Become a Columnist Microsoft Exchange Site Microsoft Support SiteMSDN Exchange Site

   

Subscribe to OutlookExchange
What's New
Columnist
Anderson Patricio
Ann Mc Donough
Bob Spurzem
Brian Veal
Catherine Creary
Cherry Beado
Colin Janssen
Collins Timothy Mutesaria
Drew Nicholson
Fred Volking
Glen Scales
Goran Husman
Guy Thomas
Henrik Walther
Jason Sherry
Jayme Bowers
John Young
Joyce Tang
Justin Braun
Konstantin Zheludev
Kristina Waters
Kuang Zhang
Mahmoud Magdy
Martin Tuip
Michael Dong
Michele Deo
Mitch Tulloch
Nicolas Blank
Pavel Nagaev
Ragnar Harper
Ricardo Silva
Richard Wakeman
Russ Iuliano
Santhosh Hanumanthappa
Steve Bryant
Steve Craig
Todd Walker
Tracey J. Rosenblath
Development
More Resources
Software
Other Links
 
   

Configuring Reverse DNS for Exchange
Page 1 | Page 2 | Page 3

Configuring DNS

Now that Exchange has been configured to put the correct domain and server name in the message headers we now need to configure DNS.   The configuration steps for DNS will depend on if you are hosting your own DNS servers for forward (by name) and reverse (by IP) lookups.   First I cover creating A (forward) record in Windows 2003 DNS and then creating a PTR (reverse) record on Qwest's web site and in Windows 2003 DNS.

Configuring your forward records

The steps below assume your domain name is hosted on a Windows 2003 server.

  1. Launch DNS manager
  2. Navigate to the zone for the outgoing domain name configured in Exchange above
  3. Right click on that zone and choose   New Host (A)   
  4. Enter in the host name configured in Exchange above in the name field
  5. Enter in the IP address of the system connected to the Internet that will be transmitting messages to external mail servers

           This assumes you have a firewall or other mail system sitting on the Internet that the Exchange server transmits messages though.   If your Exchange server is directly connected to the Internet, which is NOT recommended, you would use the IP address of the Exchange server.

           If you aren't sure of this server goto: http://postmaster-us.info.aol.com/tools/ipverify.html and follow the steps to get an e-mail response that tells you what IP address actually sent the message to AOL  s test server.

  1. Check "Create associated pointer (PTR) record" and click Add Host

  •            If you do not host your own reverse lookup zones then this setting will have no effect, but it won  t hurt anything either.

  1. Click on the zone in DNS manager and sort by Data (semi-optional currently)
  2. Verify that there is only one Host (A) record for the IP above (semi-optional currently)

  •            It is suggested, by spam filtering guidelines at aol.com and others, that the FQDN of the sending server have only one A record.

  •            If you have other A records for that IP address you should be able to delete them and replace them with an alias (CNAME) record that points to the single FQDN.   Check with your network or application owners first to make sure this won  t cause any issues.

  •            If your Exchange server is directly connected to the Internet, NOT recommended, you may need to add a 2nd IP address to it and have the SMTP Virtual Server use it for sending messages.   Otherwise you will have two A records in DNS, the one created by Windows for the machine name and the one created above.   Windows will automatically recreate A records for systems unless the TCP/IP settings are changed to disable this.

 

Test the domain name by typing   ping <FQDN>  , it should come back with the IP address entered above.   The FQDN should be the one entered in Exchange earlier.

Configuring a PTR record

In my case I have multiple static IP addresses from Qwest.net.   You will need to get with your ISP to find out if they provide support for PTR records for the IP address that you are using for the system connected to the Internet that actually transmits e-mails to other servers.

Using your ISP

  1. Goto your ISPs web site used to manage DNS entries for reverse lookups

           For quest this website is: https://www.qwest.net/account_tools/dns/.

           With Qwest you can also have Qwest re-direct all reverse lookups to your own DNS server; I am configured this way so everything can be done on my Windows 2003 DNS servers.

  1. Create or replace the PTR record for the IP address of the server transmitting messages to the Internet

           The PTR record and IP address should match the entry created above, for mail.altered.com with 63.227.36.13 in the example screen shots.

Using Windows 2003

  1. In DNS Manager expand <Server>\Reverse Lookup Zones
  2. Click on the reverse lookup zone that corresponds to the network ID, first thee octets of the IP normally
  3. Check if there is pointer (PTR) record for the IP address of the server transmitting mail to the Internet
  4. If one doesn't exist right click on the zone and choose   New Pointer (PTR)    
  5. Enter the IP address of the server transmitting mail to the Internet and the FQDN

           The FQDN should match the value entered into the SMTP Virtual Server earlier

  1. Click OK

 

At this point both forward and reverse entries should have been created and Exchange should be configured to use the correct host and domain names in all outgoing e-mails.

Configuring Reverse DNS for Exchange
Page 1 | Page 2 | Page 3

Disclaimer: Your use of the information contained in these pages is at your sole risk. All information on these pages is provided "as is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Stephen Bryant or Pro Exchange. OutlookExchange.Com, Stephen Bryant and Pro Exchange shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

Copyright Stephen Bryant 2008