Multi-Sites setup
Hi Everyone,I am trying to setup multi-exchange server on multi-sites environment, it works fine though, except some servers not accepting email and got this message backClient host [61.X.X.X] blocked using list.dsbl.org;
http://dsbl.org/listing?61.X.X.XX is the IP address.It seems there is something to do with our reserve record, and wonder what is the proper way to set it up?For example, if my main domain name is register under abc.com, the MX record and the revserse record are pointing to our main server/ public IP, (e.g. 10.10.10.X), since I want my remote sites exchange server send emails, so the emails doesn't have to route back to our main server, but under the same email domain, i.e. abc.com. How do I setup the reserve record for my remote site, Do I point the reserve record back to abc.com or can't it? The dsbl.org complain something about a PTR record, which I assume is to do with reserve record. Otherwise my reserve record is pointing to my ISP.Thanks Roy
January 16th, 2007 1:23am
Reverse (PTR)DNSchecks are performed by some domains as a security precaution to prevent spoofed or relayed messages being accepted into their networks.
The trick though, is that no server actually checks that the PTR record points to the domain which is sending the mail, it just checks to see the record exists (thereby assuming it is a legitimate server ip).
The work around therefore is to have a PTR record registered for each IP address on your network which will be sending email to the internet.
You should also check that the SMTP header of the SMTP virtual server on all of your exchange servers is set to the same name as your public mx record. ESM > Administrative Group > Servers > ServerName > Protocols > Default SMTP Virtual Server Properties > Advanced > Delivery > FQDN:mx.domain.com
You should also check that none of your exchange servers are acting as an open relay, i.e. allowing anonymous connections to relay messages for domains other than the internal.
If all of these conditions are met, you can requestdsbl.org to delist you.
Free Windows Admin Tool Kit Click here and download it now
January 23rd, 2007 3:20pm