#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Posts
    2
    Rep Power
    0

    SMTP & PTR records (Newb question)


    Hi All,

    I have very limited experience with DNS however I am attempting to resolve some stability issues with our business email; smtp rejections etc, that I understand could be related to PTR (or lack thereof).

    Essentially we want to deliver mail originating from various locations such as home, office(s), web servers in hosting centres etc, from our business email/domain name EG(mail.nameATdomain.com). A third party provides our email hosting (smtp service as well as our multiple pop accounts).

    Given that these emails are originating within several different networks, how do I need to configure the PTR record (one or many?) to allow for successful reverse dns lookups?

    Any advice appreciated, thanks in advance.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    Those devices shouldn't have PTR records normally. The PTR record needs to be associated with your outbound mail server. When you set up mail clients, the outbound server (some call it Smarthost too) is usually something like smtp.whateverdomain.com. The devices and other clients only send mail to the outbound mail server and then that mail server sends the mail to the destination server (whatever the MX records point to). If you have any clients sending mail directly to other mail servers, that's probably not correct.

    The reverse lookup is only performed on the IP that is connecting to the destinations SMTP server. If your mail is hosted elsewhere, I'd contact them about getting a PTR record set. Are you sure the rejections are PTR record issues?
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Posts
    2
    Rep Power
    0
    Originally Posted by CaptPikel
    Those devices shouldn't have PTR records normally. The PTR record needs to be associated with your outbound mail server. When you set up mail clients, the outbound server (some call it Smarthost too) is usually something like smtp.whateverdomain.com. The devices and other clients only send mail to the outbound mail server and then that mail server sends the mail to the destination server (whatever the MX records point to). If you have any clients sending mail directly to other mail servers, that's probably not correct.

    The reverse lookup is only performed on the IP that is connecting to the destinations SMTP server. If your mail is hosted elsewhere, I'd contact them about getting a PTR record set. Are you sure the rejections are PTR record issues?
    OK that makes a lot of sense (even to me) CaptPikel, thank you. No, I'm not certain that it is PTR related necessarily, however would like to rule that out as well as adhere to best practices if possible. One other thing that was pointed out to me was that we don't have any SPF set up. So I am also investigating this. I'm not sure it is altogether practical in our case (supplying IP's for home/mobile users etc)

    Thanks again for clearing up the PTR question.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    I would recommend adding an SPF record and a TXT record with an SPF statement in it. Cover both possibilities and it can't hurt. All the SPF record will do is state what servers are allowed to send on behalf of your domain. If someone is spoofing your domain and sending spam, it can lead to you getting on blacklists. Any servers that support SPF will see if you have a record and follow the guidlines you put in place in that record. No record means anyone can claim to be your domain and it's ok with you (from the servers point of view). Normally the only thing in the SPF will be your outgoing mail server. But if you do email blasts from a third party (like Constant Contact), you can add their IP's as well as allowed senders. SPF is just a simple way to attempt to protect your domains identity from internet identity theft pretty much. Just make sure to set it up right if you do it.

    http://www.openspf.org/SPF_Record_Syntax

IMN logo majestic logo threadwatch logo seochat tools logo