Appropriate Relaying and DNS MX records


  • I'm transitioning to Exchange 2007 and want to clean up some bad DNS records that we've been required to have to avoid being placed on spam lists.  We have a couple application servers that relay email to the Internet through our Exchange server (one anonymously, one with authentication). 

    To allow the anonymous relaying, we have to have a second receive connector configured (with a separate IP address) on our Exchange server that only allows connections from our application servers.  Because we're not using an Edge Transport Server, we can't bind our Send Connector to a specific IP address.  Therefore, we have to allow both IP addresses to send email to the Internet, and configure them both in DNS with MX records, otherwise, servers that do reverse MX lookups would mark email coming from the relaying IP address as spam and put us on a black hole list (this has happened previously).

    Now, MX records are for servers that can RECEIVE email, and obviously, our relaying connector will deny any connections attempted from the Internet.  The same goes for our Application server that has to be listed as an MX as well, because the message headers contain that server name and will fail the same reverse MX lookup otherwise.  So, everything works properly when configured this way, but 2 of our MX records are actually invalid and will fail any DNS tests done on them.

    Any advice that could be offered to help clean this up would be very much appreciated.

    Thank you.
    Tuesday, March 25, 2008 3:13 PM