Mail to earthlink addresses being blocked - mismatched rdns
Exchange Server Forum Index Exchange Server
Discussion forums for Microsoft Exchange Server users.
Microsoft Outlook Forum
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Mail to earthlink addresses being blocked - mismatched rdns
Post new topic   Reply to topic    Exchange Server Forum Index -> Administration
Author Message
arog73



Joined: 21 May 2010
Posts: 1
Posted: Fri May 21, 2010 9:01 pm    Post subject: Mail to earthlink addresses being blocked - mismatched rdns Reply with quote
Mails from one of my customers sent to any earthlink address is being blocked by earthlink. I've followed earthlink's automated procedures to solve the problem, but that hasn't worked. I've verified that my customer's mail server is not black listed anywhere, is not an open relay, and has a valid PTR record.

My customer's mail server is: mail.thenorrisgroup.com
IP address of mail server is: 71.83.80.196

I just heard from an earthlink level 3 tech support guy that the problem is that when earthlink (or anyone else for that matter) receives an email from someone at the norris group (my customer), the mail header "RECEIVED:" section indicates that the mail is from "71-83-80-194.static.rvsd.ca.charter.com" and not mail.thenorrisgroup.com. The issue is plainly obvious...the SMTP connection is coming from their firewall (which is 71.83.80.194) and not the mail server (which is 71.83.80.196.

Right now, there is a 'A' record for mail.thenorrisgroup.com -> 71.83.80.196. The ISP (Charter) has created a PTR record for 71.83.80.196 -> mail.thenorrisgroup.com. This can all be verified at any dns testing site.

So...what do I need to do to fix this?

Do I need to change the 'A' record for mail.thenorrisgroup.com from 71.83.80.196 to 71.83.80.194? If so, then I'll need to have the ISP change the PTR too (obviously). I will also need to add a firewall rule which says to forward all incoming traffic on port 25 to the mail server's internal ip.

Another option would be to create an 'A' called smtp.thenorrisgroup.com and resolve that to 71.83.80.194 (the firewall). Then, have the ISP (Charter) create a PTR record to make 71.83.80.194 resolve to smtp.thenorrisgroup.com. THEN, I could update the helo response in the SMTP Virtual Connector to reflect smtp.thenorrisgroup.com instead of mail.thenorrisgroup.com. This would make the PTR, the Received, and the helo all match.

Problem is...the mx record says that the mail server for thenorrisgroup.com is mail.thenorrisgroup.com and not smtp.thenorrisgroup.com. So...maybe I could then just add a CNAME record for smtp.thenorrisgroup.com which would just point back to mail.thenorrisgroup.com

So...what would happen if I then changed the MX record to smtp.thenorrisgroup.com?

Diagram of my customer's network:

ISP - 71.83.80.193
|
TheNorrisGroup's Firewall (Cisco 871) - 71.83.80.194
Internal network gateway ip - 192.168.10.1
|
Network Swtich
||||||||||||||||||
|
|
Mail Server - Exchange 2003 (exchange.norris.local & internal ip of 192.168.10.10)
external 'A' record of mail.thenorrisgroup.com which resolves to 71.83.80.196

Any suggestions?

Aaron Rogers
Inland Empire Computing

Back to top
View user's profile Send private message
 
Post new topic   Reply to topic    Exchange Server Forum Index -> Administration All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Access Forum - Dedicated Servers

Contact Us Powered by phpBB