Reverse DNS & Multiple Virtual SMTP Servers

Sorry if this is a duplicate question. I searched through all the reverse DNS threads and couldn't find the same problem.

I have my dns server working correctly and a third party mail server running on my server (Win2K) with no problems. I'm hosting a couple of sites on the machine, all with their own mail servers. Once of the site admins called and said they couldn't send mail to some people. I realized after looking at the logs that it was because I didn't have reverse DNS entry setup his domain.

I added a PTR record in the main subnet of our DNS server and the mail immediately started working but now when someone does a reverse DNS lookup on any of the domains hosted on our server it shows all the domains in response.

Is there a way to get the reverse DNS to work correctly but not have all the domains show up during a Rerver DNS query?

Any help would be greatly appreciated!

How can a set-up

It would be helpful if you gave me the IP address that is supposed to have correct reverse DNS so that I can detail what you need to do.

Also, it is generally discouraged to have multiple PTR records associated with a single IP. Have you read the Reverse DNS post in the "Generic DNS References and tips" sticky topic?

The ip address is 216.58.225.153. In an effort to resolve the problem I've currently removed all the PTR records in the subnet but created new domains underneath of the the subnet and put the pointer records in there.

In the meantime I will read the Generic DNS References and tips

I recommend that you change the PTR record to "webmail.intellicominc.com" since that resolves to "216.58.225.153" and your mail server thinks it is called "webmail.intellicominc.com".

How would I set it up if each one of our mail customers has their own virual mail server. For example, one of our hosting customers is using our mail server but still uses mail.theirdomain.com for their incoming and outgoing servers. How can I get the reverse dns entry for theirdomain.com set up correctly to point back to our single IP address.

You haven't read my reverse DNS post yet in the "Generic DNS references and tips" topic. I'm slightly annoyed that you still haven't. It says very clearly it does not matter what you point the MX record to. Have as many virtual mail server domains as you want. As long as the IP resolves to one of those domains which resolves back to the IP, and the mail server agrees that domain is what it is called, you're ok.

I have in fact read the Generic DNS references and tips posted on May 19, 2004 but for some reason I've still having the problem. I'm not trying to be ignorant here just a little confused. I will re-read the article and see if I can find any discrepencies between it and my current configuration. Thank you again for your help and sorry for your slight annoyance.

Ignore my slight annoyance, since you've read it. I never blame people for not understanding me. The fault is always with the teacher. Lucky you, I fancy myself as a good teacher. So let's go to school...

Let's see, you say that you send mail from the IP address 216.58.225.153 right? Well, this is what I get when I connect to 216.58.225.153 port 25:

220 webmail.intellicominc.com

The mail server tells other mail servers that it is called "webmail.intellicominc.com". Those other mail servers will see the IP address you connected from, and then verify your server's story.

First, let's see what webmail.intellicominc.com resolves to:

dig webmail.intellicominc.com

Does the returned IP address match the IP address of your mail sending server? It suredly does! The first check succeeded.

Now, let's see what your IP resolves to:

dig -x 216.58.225.153

Oooooo, not good. You've got 3 PTR records. Somebody checking on your reverse DNS may only look at the first PTR record. But these records are ordered pseudo randomly. This would cause problems. Not only that, but none of these PTR records are "webmail.intellicominc.com". This check utterly failed!

The mail server you're sending mail to performs no other checks (except maybe ban lists of known spammers).

Alright, I think I got it configured correctly now. The hosting control panel that we use adds a pointer record every time someone creates a new site in IIS so I'm just going to have to go in there and delete them on a regular basis. Thanks again for all your help. It has truly been invaluable.