Hi, I have the following question:I was looking at the headers in some my emails and found that the FQDN for the SMTP server doesn't match the A record on the public DNS. Does the FQDN for the SMTP (Exchange) server be the same that the host A record where the MX records are redirecting the email to? Return-Path: <user@domain.com>Received: from EXCHANGE.domain.Local ([1.1.1.1]) by mx.server.com with ESMTP id 34si899980qyk.21.2010.04.08.13.26.23; Thu, 08 Apr 2010 13:26:24 -0700 (PDT)Received-SPF: pass (server.com: domain of tformoso@domain.com designates 1.1.1.1 as permitted sender)I can see that EXCHANGE.domain.Local ([1.1.1.1])1.1.1.1 = for this example is the external interface for the ISP provider. Is that a misconfiguration? We haven't had any issues.

Nope. Not required to be the same. You may want the SMTP banner on the receive connector to match the external FQDN however. http://technet.microsoft.com/en-us/library/bb124740(EXCHG.80).aspx How to Modify the Default SMTP Banner

I was just wondering if that is correct then when you send mail the IP routing doesn't have to be the MX record.The IP that routes just has to have a PTR that validates to the correct domain. For instance our MX record has nothing to do with our sending mail server.However when a reverse-lookup is done on either of the IP's that are send mail routes as the PTR matches the forward lookup. Does that make sense?This is all that is necessary with regards to reverse lookup? The PTR lookup should resolve to the domain that the mail server HELO packet states it is from.

The sending server just needs a PTR that resolves to a valid FQDN. It does not have to match the mx record. It doesnt even have to match the sender's domain. ( You can send through an ISP's host for example) . Now alot of SPAM filtering will do a forward mx lookup however to ensure that the SMTP domain in the FROM: of the message also accepts mail. That is a valid check.

On Fri, 9 Apr 2010 20:46:16 +0000, AndyD_ wrote:>>>The sending server just needs a PTR that resolves to a valid FQDN. It does not have to match the mx record. It doesnt even have to match the sender's domain. ( You can send through an ISP's host for example) . I've come across a few zealots over the years that insist that it mustif you want to send them any e-mail.>Now alot of SPAM filtering will do a forward mx lookup however to ensure that the SMTP domain in the FROM: of the message also accepts mail. That is a valid check. It's also a valid thing to do on the data in the HELO\EHLO command.You could easily knock out 20% of the spam arriving at a site with avery few checks on that address -- even without doing a DNS lookup.These checks are pretty effective:[0.0.0.0]0.0.0.0[127.0.0.1]127.0.0.1localhostlocalhost.localdomain[your-servers-ip-address]your-servers-ip-addressyour-servers-fqdnyour-domainIf you can toss in a quick check to see if the address has any periodsin it, so much the better!---Rich MatheisenMCSE+I, Exchange MVP--- Rich Matheisen MCSE+I, Exchange MVP

Hi, For the Reverse DNS Lookup, it uses the client's IP address to resolve the valid FQDN (PTR) which should match the Received From value. You can create it based on the requirement. Thanks Allen