DNS MX Question - microsoft.public.windows.server.sbs

Hello, I am trying to get some clarification that my mx settings are OK. Mail is sending and receiving OK but I don't think its "by-the-book" I am running a SBS 2008 domain (lets call it mydomain.local) and I am hosting my own email server. I registered my domain name with fasthosts.co.uk (lets call it mydomain.co.uk). I have a static IP address assigned by my ISP (BT - British Telecom) I have forwarded port 25 on my router to go to the internal IP address of my SBS. server On Fasthosts control panel I can set various DNS setting (A, mx, PTR etc). I originally created an MX record to be the Static IP address of my router. I also created an A record to point remote.mydomain.co.uk to the same static IP address for OWA. Having done some more research into DNS / MX records I'm beginning to think that what i SHOULD have done is create an A record such as mail.mydomain.co.uk and point it to my static IP, then create an MX record pointing to mail.mydomain.co.uk. Is this correct? As my mail is flowing I'm reluctant to make any changes. If I do need to change it to what I mentioned above, can I do this without any emails getting bounced / lost? Final question, I've read a lot of PTR records being needed more and more. On my control panel with Fasthosts all I can create are, A, Cname, MX, AAAA and TXT records. Will I need to contact Fasthosts and ask them to create a PTR record for me? What do I need to have in this PTR? Sorry if that is a dumb question but I'm just starting to learn this stuff. Kind regards, Chris

Inline: -Cliff "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com... > Hello, > > I am trying to get some clarification that my mx settings are OK. Mail is > sending and receiving OK but I don't think its "by-the-book" > > I am running a SBS 2008 domain (lets call it mydomain.local) and I am > hosting my own email server. > > I registered my domain name with fasthosts.co.uk (lets call it > mydomain.co.uk). By not posting your real domain, you make it difficult for *us* to look and verify. And since it is a public domain, hackers are still going to find and scan it. Obfuscating public domains in newsgroups provides *no* added security. Just for future reference. > I have a static IP address assigned by my ISP (BT - British Telecom) > I have forwarded port 25 on my router to go to the internal IP address of > my > SBS. server > On Fasthosts control panel I can set various DNS setting (A, mx, PTR etc). > I > originally created an MX record to be the Static IP address of my router. > I > also created an A record to point remote.mydomain.co.uk to the same static > IP > address for OWA. > > Having done some more research into DNS / MX records I'm beginning to > think > that what i SHOULD have done is create an A record such as > mail.mydomain.co.uk and point it to my static IP, then create an MX record > pointing to mail.mydomain.co.uk. Either/or. I prefer domain names in MX records...one less thing to change and get cached if things have to get shuffled. I wouldn't call your setup *wrong* though, just not optimal. > As my mail is flowing I'm reluctant to make any changes. If I do need to > change it to what I mentioned above, can I do this without any emails > getting > bounced / lost? If you don't make any *wrong* changes then mail will flow just fine. Some DNS servers will have the old data cached, but since your IP isn't changing, it'll still get delivered. And new DNS queries will get the name and since that also appears to work, you'll continue to be fine. Should be transparent. > Final question, I've read a lot of PTR records being needed more and more. > On my control panel with Fasthosts all I can create are, A, Cname, MX, > AAAA > and TXT records. Will I need to contact Fasthosts and ask them to create a > PTR record for me? What do I need to have in this PTR? Sorry if that is a > dumb question but I'm just starting to learn this stuff. Not Fasthosts. Reverse lookups work backwards, so the PTR record would actually be owned/controlled by the owner of the IP address. In this case BT. Again, had you posted your public IP, we could have checked for you; it may already exist. It doesn't need to match your company, it need only exist. > > Kind regards, > > Chris

This is a multi-part message in MIME format. ------=_NextPart_000_001A_01CA943F.D7035210 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable You're correct in regards to the A and MX records--see this reference: http://msmvps.com/blogs/bradley/archive/2008/10/18/dynamic-dns-service-on= -sbs-2008-under-the-hood.aspx More information about MX and A records here: http://en.wikipedia.org/wiki/MX_record The A record should point to the address, and the MX record should point = to the name defined in the A record. So - you should make that change, and it shouldn't impact mail delivery. Now--about that PTR record: The PTR record I believe you are interested = in needs to be created by your ISP--BT - British Telecom--and it needs = to point to the host named in your MX record. This should be a normal part of their service to customers with fixed IP = addresses--in my case, my ISP is Verizon, which is one of the larger = telephone providers in the U.S., and they were able to do this for me = without any problems. Here's a reference showing the purpose of this record: http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message = news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com... > Hello, >=20 > I am trying to get some clarification that my mx settings are OK. Mail = is=20 > sending and receiving OK but I don't think its "by-the-book" >=20 > I am running a SBS 2008 domain (lets call it mydomain.local) and I am=20 > hosting my own email server. >=20 > I registered my domain name with fasthosts.co.uk (lets call it=20 > mydomain.co.uk). > I have a static IP address assigned by my ISP (BT - British Telecom) > I have forwarded port 25 on my router to go to the internal IP address = of my=20 > SBS. server > On Fasthosts control panel I can set various DNS setting (A, mx, PTR = etc). I=20 > originally created an MX record to be the Static IP address of my = router. I=20 > also created an A record to point remote.mydomain.co.uk to the same = static IP=20 > address for OWA. >=20 > Having done some more research into DNS / MX records I'm beginning to = think=20 > that what i SHOULD have done is create an A record such as=20 > mail.mydomain.co.uk and point it to my static IP, then create an MX = record=20 > pointing to mail.mydomain.co.uk. >=20 > Is this correct? >=20 > As my mail is flowing I'm reluctant to make any changes. If I do need = to=20 > change it to what I mentioned above, can I do this without any emails = getting=20 > bounced / lost? >=20 > Final question, I've read a lot of PTR records being needed more and = more.=20 > On my control panel with Fasthosts all I can create are, A, Cname, MX, = AAAA=20 > and TXT records. Will I need to contact Fasthosts and ask them to = create a=20 > PTR record for me? What do I need to have in this PTR? Sorry if that = is a=20 > dumb question but I'm just starting to learn this stuff. >=20 > Kind regards, >=20 > Chris ------=_NextPart_000_001A_01CA943F.D7035210 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Dunicode" = http-equiv=3DContent-Type> <META name=3DGENERATOR content=3D"MSHTML 8.00.7600.16466"></HEAD> <BODY style=3D"PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: = 15px"=20 id=3DMailContainerBody leftMargin=3D0 topMargin=3D0 = CanvasTabStop=3D"true"=20 name=3D"Compose message area"> <DIV>You're correct in regards to the A and MX records--see this=20 reference:<BR><BR><A=20 title=3D"http://msmvps.com/blogs/bradley/archive/2008/10/18/dynamic-dns-s= ervice-on-sbs-2008-under-the-hood.aspx
CTRL + Click to follow link"=20 href=3D"http://msmvps.com/blogs/bradley/archive/2008/10/18/dynamic-dns-se= rvice-on-sbs-2008-under-the-hood.aspx">http://msmvps.com/blogs/bradley/ar= chive/2008/10/18/dynamic-dns-service-on-sbs-2008-under-the-hood.aspx</A><= /DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri>More information about MX and A records=20 here:</FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri><A=20 href=3D"http://en.wikipedia.org/wiki/MX_record">http://en.wikipedia.org/w= iki/MX_record</A></FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri>The A record should point to the address, and = the MX=20 record should point to the name defined in the A record.</FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri>So - you should make that change, and it = shouldn't=20 impact mail delivery.</FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri>Now--about that PTR record:  The PTR = record I=20 believe you are interested in needs to be created by your ISP--BT - = British=20 Telecom--and it needs to point to the host named in your MX = record.</FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri>This should be a normal part of their service = to=20 customers with fixed IP addresses--in my case, my ISP is Verizon, which = is one=20 of the larger telephone providers in the U.S., and they were able to do = this for=20 me without any problems.</FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri>Here's a reference showing the purpose of this = record:</FONT></DIV> <DIV><FONT face=3DCalibri></FONT> </DIV> <DIV><FONT face=3DCalibri><A=20 title=3D"http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS
C= TRL + Click to follow link"=20 href=3D"http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS">http:= //en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS</A></FONT><BR><BR><= BR>"ChrisUK"=20 <ChrisUK@discussions.microsoft.com> wrote in message=20 news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com...<BR>>=20 Hello,<BR>> <BR>> I am trying to get some clarification that my mx = settings are OK. Mail is <BR>> sending and receiving OK but I don't = think its=20 "by-the-book"<BR>> <BR>> I am running a SBS 2008 domain (lets call = it=20 mydomain.local) and I am <BR>> hosting my own email server.<BR>> = <BR>>=20 I registered my domain name with fasthosts.co.uk (lets call it <BR>>=20 mydomain.co.uk).<BR>> I have a static IP address assigned by my ISP = (BT -=20 British Telecom)<BR>> I have forwarded port 25 on my router to go to = the=20 internal IP address of my <BR>> SBS. server<BR>> On Fasthosts = control=20 panel I can set various DNS setting (A, mx, PTR etc). I <BR>> = originally=20 created an MX record to be the Static IP address of my router. I = <BR>> also=20 created an A record to point remote.mydomain.co.uk to the same static IP = <BR>> address for OWA.<BR>> <BR>> Having done some more = research into=20 DNS / MX records I'm beginning to think <BR>> that what i SHOULD have = done is=20 create an A record such as <BR>> mail.mydomain.co.uk and point it to = my=20 static IP, then create an MX record <BR>> pointing to=20 mail.mydomain.co.uk.<BR>> <BR>> Is this correct?<BR>> <BR>> = As my=20 mail is flowing I'm reluctant to make any changes. If I do need to = <BR>>=20 change it to what I mentioned above, can I do this without any emails = getting=20 <BR>> bounced / lost?<BR>> <BR>> Final question, I've read a = lot of PTR=20 records being needed more and more. <BR>> On my control panel with = Fasthosts=20 all I can create are, A, Cname, MX, AAAA <BR>> and TXT records. Will = I need=20 to contact Fasthosts and ask them to create a <BR>> PTR record for = me? What=20 do I need to have in this PTR? Sorry if that is a <BR>> dumb question = but I'm=20 just starting to learn this stuff.<BR>> <BR>> Kind = regards,<BR>>=20 <BR>> Chris</DIV></BODY></HTML> ------=_NextPart_000_001A_01CA943F.D7035210--

ChrisUK wrote: > > Final question, I've read a lot of PTR records being needed more and more. > On my control panel with Fasthosts all I can create are, A, Cname, MX, AAAA > and TXT records. Will I need to contact Fasthosts and ask them to create a > PTR record for me? What do I need to have in this PTR? Sorry if that is a > dumb question but I'm just starting to learn this stuff. > You already know what to do, I'd add that I've known BT to be quite difficult about PTR records, even on 'business' accounts with static IP addresses. There will already be one of a generic kind, along the lines of 'adsl-12-34-56-67-pool.btconnect.com', but this is not likely to impress other mail servers. I have my own server configured to reject SMTP connections from addresses with PTR records of this kind. The bad news is that many mail servers, particularly those of ISPs, will expect a 'proper' PTR record of 'example.domain.com' form, and many (including mine) will expect there to be a valid A record for example.domain.com which points back to the IP address. I have not found it necessary for the PTR-A pair to match the MX record or HELO string, as mine do not and I have no problem sending mail to AOL, which is notoriously fussy. Certainly two or three years ago, BT wasn't good at organising this kind of thing. If they are still not willing to do it, then the only way you can send mail reliably is through another mail server which is considered 'respectable', such as an ISP's SMTP server. Check if your account with BT includes the use of an SMTP smarthost, as it is a facility you may want to use for other reasons. One of my customers insisted on using BT as ISP, against my recommendations, and took out a 'business' account. This turned out to have no smarthost facility and a fixed IP address that had a 'generic' PTR and was on a number of blacklists, none of which BT was prepared to do anything about. I ended up giving him an authenticated SMTP account on a web hosting package that I rent, to use as a smarthost. BT's recommendation, and I kid you not, was to use Yahoo for email. I think even today, BT subcontracts some parts of its email handling to Yahoo. -- Joe

Actually, the "generic" reverse DNS isn't nearly as much of a problem as having none at all. If the ISP won't update the reverse DNS, then setting up an A record to match it and changing the settings of the SMTP virtual server to use that identity can work. It isn't pretty, but it's legitimate. I don't think too many spam filters care much about what your reverse DNS is as long as it matches what the SMTP server reports as its identity in the HELO command. After all, the identity of a server in the end is purely arbitrary. "Joe" <joe@jretrading.com> wrote in message news:%23LkxhPHlKHA.5128@TK2MSFTNGP05.phx.gbl... > ChrisUK wrote: >> >> Final question, I've read a lot of PTR records being needed more and >> more. On my control panel with Fasthosts all I can create are, A, Cname, >> MX, AAAA and TXT records. Will I need to contact Fasthosts and ask them >> to create a PTR record for me? What do I need to have in this PTR? Sorry >> if that is a dumb question but I'm just starting to learn this stuff. >> > > You already know what to do, I'd add that I've known BT to be quite > difficult about PTR records, even on 'business' accounts with static IP > addresses. There will already be one of a generic kind, along the lines of > 'adsl-12-34-56-67-pool.btconnect.com', but this is not likely to impress > other mail servers. I have my own server configured to reject SMTP > connections from addresses with PTR records of this kind. > > The bad news is that many mail servers, particularly those of ISPs, will > expect a 'proper' PTR record of 'example.domain.com' form, and many > (including mine) will expect there to be a valid A record for > example.domain.com which points back to the IP address. I have not found > it necessary for the PTR-A pair to match the MX record or HELO string, as > mine do not and I have no problem sending mail to AOL, which is > notoriously fussy. > > Certainly two or three years ago, BT wasn't good at organising this kind > of thing. If they are still not willing to do it, then the only way you > can send mail reliably is through another mail server which is considered > 'respectable', such as an ISP's SMTP server. Check if your account with BT > includes the use of an SMTP smarthost, as it is a facility you may want to > use for other reasons. > > One of my customers insisted on using BT as ISP, against my > recommendations, and took out a 'business' account. This turned out to > have no smarthost facility and a fixed IP address that had a 'generic' PTR > and was on a number of blacklists, none of which BT was prepared to do > anything about. I ended up giving him an authenticated SMTP account on a > web hosting package that I rent, to use as a smarthost. BT's > recommendation, and I kid you not, was to use Yahoo for email. I think > even today, BT subcontracts some parts of its email handling to Yahoo. > > -- > Joe

Just as a matter of debate, I've *never* seen a spam filter care if the reverse DNS *or* A record matches the HELO string in a mail server. In fact, more often than not, they don't. Take an example of a company that uses a cloud-based email service, such as an ISP server or hosted-Exchange. If you go the hosted-Exchange route, do you really think MS gives you your own Exchange servers and that the HELO strings match the MX/A record pair you set up? Or do you think that a service provider that offers businesses 10-20 free email accounts as part of their business bundle also gives them a dedicated server? There are so many *legitimate* scenarios where the HELO string will NOT match the MX record that no spam filters would rightfully reject or even negatively score messages that have a return header with such a setup. But what you say is true, a generic rDNS is usually perfectly adequate as long as the ISP also has an A record that matches the PTR record so that it is a matching pair. There isn't usually a cause to get them to create custom/renamed records. -Cliff "Andrew M. Saucci, Jr." <spam-only@2000computer.com> wrote in message news:eyYMOLNlKHA.3476@TK2MSFTNGP06.phx.gbl... > Actually, the "generic" reverse DNS isn't nearly as much of a > problem as having none at all. If the ISP won't update the reverse DNS, > then setting up an A record to match it and changing the settings of the > SMTP virtual server to use that identity can work. It isn't pretty, but > it's legitimate. I don't think too many spam filters care much about what > your reverse DNS is as long as it matches what the SMTP server reports as > its identity in the HELO command. After all, the identity of a server in > the end is purely arbitrary. > > "Joe" <joe@jretrading.com> wrote in message > news:%23LkxhPHlKHA.5128@TK2MSFTNGP05.phx.gbl... >> ChrisUK wrote: >>> >>> Final question, I've read a lot of PTR records being needed more and >>> more. On my control panel with Fasthosts all I can create are, A, Cname, >>> MX, AAAA and TXT records. Will I need to contact Fasthosts and ask them >>> to create a PTR record for me? What do I need to have in this PTR? Sorry >>> if that is a dumb question but I'm just starting to learn this stuff. >>> >> >> You already know what to do, I'd add that I've known BT to be quite >> difficult about PTR records, even on 'business' accounts with static IP >> addresses. There will already be one of a generic kind, along the lines >> of 'adsl-12-34-56-67-pool.btconnect.com', but this is not likely to >> impress other mail servers. I have my own server configured to reject >> SMTP connections from addresses with PTR records of this kind. >> >> The bad news is that many mail servers, particularly those of ISPs, will >> expect a 'proper' PTR record of 'example.domain.com' form, and many >> (including mine) will expect there to be a valid A record for >> example.domain.com which points back to the IP address. I have not found >> it necessary for the PTR-A pair to match the MX record or HELO string, as >> mine do not and I have no problem sending mail to AOL, which is >> notoriously fussy. >> >> Certainly two or three years ago, BT wasn't good at organising this kind >> of thing. If they are still not willing to do it, then the only way you >> can send mail reliably is through another mail server which is considered >> 'respectable', such as an ISP's SMTP server. Check if your account with >> BT includes the use of an SMTP smarthost, as it is a facility you may >> want to use for other reasons. >> >> One of my customers insisted on using BT as ISP, against my >> recommendations, and took out a 'business' account. This turned out to >> have no smarthost facility and a fixed IP address that had a 'generic' >> PTR and was on a number of blacklists, none of which BT was prepared to >> do anything about. I ended up giving him an authenticated SMTP account on >> a web hosting package that I rent, to use as a smarthost. BT's >> recommendation, and I kid you not, was to use Yahoo for email. I think >> even today, BT subcontracts some parts of its email handling to Yahoo. >> >> -- >> Joe > >

"Cliff Galiher - MVP" <cgaliher@gmail.com> wrote in message news:etYJc6NlKHA.2592@TK2MSFTNGP04.phx.gbl... > Just as a matter of debate, I've *never* seen a spam filter care if the > reverse DNS *or* A record matches the HELO string in a mail server. In > fact, more often than not, they don't. > > Take an example of a company that uses a cloud-based email service, such > as an ISP server or hosted-Exchange. If you go the hosted-Exchange route, > do you really think MS gives you your own Exchange servers and that the > HELO strings match the MX/A record pair you set up? Or do you think that > a service provider that offers businesses 10-20 free email accounts as > part of their business bundle also gives them a dedicated server? > > There are so many *legitimate* scenarios where the HELO string will NOT > match the MX record that no spam filters would rightfully reject or even > negatively score messages that have a return header with such a setup. > > But what you say is true, a generic rDNS is usually perfectly adequate as > long as the ISP also has an A record that matches the PTR record so that > it is a matching pair. There isn't usually a cause to get them to create > custom/renamed records. > > -Cliff Cliff, I understand what you're saying about not requiring a matching PTR to MX record, but I just wanted to point out that in some spam filters, such as Vamsoft, it is an option. Of course I never use that option due to the scenarios you described. I would be surprised if anyone does or they would be rejecting numerous ligitimate mail. -- Ace This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution. Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.

Cliff> OK - thanks for the heads up. My domain name registered with Fasthosts is www.zoo-hardware.co.uk. My internal domain name is zoohardware.local. Also, thanks for confirming that for me. I've made the change to the MX record from IP address (81.149.235.191) to mail.zoo-hardware.co.uk. I did this several hours ago and everything seems to be working. When I use nslookup to view a couple of other companyies who I know are using BT their MX records show as mail exchanger = host(ip-address).in-addr.btopenworld.com I was just concerned that mine appears much simpler. Also, i'd quite like a backup so if my server ever went down, mail would go somewhere else. I would obviously put that as a higher priority. I contacted Fasthosts about providing me with this facility but they didn't seem to offer that service (it might have been my limited understanding of what i was asking for!) Joe> I know what you mean with BT, they really don't appear to be very helpful on anything even slightly technical. I think i'll struggle to get them to do anything for me. Bill, Andrew and Ace> Thankyou for your input / help on this too! "Cliff Galiher - MVP" wrote: > Inline: > > -Cliff > > > "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message > news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com... > > Hello, > > > > I am trying to get some clarification that my mx settings are OK. Mail is > > sending and receiving OK but I don't think its "by-the-book" > > > > I am running a SBS 2008 domain (lets call it mydomain.local) and I am > > hosting my own email server. > > > > I registered my domain name with fasthosts.co.uk (lets call it > > mydomain.co.uk). > > By not posting your real domain, you make it difficult for *us* to look and > verify. And since it is a public domain, hackers are still going to find > and scan it. Obfuscating public domains in newsgroups provides *no* added > security. Just for future reference. > > > I have a static IP address assigned by my ISP (BT - British Telecom) > > I have forwarded port 25 on my router to go to the internal IP address of > > my > > SBS. server > > On Fasthosts control panel I can set various DNS setting (A, mx, PTR etc). > > I > > originally created an MX record to be the Static IP address of my router. > > I > > also created an A record to point remote.mydomain.co.uk to the same static > > IP > > address for OWA. > > > > Having done some more research into DNS / MX records I'm beginning to > > think > > that what i SHOULD have done is create an A record such as > > mail.mydomain.co.uk and point it to my static IP, then create an MX record > > pointing to mail.mydomain.co.uk. > > Either/or. I prefer domain names in MX records...one less thing to change > and get cached if things have to get shuffled. I wouldn't call your setup > *wrong* though, just not optimal. > > > As my mail is flowing I'm reluctant to make any changes. If I do need to > > change it to what I mentioned above, can I do this without any emails > > getting > > bounced / lost? > > If you don't make any *wrong* changes then mail will flow just fine. Some > DNS servers will have the old data cached, but since your IP isn't changing, > it'll still get delivered. And new DNS queries will get the name and since > that also appears to work, you'll continue to be fine. Should be > transparent. > > > Final question, I've read a lot of PTR records being needed more and more. > > On my control panel with Fasthosts all I can create are, A, Cname, MX, > > AAAA > > and TXT records. Will I need to contact Fasthosts and ask them to create a > > PTR record for me? What do I need to have in this PTR? Sorry if that is a > > dumb question but I'm just starting to learn this stuff. > > Not Fasthosts. Reverse lookups work backwards, so the PTR record would > actually be owned/controlled by the owner of the IP address. In this case > BT. Again, had you posted your public IP, we could have checked for you; it > may already exist. It doesn't need to match your company, it need only > exist. > > > > > Kind regards, > > > > Chris > > . >

In regards to a backup service, let me say that SMTP as a protocol was designed to handle delays. AFter all, if your server is down, even if you have a backup service, the mail is delayed getting to YOU. So, in most cases, I don't believe a backup service is necessary. Most mail servers will attempt to resend every 4 hours, and your server should *not* be down longer than that even during regular maintenance/patching/reboot. A good DR plan is also essential for any server, and the max retry on most emails is 48 hours. You can get a new server rebuilt in that amount of time. But for the paranoid and overly-cautious, there is always backup MX services. I personally like DynDNS for the rare times I need to use one. Inexpensive, easy to set up, and reliable. -Cliff "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message news:2103E79E-0F66-4F15-A910-88B04BDD123D@microsoft.com... > Cliff> OK - thanks for the heads up. My domain name registered with > Fasthosts > is www.zoo-hardware.co.uk. My internal domain name is zoohardware.local. > Also, thanks for confirming that for me. I've made the change to the MX > record from IP address (81.149.235.191) to mail.zoo-hardware.co.uk. I did > this several hours ago and everything seems to be working. > > When I use nslookup to view a couple of other companyies who I know are > using BT their MX records show as > mail exchanger = host(ip-address).in-addr.btopenworld.com > > I was just concerned that mine appears much simpler. > > Also, i'd quite like a backup so if my server ever went down, mail would > go > somewhere else. I would obviously put that as a higher priority. I > contacted > Fasthosts about providing me with this facility but they didn't seem to > offer > that service (it might have been my limited understanding of what i was > asking for!) > > Joe> I know what you mean with BT, they really don't appear to be very > helpful on anything even slightly technical. I think i'll struggle to get > them to do anything for me. > > Bill, Andrew and Ace> Thankyou for your input / help on this too! > > > > "Cliff Galiher - MVP" wrote: > >> Inline: >> >> -Cliff >> >> >> "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message >> news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com... >> > Hello, >> > >> > I am trying to get some clarification that my mx settings are OK. Mail >> > is >> > sending and receiving OK but I don't think its "by-the-book" >> > >> > I am running a SBS 2008 domain (lets call it mydomain.local) and I am >> > hosting my own email server. >> > >> > I registered my domain name with fasthosts.co.uk (lets call it >> > mydomain.co.uk). >> >> By not posting your real domain, you make it difficult for *us* to look >> and >> verify. And since it is a public domain, hackers are still going to find >> and scan it. Obfuscating public domains in newsgroups provides *no* >> added >> security. Just for future reference. >> >> > I have a static IP address assigned by my ISP (BT - British Telecom) >> > I have forwarded port 25 on my router to go to the internal IP address >> > of >> > my >> > SBS. server >> > On Fasthosts control panel I can set various DNS setting (A, mx, PTR >> > etc). >> > I >> > originally created an MX record to be the Static IP address of my >> > router. >> > I >> > also created an A record to point remote.mydomain.co.uk to the same >> > static >> > IP >> > address for OWA. >> > >> > Having done some more research into DNS / MX records I'm beginning to >> > think >> > that what i SHOULD have done is create an A record such as >> > mail.mydomain.co.uk and point it to my static IP, then create an MX >> > record >> > pointing to mail.mydomain.co.uk. >> >> Either/or. I prefer domain names in MX records...one less thing to >> change >> and get cached if things have to get shuffled. I wouldn't call your >> setup >> *wrong* though, just not optimal. >> >> > As my mail is flowing I'm reluctant to make any changes. If I do need >> > to >> > change it to what I mentioned above, can I do this without any emails >> > getting >> > bounced / lost? >> >> If you don't make any *wrong* changes then mail will flow just fine. >> Some >> DNS servers will have the old data cached, but since your IP isn't >> changing, >> it'll still get delivered. And new DNS queries will get the name and >> since >> that also appears to work, you'll continue to be fine. Should be >> transparent. >> >> > Final question, I've read a lot of PTR records being needed more and >> > more. >> > On my control panel with Fasthosts all I can create are, A, Cname, MX, >> > AAAA >> > and TXT records. Will I need to contact Fasthosts and ask them to >> > create a >> > PTR record for me? What do I need to have in this PTR? Sorry if that is >> > a >> > dumb question but I'm just starting to learn this stuff. >> >> Not Fasthosts. Reverse lookups work backwards, so the PTR record would >> actually be owned/controlled by the owner of the IP address. In this >> case >> BT. Again, had you posted your public IP, we could have checked for you; >> it >> may already exist. It doesn't need to match your company, it need only >> exist. >> >> > >> > Kind regards, >> > >> > Chris >> >> . >>

In a hosted Exchange scenario, you may be given an MX on the hosting company's domain, not your own. You're also sending from that mail server, not your own. In that case, there would be no reason the HELO string wouldn't match the rDNS of the hosting company's server. Also, I've seen some pretty picky spam filters. We have a client where two of the principals have personal AT&T mail accounts. They were unable to send mail from the corporate domain to AT&T because the MX pointed to an external spam filtering service and we were sending mail directly out, making the source of the mail not match the MX. I think we solved that by eliminating the spam filtering service and relying on Trend Micro Worry-Free Business Security Advanced to handle it. AOL is also notorious for picky spam filtering. Many mail server administrators are of the attitude that fighting spam is a noble cause and if legitimate e-mail is filtered out in the process, "too bad, you didn't set up your mail server right, or start using a decent one like AT&T or AOL or MSN or Google." Many legitimate scenarios are rejected by spam filters (or at least result in higher scores); it's one of the things that drives me crazy about e-mail and forces me to conclude that a major overhaul of Internet and e-mail will eventually be demanded by end users. The HELO is critical; I know that because SBS 2003 mangles it by default (it defaults to domain.com, which is almost never right) and things do not work right until I fix it, even if reverse DNS itself is correct. Running the CEICW will usually break the HELO, and it must be fixed maunally. Try it. Change the HELO on an otherwise properly configured Exchange Server to "mail.fake.com" and try sending to AOL and see what happens. "Cliff Galiher - MVP" <cgaliher@gmail.com> wrote in message news:etYJc6NlKHA.2592@TK2MSFTNGP04.phx.gbl... > Just as a matter of debate, I've *never* seen a spam filter care if the > reverse DNS *or* A record matches the HELO string in a mail server. In > fact, more often than not, they don't. > > Take an example of a company that uses a cloud-based email service, such > as an ISP server or hosted-Exchange. If you go the hosted-Exchange route, > do you really think MS gives you your own Exchange servers and that the > HELO strings match the MX/A record pair you set up? Or do you think that > a service provider that offers businesses 10-20 free email accounts as > part of their business bundle also gives them a dedicated server? > > There are so many *legitimate* scenarios where the HELO string will NOT > match the MX record that no spam filters would rightfully reject or even > negatively score messages that have a return header with such a setup. > > But what you say is true, a generic rDNS is usually perfectly adequate as > long as the ISP also has an A record that matches the PTR record so that > it is a matching pair. There isn't usually a cause to get them to create > custom/renamed records. > > -Cliff > > > "Andrew M. Saucci, Jr." <spam-only@2000computer.com> wrote in message > news:eyYMOLNlKHA.3476@TK2MSFTNGP06.phx.gbl... >> Actually, the "generic" reverse DNS isn't nearly as much of a >> problem as having none at all. If the ISP won't update the reverse DNS, >> then setting up an A record to match it and changing the settings of the >> SMTP virtual server to use that identity can work. It isn't pretty, but >> it's legitimate. I don't think too many spam filters care much about what >> your reverse DNS is as long as it matches what the SMTP server reports as >> its identity in the HELO command. After all, the identity of a server in >> the end is purely arbitrary. >> >> "Joe" <joe@jretrading.com> wrote in message >> news:%23LkxhPHlKHA.5128@TK2MSFTNGP05.phx.gbl... >>> ChrisUK wrote: >>>> >>>> Final question, I've read a lot of PTR records being needed more and >>>> more. On my control panel with Fasthosts all I can create are, A, >>>> Cname, MX, AAAA and TXT records. Will I need to contact Fasthosts and >>>> ask them to create a PTR record for me? What do I need to have in this >>>> PTR? Sorry if that is a dumb question but I'm just starting to learn >>>> this stuff. >>>> >>> >>> You already know what to do, I'd add that I've known BT to be quite >>> difficult about PTR records, even on 'business' accounts with static IP >>> addresses. There will already be one of a generic kind, along the lines >>> of 'adsl-12-34-56-67-pool.btconnect.com', but this is not likely to >>> impress other mail servers. I have my own server configured to reject >>> SMTP connections from addresses with PTR records of this kind. >>> >>> The bad news is that many mail servers, particularly those of ISPs, will >>> expect a 'proper' PTR record of 'example.domain.com' form, and many >>> (including mine) will expect there to be a valid A record for >>> example.domain.com which points back to the IP address. I have not found >>> it necessary for the PTR-A pair to match the MX record or HELO string, >>> as mine do not and I have no problem sending mail to AOL, which is >>> notoriously fussy. >>> >>> Certainly two or three years ago, BT wasn't good at organising this kind >>> of thing. If they are still not willing to do it, then the only way you >>> can send mail reliably is through another mail server which is >>> considered 'respectable', such as an ISP's SMTP server. Check if your >>> account with BT includes the use of an SMTP smarthost, as it is a >>> facility you may want to use for other reasons. >>> >>> One of my customers insisted on using BT as ISP, against my >>> recommendations, and took out a 'business' account. This turned out to >>> have no smarthost facility and a fixed IP address that had a 'generic' >>> PTR and was on a number of blacklists, none of which BT was prepared to >>> do anything about. I ended up giving him an authenticated SMTP account >>> on a web hosting package that I rent, to use as a smarthost. BT's >>> recommendation, and I kid you not, was to use Yahoo for email. I think >>> even today, BT subcontracts some parts of its email handling to Yahoo. >>> >>> -- >>> Joe >> >>

For someone who wants to try this without messing up a perfectly good Exchange Server, an alternative is to use telnet to connect to AOL or AT&T's mail server interactively. You can type anything you want after HELO; it doesn't have to match what is programmed into SMTP (which would be irrelevant). "Andrew M. Saucci, Jr." <spam-only@2000computer.com> wrote in message news:uiHfYNYlKHA.5060@TK2MSFTNGP05.phx.gbl... > Try it. Change the HELO on an otherwise properly configured Exchange > Server to "mail.fake.com" and try sending to AOL and see what happens.

Cliff> thanks again for the help. Now I have posted my public IP, can you check to see if my PTR record is any good? Thanks again. "Cliff Galiher - MVP" wrote: > In regards to a backup service, let me say that SMTP as a protocol was > designed to handle delays. AFter all, if your server is down, even if you > have a backup service, the mail is delayed getting to YOU. So, in most > cases, I don't believe a backup service is necessary. Most mail servers > will attempt to resend every 4 hours, and your server should *not* be down > longer than that even during regular maintenance/patching/reboot. A good DR > plan is also essential for any server, and the max retry on most emails is > 48 hours. You can get a new server rebuilt in that amount of time. > > But for the paranoid and overly-cautious, there is always backup MX > services. I personally like DynDNS for the rare times I need to use one. > Inexpensive, easy to set up, and reliable. > > -Cliff > > > "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message > news:2103E79E-0F66-4F15-A910-88B04BDD123D@microsoft.com... > > Cliff> OK - thanks for the heads up. My domain name registered with > > Fasthosts > > is www.zoo-hardware.co.uk. My internal domain name is zoohardware.local. > > Also, thanks for confirming that for me. I've made the change to the MX > > record from IP address (81.149.235.191) to mail.zoo-hardware.co.uk. I did > > this several hours ago and everything seems to be working. > > > > When I use nslookup to view a couple of other companyies who I know are > > using BT their MX records show as > > mail exchanger = host(ip-address).in-addr.btopenworld.com > > > > I was just concerned that mine appears much simpler. > > > > Also, i'd quite like a backup so if my server ever went down, mail would > > go > > somewhere else. I would obviously put that as a higher priority. I > > contacted > > Fasthosts about providing me with this facility but they didn't seem to > > offer > > that service (it might have been my limited understanding of what i was > > asking for!) > > > > Joe> I know what you mean with BT, they really don't appear to be very > > helpful on anything even slightly technical. I think i'll struggle to get > > them to do anything for me. > > > > Bill, Andrew and Ace> Thankyou for your input / help on this too! > > > > > > > > "Cliff Galiher - MVP" wrote: > > > >> Inline: > >> > >> -Cliff > >> > >> > >> "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message > >> news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com... > >> > Hello, > >> > > >> > I am trying to get some clarification that my mx settings are OK. Mail > >> > is > >> > sending and receiving OK but I don't think its "by-the-book" > >> > > >> > I am running a SBS 2008 domain (lets call it mydomain.local) and I am > >> > hosting my own email server. > >> > > >> > I registered my domain name with fasthosts.co.uk (lets call it > >> > mydomain.co.uk). > >> > >> By not posting your real domain, you make it difficult for *us* to look > >> and > >> verify. And since it is a public domain, hackers are still going to find > >> and scan it. Obfuscating public domains in newsgroups provides *no* > >> added > >> security. Just for future reference. > >> > >> > I have a static IP address assigned by my ISP (BT - British Telecom) > >> > I have forwarded port 25 on my router to go to the internal IP address > >> > of > >> > my > >> > SBS. server > >> > On Fasthosts control panel I can set various DNS setting (A, mx, PTR > >> > etc). > >> > I > >> > originally created an MX record to be the Static IP address of my > >> > router. > >> > I > >> > also created an A record to point remote.mydomain.co.uk to the same > >> > static > >> > IP > >> > address for OWA. > >> > > >> > Having done some more research into DNS / MX records I'm beginning to > >> > think > >> > that what i SHOULD have done is create an A record such as > >> > mail.mydomain.co.uk and point it to my static IP, then create an MX > >> > record > >> > pointing to mail.mydomain.co.uk. > >> > >> Either/or. I prefer domain names in MX records...one less thing to > >> change > >> and get cached if things have to get shuffled. I wouldn't call your > >> setup > >> *wrong* though, just not optimal. > >> > >> > As my mail is flowing I'm reluctant to make any changes. If I do need > >> > to > >> > change it to what I mentioned above, can I do this without any emails > >> > getting > >> > bounced / lost? > >> > >> If you don't make any *wrong* changes then mail will flow just fine. > >> Some > >> DNS servers will have the old data cached, but since your IP isn't > >> changing, > >> it'll still get delivered. And new DNS queries will get the name and > >> since > >> that also appears to work, you'll continue to be fine. Should be > >> transparent. > >> > >> > Final question, I've read a lot of PTR records being needed more and > >> > more. > >> > On my control panel with Fasthosts all I can create are, A, Cname, MX, > >> > AAAA > >> > and TXT records. Will I need to contact Fasthosts and ask them to > >> > create a > >> > PTR record for me? What do I need to have in this PTR? Sorry if that is > >> > a > >> > dumb question but I'm just starting to learn this stuff. > >> > >> Not Fasthosts. Reverse lookups work backwards, so the PTR record would > >> actually be owned/controlled by the owner of the IP address. In this > >> case > >> BT. Again, had you posted your public IP, we could have checked for you; > >> it > >> may already exist. It doesn't need to match your company, it need only > >> exist. > >> > >> > > >> > Kind regards, > >> > > >> > Chris > >> > >> . > >> > . >

On 15 Jan, 09:44, ChrisUK <Chri...@discussions.microsoft.com> wrote: > Now I have posted my public IP, can you check to see if my PTR record is any > good? Something is not right. I can Telnet to your IP-address and to your FQDN on port 25, and both are responding correctly - but checks on MXToolbox.com and on CheckDNS.net show that you do not have an MX record, therefore no external mail can reach your server via SMTP. http://www.mxtoolbox.com/SuperTool.aspx?action=mx%3azoo-hardware.co.uk http://www.checkdns.net/quickcheck.aspx?domain=zoo-hardware.co.uk+&detailed=1 I use the Fasthosts reseller package to host multiple domains, but I find their DNS managament tools to be rather rudimentary. I prefer to use www.zonedit.com for detailed DNS management. You can easily set up a free package with them for up to 5 domains, and you just need to repoint the DNS frtom Fasthosts. -- WH

On 15 Jan, 10:57, William <will...@lowerknowle.com> wrote: > On 15 Jan, 09:44, ChrisUK <Chri...@discussions.microsoft.com> wrote: > > > Now I have posted my public IP, can you check to see if my PTR record is any > > good? > > Something is not right. I can Telnet to your IP-address and to your > FQDN on port 25, and both are responding correctly - but checks on > MXToolbox.com and on CheckDNS.net show that you do not have an MX > record, therefore no external mail can reach your server via SMTP. OK - Let's amend that, I've just retested, and MXToolbox is now finding your MX record, CheckDNS is still reporting no MX. Perhaps a slow "population" problem. It might take another 24 hours before it's all up-to-date. -- WH

ChrisUK wrote: > Cliff> thanks again for the help. > > Now I have posted my public IP, can you check to see if my PTR record is any > good? > William has mentioned http://www.mxtoolbox.com which is (currently) free and very useful for a variety of tests. There are many other free DNS and mail testing sites, such as http://www.checkdns.net. There are sites which will send you a test email or check for SMTP relaying. You can make various SMTP tests yourself (such as whether an email address is valid, or even send an email) using Telnet: http://support.microsoft.com/kb/153119 Note that some mail servers require that sender and recipient email addresses are enclosed in angle brackets <> and will return a syntax error message if they're not. Normally, you'll need to test your own server from outside the network, but that depends on your router and your DNS setup. Probably the quickest way to see your own PTR is to use http://grc.com and locate the Shields Up!! test. Mr Gibson is a bit alarmist, so ignore all the dire warnings. You're looking for: "The text below might uniquely identify you on the Internet". This site is aimed at the home user, and isn't as important as it was before XP SP2. It is still one of the quickest ways to check for open ports. -- Joe

Andrew M. Saucci, Jr. wrote: > spam filtering. Many mail server administrators are of the attitude that > fighting spam is a noble cause and if legitimate e-mail is filtered out in > the process, "too bad, you didn't set up your mail server right, or start > using a decent one like AT&T or AOL or MSN or Google." I'm afraid I'm one of those. My mail server, supporting a small business and a couple of humans, typically gets over 2000 bogus connections a day. The large majority are NDR spams, which fail the 'valid recipient' test, but I do need other techniques. If I do reject any valid email, I do accept mail unconditionally to the abuse and postmaster addresses, as required by RFC, and I've yet to see a single spam sent to either. > > Many legitimate scenarios are rejected by spam filters (or at least > result in higher scores); it's one of the things that drives me crazy about > e-mail and forces me to conclude that a major overhaul of Internet and > e-mail will eventually be demanded by end users. I've tried SpamAssassin, and my email client uses it, but I'm not keen on content evaluation. I do (attempt to) run a business, so I can't use a whitelist and it would be too easy to lose leads using content filtering. I'd have no choice but to look at the failures, which rather defeats the object... unless I can make sure there are only a handful a day by using other methods. > > The HELO is critical; I know that because SBS 2003 mangles it by > default (it defaults to domain.com, which is almost never right) and things > do not work right until I fix it, even if reverse DNS itself is correct. > Running the CEICW will usually break the HELO, and it must be fixed > maunally. Try it. Change the HELO on an otherwise properly configured > Exchange Server to "mail.fake.com" and try sending to AOL and see what > happens. > I check that a HELO can be found in public DNS, and go no further. A domain name is OK, it doesn't have to be a hostname. I don't think many servers go further than this: when I make a telnet connection to a mail server for test purposes, I usually use a well-known six-character domain name rather than type in a hostname that I own, and I've never had a problem. -- Joe

Others have given you good advice on good self-test tools (I prefer MXToolbox) but yes, your PTR record is set by your ISP and they have a matching A record as well. Should be good to go on that front. -Cliff "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message news:987D3565-3435-4C00-94A7-23BE003C9CEC@microsoft.com... > Cliff> thanks again for the help. > > Now I have posted my public IP, can you check to see if my PTR record is > any > good? > > Thanks again. > > "Cliff Galiher - MVP" wrote: > >> In regards to a backup service, let me say that SMTP as a protocol was >> designed to handle delays. AFter all, if your server is down, even if >> you >> have a backup service, the mail is delayed getting to YOU. So, in most >> cases, I don't believe a backup service is necessary. Most mail servers >> will attempt to resend every 4 hours, and your server should *not* be >> down >> longer than that even during regular maintenance/patching/reboot. A good >> DR >> plan is also essential for any server, and the max retry on most emails >> is >> 48 hours. You can get a new server rebuilt in that amount of time. >> >> But for the paranoid and overly-cautious, there is always backup MX >> services. I personally like DynDNS for the rare times I need to use one. >> Inexpensive, easy to set up, and reliable. >> >> -Cliff >> >> >> "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message >> news:2103E79E-0F66-4F15-A910-88B04BDD123D@microsoft.com... >> > Cliff> OK - thanks for the heads up. My domain name registered with >> > Fasthosts >> > is www.zoo-hardware.co.uk. My internal domain name is >> > zoohardware.local. >> > Also, thanks for confirming that for me. I've made the change to the MX >> > record from IP address (81.149.235.191) to mail.zoo-hardware.co.uk. I >> > did >> > this several hours ago and everything seems to be working. >> > >> > When I use nslookup to view a couple of other companyies who I know are >> > using BT their MX records show as >> > mail exchanger = host(ip-address).in-addr.btopenworld.com >> > >> > I was just concerned that mine appears much simpler. >> > >> > Also, i'd quite like a backup so if my server ever went down, mail >> > would >> > go >> > somewhere else. I would obviously put that as a higher priority. I >> > contacted >> > Fasthosts about providing me with this facility but they didn't seem to >> > offer >> > that service (it might have been my limited understanding of what i was >> > asking for!) >> > >> > Joe> I know what you mean with BT, they really don't appear to be very >> > helpful on anything even slightly technical. I think i'll struggle to >> > get >> > them to do anything for me. >> > >> > Bill, Andrew and Ace> Thankyou for your input / help on this too! >> > >> > >> > >> > "Cliff Galiher - MVP" wrote: >> > >> >> Inline: >> >> >> >> -Cliff >> >> >> >> >> >> "ChrisUK" <ChrisUK@discussions.microsoft.com> wrote in message >> >> news:EE6D581B-19F6-4A9C-ADED-98FD5B1288B2@microsoft.com... >> >> > Hello, >> >> > >> >> > I am trying to get some clarification that my mx settings are OK. >> >> > Mail >> >> > is >> >> > sending and receiving OK but I don't think its "by-the-book" >> >> > >> >> > I am running a SBS 2008 domain (lets call it mydomain.local) and I >> >> > am >> >> > hosting my own email server. >> >> > >> >> > I registered my domain name with fasthosts.co.uk (lets call it >> >> > mydomain.co.uk). >> >> >> >> By not posting your real domain, you make it difficult for *us* to >> >> look >> >> and >> >> verify. And since it is a public domain, hackers are still going to >> >> find >> >> and scan it. Obfuscating public domains in newsgroups provides *no* >> >> added >> >> security. Just for future reference. >> >> >> >> > I have a static IP address assigned by my ISP (BT - British Telecom) >> >> > I have forwarded port 25 on my router to go to the internal IP >> >> > address >> >> > of >> >> > my >> >> > SBS. server >> >> > On Fasthosts control panel I can set various DNS setting (A, mx, PTR >> >> > etc). >> >> > I >> >> > originally created an MX record to be the Static IP address of my >> >> > router. >> >> > I >> >> > also created an A record to point remote.mydomain.co.uk to the same >> >> > static >> >> > IP >> >> > address for OWA. >> >> > >> >> > Having done some more research into DNS / MX records I'm beginning >> >> > to >> >> > think >> >> > that what i SHOULD have done is create an A record such as >> >> > mail.mydomain.co.uk and point it to my static IP, then create an MX >> >> > record >> >> > pointing to mail.mydomain.co.uk. >> >> >> >> Either/or. I prefer domain names in MX records...one less thing to >> >> change >> >> and get cached if things have to get shuffled. I wouldn't call your >> >> setup >> >> *wrong* though, just not optimal. >> >> >> >> > As my mail is flowing I'm reluctant to make any changes. If I do >> >> > need >> >> > to >> >> > change it to what I mentioned above, can I do this without any >> >> > emails >> >> > getting >> >> > bounced / lost? >> >> >> >> If you don't make any *wrong* changes then mail will flow just fine. >> >> Some >> >> DNS servers will have the old data cached, but since your IP isn't >> >> changing, >> >> it'll still get delivered. And new DNS queries will get the name and >> >> since >> >> that also appears to work, you'll continue to be fine. Should be >> >> transparent. >> >> >> >> > Final question, I've read a lot of PTR records being needed more and >> >> > more. >> >> > On my control panel with Fasthosts all I can create are, A, Cname, >> >> > MX, >> >> > AAAA >> >> > and TXT records. Will I need to contact Fasthosts and ask them to >> >> > create a >> >> > PTR record for me? What do I need to have in this PTR? Sorry if that >> >> > is >> >> > a >> >> > dumb question but I'm just starting to learn this stuff. >> >> >> >> Not Fasthosts. Reverse lookups work backwards, so the PTR record >> >> would >> >> actually be owned/controlled by the owner of the IP address. In this >> >> case >> >> BT. Again, had you posted your public IP, we could have checked for >> >> you; >> >> it >> >> may already exist. It doesn't need to match your company, it need >> >> only >> >> exist. >> >> >> >> > >> >> > Kind regards, >> >> > >> >> > Chris >> >> >> >> . >> >> >> . >>

"William" <william@lowerknowle.com> wrote in message news:f3b7d899-1935-48a8-9803-ecb64e02fba2@j5g2000yqm.googlegroups.com... > On 15 Jan, 10:57, William <will...@lowerknowle.com> wrote: >> On 15 Jan, 09:44, ChrisUK <Chri...@discussions.microsoft.com> wrote: >> >> > Now I have posted my public IP, can you check to see if my PTR record >> > is any >> > good? >> >> Something is not right. I can Telnet to your IP-address and to your >> FQDN on port 25, and both are responding correctly - but checks on >> MXToolbox.com and on CheckDNS.net show that you do not have an MX >> record, therefore no external mail can reach your server via SMTP. > > OK - Let's amend that, I've just retested, and MXToolbox is now > finding your MX record, CheckDNS is still reporting no MX. Perhaps a > slow "population" problem. It might take another 24 hours before it's > all up-to-date. > > -- > WH According to what I saw at MXToolbox, the IP is on a blacklist. http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a81.149.235.191 Based on the following link, it's on the UCEProtect. The reasons given are there is numerous spam not coming from the IP specifically, but coming from the ISP's IP block, 81.128.0.0/11. That subnet encompasses a huge number of IPs, which they list as 10,551,552 IPs. The link below implies the ISP "doesn't care." http://www.uceprotect.net/en/rblcheck.php?ipr=81.149.235.191 It's something that has to be taken up with the mail provider or ISP, or change ISPs. Ace

Actually, I just took myself up on my own challenge. I opened a Telnet connection to AOL's mail server and manually sent an e-mail using a HELO of mail.fake.com. I was surprised to see that it actually went through, but it did get put into the spam folder, which in most cases is as good as if it had been rejected outright. Perhaps HELO isn't as important as I had thought, but every time it's wrong clients start complaining that their mail isn't going through, so I would still be sure it matches the reverse DNS. "Andrew M. Saucci, Jr." <spam-only@2000computer.com> wrote in message news:uiHfYNYlKHA.5060@TK2MSFTNGP05.phx.gbl... > In a hosted Exchange scenario, you may be given an MX on the > hosting company's domain, not your own. You're also sending from that mail > server, not your own. In that case, there would be no reason the HELO > string wouldn't match the rDNS of the hosting company's server. > > Also, I've seen some pretty picky spam filters. We have a client > where two of the principals have personal AT&T mail accounts. They were > unable to send mail from the corporate domain to AT&T because the MX > pointed to an external spam filtering service and we were sending mail > directly out, making the source of the mail not match the MX. I think we > solved that by eliminating the spam filtering service and relying on Trend > Micro Worry-Free Business Security Advanced to handle it. AOL is also > notorious for picky spam filtering. Many mail server administrators are of > the attitude that fighting spam is a noble cause and if legitimate e-mail > is filtered out in the process, "too bad, you didn't set up your mail > server right, or start using a decent one like AT&T or AOL or MSN or > Google." > > Many legitimate scenarios are rejected by spam filters (or at least > result in higher scores); it's one of the things that drives me crazy > about e-mail and forces me to conclude that a major overhaul of Internet > and e-mail will eventually be demanded by end users. > > The HELO is critical; I know that because SBS 2003 mangles it by > default (it defaults to domain.com, which is almost never right) and > things do not work right until I fix it, even if reverse DNS itself is > correct. Running the CEICW will usually break the HELO, and it must be > fixed maunally. Try it. Change the HELO on an otherwise properly > configured Exchange Server to "mail.fake.com" and try sending to AOL and > see what happens. > > "Cliff Galiher - MVP" <cgaliher@gmail.com> wrote in message > news:etYJc6NlKHA.2592@TK2MSFTNGP04.phx.gbl... >> Just as a matter of debate, I've *never* seen a spam filter care if the >> reverse DNS *or* A record matches the HELO string in a mail server. In >> fact, more often than not, they don't. >> >> Take an example of a company that uses a cloud-based email service, such >> as an ISP server or hosted-Exchange. If you go the hosted-Exchange >> route, do you really think MS gives you your own Exchange servers and >> that the HELO strings match the MX/A record pair you set up? Or do you >> think that a service provider that offers businesses 10-20 free email >> accounts as part of their business bundle also gives them a dedicated >> server? >> >> There are so many *legitimate* scenarios where the HELO string will NOT >> match the MX record that no spam filters would rightfully reject or even >> negatively score messages that have a return header with such a setup. >> >> But what you say is true, a generic rDNS is usually perfectly adequate as >> long as the ISP also has an A record that matches the PTR record so that >> it is a matching pair. There isn't usually a cause to get them to create >> custom/renamed records. >> >> -Cliff >> >> >> "Andrew M. Saucci, Jr." <spam-only@2000computer.com> wrote in message >> news:eyYMOLNlKHA.3476@TK2MSFTNGP06.phx.gbl... >>> Actually, the "generic" reverse DNS isn't nearly as much of a >>> problem as having none at all. If the ISP won't update the reverse DNS, >>> then setting up an A record to match it and changing the settings of the >>> SMTP virtual server to use that identity can work. It isn't pretty, but >>> it's legitimate. I don't think too many spam filters care much about >>> what your reverse DNS is as long as it matches what the SMTP server >>> reports as its identity in the HELO command. After all, the identity of >>> a server in the end is purely arbitrary. >>> >>> "Joe" <joe@jretrading.com> wrote in message >>> news:%23LkxhPHlKHA.5128@TK2MSFTNGP05.phx.gbl... >>>> ChrisUK wrote: >>>>> >>>>> Final question, I've read a lot of PTR records being needed more and >>>>> more. On my control panel with Fasthosts all I can create are, A, >>>>> Cname, MX, AAAA and TXT records. Will I need to contact Fasthosts and >>>>> ask them to create a PTR record for me? What do I need to have in this >>>>> PTR? Sorry if that is a dumb question but I'm just starting to learn >>>>> this stuff. >>>>> >>>> >>>> You already know what to do, I'd add that I've known BT to be quite >>>> difficult about PTR records, even on 'business' accounts with static IP >>>> addresses. There will already be one of a generic kind, along the lines >>>> of 'adsl-12-34-56-67-pool.btconnect.com', but this is not likely to >>>> impress other mail servers. I have my own server configured to reject >>>> SMTP connections from addresses with PTR records of this kind. >>>> >>>> The bad news is that many mail servers, particularly those of ISPs, >>>> will expect a 'proper' PTR record of 'example.domain.com' form, and >>>> many (including mine) will expect there to be a valid A record for >>>> example.domain.com which points back to the IP address. I have not >>>> found it necessary for the PTR-A pair to match the MX record or HELO >>>> string, as mine do not and I have no problem sending mail to AOL, which >>>> is notoriously fussy. >>>> >>>> Certainly two or three years ago, BT wasn't good at organising this >>>> kind of thing. If they are still not willing to do it, then the only >>>> way you can send mail reliably is through another mail server which is >>>> considered 'respectable', such as an ISP's SMTP server. Check if your >>>> account with BT includes the use of an SMTP smarthost, as it is a >>>> facility you may want to use for other reasons. >>>> >>>> One of my customers insisted on using BT as ISP, against my >>>> recommendations, and took out a 'business' account. This turned out to >>>> have no smarthost facility and a fixed IP address that had a 'generic' >>>> PTR and was on a number of blacklists, none of which BT was prepared to >>>> do anything about. I ended up giving him an authenticated SMTP account >>>> on a web hosting package that I rent, to use as a smarthost. BT's >>>> recommendation, and I kid you not, was to use Yahoo for email. I think >>>> even today, BT subcontracts some parts of its email handling to Yahoo. >>>> >>>> -- >>>> Joe >>> >>> > >

SBS 2008 + Multi User Microsoft Access DB

353

MSLeif

Cannot connect to Domain

234

patk570

SBS 2008 SP2 download

349

Utf

Map drives with group policy

595

Utf

Remove WMI filter

505

Utf

Event 9667

286

Utf

CI Service Event ID 4109

1120

Utf

SBS2003 to SBS2008, preparation. SP1 install errors

174

Utf

Help with Server network Layout!

171

Utf

Can not connect to computer through RWW

251

Utf

8/19/2012 5:19:33 PM