Reverse DNS and mail server
- From: "Rafal W." <RafalW@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 24 May 2005 17:43:22 -0700
I guess I need some clarification here; my understanding was that properly
configured mail server should have as follow:
1. Static public IP address
2. MX record for it and
3. PTR added by ISP so IP address of mx record can be resolved to FQDN
A reverse DNS lookup takes the IP address that’s trying to make the
connection, and checks to see if there is a registered domain associated with
it.
For example, if an incoming message claims to be coming from the
66.160.177.11 IP address, an ISP would look up the domain to see if it
resolves to lyris.com. If it doesn’t, the message may be a forgery—or, the
hapless sender may not have a correct DNS entry. In either case, the message
will most likely be identified as spam.
And all it cares is domain name in this example lyris.com, even though PTR
returns mx1.lyris.com what counts is lyris.com. Yes? No?
Here is the reason why I’m asking for:
1. sender email us at joe.user@xxxxxxxxxxxxxxxx
2. email goes out and looking in external DNS for MX record for
mycorpdomain.com which is resolved to public IP x.x.x.x
3. email is delivered to our domain
4. Joe User respond to sender – email goes out and is reaching mail server
which does reverse lookup, so
5. recipient mail server knows what IP address is trying to make connection
(in this example x.x.x.x ) and knows that sender claims to be from (in this
example) mycorpdomain.com
6. so recipient mail server takes connecting IP address and does reverse
lookup, as a result it gets mail1.mycorpdomain.com
Message is bounced back with following reason:
550 Requested actions not taken - SMTP sender domain
(exsvr1.mycorpdomain.com) not found in the DNS
Where exsvr1.mycorpdomain.com is our third party anti-virus/mail filtering
software between firewall and mail server, and the way is setup is that mx
record of mail1.mycorpdomain.com has public IP of x.x.x.x pointing to
external interface of the firewall which then is NATed and redirected to
internal exsvr1.mycordomian.com.
I kind of can see how do they get this name (exsvr1.mycorpdomain.com) in
returned NDR because if you lookup header of incoming messages you see
something similar to:
Received: from exsvr1.mycorpdomain.com ([x.x.x.x])
by their.mail.server.receipient_domain.com (SMSSMTP 4.1.4.30) with SMTP id
M2005052413322418434
for <user@xxxxxxxxxxxxxxxxxxxxx>; Tue, 24 May 2005 13:32:24 -0500
x.x.x.x is my public IP which (as described above) can be resolved to
mail1.mycorpdomian.com but not exsvr1……
does this mean you need to have physical smtp/mail box named same as mx
record ?in my case I would either rename box or call ISP and change so
x.x.x.x has PTR resolved to exsvr1.mycorpdomain.com instead
mail1.mycorpdomain.com ???
was I all this time wrong about how it works? I always though DNS reverse
lookup takes IP and check registered domain in this case mycorpdomain.com
Can someone verify that?
.
- Follow-Ups:
- Re: Reverse DNS and mail server
- From: Herb Martin
- Re: Reverse DNS and mail server
- Prev by Date: Re: Can't Log on!
- Next by Date: Re: DNS allowing same ip for multiple clients
- Previous by thread: Secondary DNS: Depends on Primary?
- Next by thread: Re: Reverse DNS and mail server
- Index(es):
Relevant Pages
|
Loading
