange organizations are sending emails directly to the internet. So domain A does no relaying for domain B, but both organization are sending emails using replay address @domain.com.

    My question:

    Am I running into a spam related problem with this configuration?
    What if a recipient organization does a reverse dns lookup?
    My understanding is, if users from domain B are sending with replay address @domain.com, but the MX record for @domain.com points to another ip as the sending host has, the emails could be rejected.


    Regards
    Peter

    Tuesday, September 25, 2012 2:00 PM

Answers

  • On Tue, 25 Sep 2012 14:00:33 +0000, PeterN22 wrote:
     
    >There are two Exchange organizations sharing the smtp name space @domain.com. The MX record ist set to mail.domain.com, which is lets say domain A.
    >
    >In domain A there is a forwarding for users in domain B, using smtp namespace @domain-temp.com.
    >
    >Both exchange organizations are sending emails directly to the internet. So domain A does no relaying for domain B, but both organization are sending emails using replay address @domain.com.
    >
    >My question:
    >
    >Am I running into a spam related problem with this configuration? What if a recipient organization does a reverse dns lookup? My understanding is, if users from domain B are sending with replay address @domain.com, but the MX record for @domain.com points to another ip as the sending host has, the emails could be rejected.
     
    The only "requirement" (and it's a lose one) is that there is a PTR
    record for the IP address. It's a "good thing" if the name on the PTR
    record matches the name in the HELO\EHLO command. There are some
    admins that will refuse to accept mail if there's a mismatch, but
    that's not widespread.
     
    Reverse lookups are highly overrated. It's much more accurate to do a
    forward lookup of the "A" record using the name in the HELO\EHLO
    command and matching the IP Address(es) returned against the IP
    address of the inbound connection.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by cara chen Wednesday, September 26, 2012 3:20 AM
    • Marked as answer by cara chen Thursday, September 27, 2012 2:52 AM
    Tuesday, September 25, 2012 8:51 PM

All replies

  • On Tue, 25 Sep 2012 14:00:33 +0000, PeterN22 wrote:
     
    >There are two Exchange organizations sharing the smtp name space @domain.com. The MX record ist set to mail.domain.com, which is lets say domain A.
    >
    >In domain A there is a forwarding for users in domain B, using smtp namespace @domain-temp.com.
    >
    >Both exchange organizations are sending emails directly to the internet. So domain A does no relaying for domain B, but both organization are sending emails using replay address @domain.com.
    >
    >My question:
    >
    >Am I running into a spam related problem with this configuration? What if a recipient organization does a reverse dns lookup? My understanding is, if users from domain B are sending with replay address @domain.com, but the MX record for @domain.com points to another ip as the sending host has, the emails could be rejected.
     
    The only "requirement" (and it's a lose one) is that there is a PTR
    record for the IP address. It's a "good thing" if the name on the PTR
    record matches the name in the HELO\EHLO command. There are some
    admins that will refuse to accept mail if there's a mismatch, but
    that's not widespread.
     
    Reverse lookups are highly overrated. It's much more accurate to do a
    forward lookup of the "A" record using the name in the HELO\EHLO
    command and matching the IP Address(es) returned against the IP
    address of the inbound connection.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    • Proposed as answer by cara chen Wednesday, September 26, 2012 3:20 AM
    • Marked as answer by cara chen Thursday, September 27, 2012 2:52 AM
    Tuesday, September 25, 2012 8:51 PM
  • Hi Rich

    Thanks for your answer.

    But depending on the anti spam settings a recipient site has configured, it may be possible that emails are rejected?

    Regards
    Peter

    Monday, October 1, 2012 6:53 AM
  • On Mon, 1 Oct 2012 06:53:34 +0000, PeterN22 wrote:
     
    >Thanks for your answer.
    >
    >But depending on the anti spam settings a recipient site has configured, it may be possible that emails are rejected?
     
    Of course. But that's true of many other aspects of any e-mail you
    send, too. Once the message leaves your server you no longer control
    it.
     
    ---
    Rich Matheisen
    MCSE+I, Exchange MVP
     

    --- Rich Matheisen MCSE+I, Exchange MVP
    Monday, October 1, 2012 6:37 PM