If DNS is set up improperly, above time your mail server IP will be added to blacklists. Today most E-Mail servers have some type of spam security service which in flip suggests that all your inbound mail will be blocked if you do materialize to be listed on a spam blacklist.
In this short article I will explain how to accurately configure your MX and reverse DNS data for your mail server. This posting is based on an Exchange 2003/2007 server but each individual other messaging server will stick to the exact same basic principle.
Assigning an IP deal with
Starting off from the bottom up the 1st factor you need to do is assign a static exterior IP address to the interior non-public tackle of your mail server. You will have to have to use these procedures on your firewall to port ahead SMTP (port 25) and NAT an external IP address to the inner address of the server.
One thing that a lot of directors ignore to do or test is to established the outgoing NAT rule to use the exact exterior IP tackle produced for the inbound rule to the mail server. If this isn’t established, Reverse DNS will not match and in switch your mail server will be mentioned on blacklists. If your firewall procedures are setup correctly the IP address listed on this web page should really be the exact IP handle you mapped to the inside private IP handle of the mail server.
Produce the MX data for your mail server
For the purpose of this illustration, stated under are all the facts of my mail server to support you realize what you want to do.
External IP: 22.214.171.124
E-Mail Domain: domain.com
You will will need to be an administrative speak to for your External DNS supplier for your domain to make these changes. In most instances this can be completed via an on-line management panel by means of your DNS provider. Failing that on the mobile phone or by way of E-Mail.
1. The initially matter we need to do is create an A document to stage to the exterior IP address mapped on your firewall to the mail server. The host A report can be named any issue but is commonly termed “mail”. In our case in point we will develop “mail.domain.com” to position to IP address “126.96.36.199”
2. Up coming we will build an MX file to level to the newly established A report of our mail server.
Inside of your DNS handle panel choose “incorporate MX history”. Make confident that the host deal with is the root area identify in our scenario “area.com”
Established the FQDN as the A document we just created which in our scenario is “mail.area.com”.
The cheapest residence is the most most well-liked but in our illustration we will set the precedence as 10.
Use NSlookup to verify DNS and MX information are applied
It can consider up to 48 several hours for DNS to propagate but in most scenarios 12-24 hrs. To check out our DNS entries are utilized and suitable we can use nslookup.
1. Open a CMD prompt and form nslookup
2. Sort established kind=mx
3. Style the area identify which in our situation is area.com.
In our case in point the output really should examine as follows if accurately set up:
domain.com MX desire = 10, mail exchanger = mail.area.com
mail.domain.com web handle = 188.8.131.52
Configure Reverse DNS
Reverse DNS is utilised to confirm that the mail server is who it claims it is. The recipients mail server will do a reverse lookup to make positive that the IP handle of the mail A or host document in DNS is the exact as the IP tackle it is communicating with. Only 1 RDNS entry can be current per IP deal with.
To do this you will will need to call your ISP to make this entry. You will not be equipped to do this in your DNS regulate panel unless of course your ISP also host your DNS and give you the performance to insert your own RDNS records.
In our case we would speak to our ISP and suggest that we would like to develop an RDNS entry for our IP handle 184.108.40.206 which would solve too mail.domain.com.
Validate Reverse DNS
All over again it can choose up to 48 hours for DNS to propagate but in most situations 12-24 hours. To verify that the RDNS entries have been included and are correct do the pursuing:
1. Open a CMD prompt.
2. Variety Ping -a 220.127.116.11 (This is the exterior IP deal with for your mail server. In our situation we use our exterior IP address stated above)
If RDNS is configured effectively the pursuing output will be shown:
C:UsersUser>ping -a 18.104.22.168
Pinging mail.area.com [22.214.171.124] with 32 bytes of details:
Each individual time a mail server establishes a link with your mail server it displays its SMTP banner. This banner ought to be resolvable on the internet and greatest practice is to have it as your mail host/A history.
Configure SMTP banner Exchange 2003
1. Open up Exchange procedure manager.
2. Broaden your administrative team (“First administrative team” by default).
3. Develop Servers.
4. Grow YourServerName.
5. Develop Protocals container.
6. Choose SMTP container.
7. On the right window, appropriate click on the Default SMTP virtual Server (Or the identify you set your SMTP Server) and
pick out Attributes.
8. Select the Supply Tab.
9. Simply click the Innovative button.
10. Under the Entirely-experienced area identify variety mail.domain.com (The A/Host report you made in DNS for your mail server)
11. Simply click Alright and Alright yet again to settle for the improvements
Configure SMTP banner Exchange 2007/2010
1. Open up the Exchange administration console.
2. Decide on the Organisation Configuration container.
3. Select Hub Transport container.
4. On the appropriate pick out the Send Connectors tab.
5. Proper simply click your deliver connector and choose homes.
6. On the Normal tab below the Set the FQDN this connector will… sort the A record area identify you created. Which in our situation is mail.area.com. Simply click Ok.
7. Beneath the Server Configuration container click on the Hub Transport container.
8. In the Correct window Select the homes of the Get Connector underneath Receive Connectors tab.
9. On the Normal tab underneath the Established the FQDN this connector will… variety the A history domain name you created. Which in our situation is mail.area.com. Simply click Okay
To validate these modifications we can use telnet to watch the output on establishing a relationship on port 25 to our mail server. Use the next ways to do this:
1. Open up a CMD prompt
2. Type Telnet mail.domain.com 25.
The output you see ought to look anything like this and include your A report of your mail server:
220 mail.domain.com Microsoft ESMTP MAIL Assistance all set at Sun, 28 Feb 2
010 17:51:20 +0000
If you use an edge server or a SPAM filter appliance like a Barracuda the SMTP banner will have to be set on this system/server.
Verify to see if your mail server is on spam lists and/or an open relay
A good web site to use to test your MX information, RDNS, verify if your mail server is an open relay and verify to see if you are detailed on spam lists is www.mxtoolbox.com. This is a great web page and just one to retain in your favourites.
Next these information lines will correctly and the right way configure mail routing to and from your mail server. The up coming step is way too safe and assure your mail server is not an open up relay. I will be composing a independent short article focused to this in the in the vicinity of potential.