If DNS is setup improperly, around time your mail server IP will be added to blacklists. Today most E-Mail servers have some sort of spam defense assistance which in convert signifies that all your inbound mail will be blocked if you do happen to be mentioned on a spam blacklist.
In this post I will explain how to accurately configure your MX and reverse DNS information for your mail server. This article is primarily based on an Exchange 2003/2007 server but each other messaging server will observe the exact theory.
Assigning an IP address
Commencing from the base up the initial thing you need to have to do is assign a static external IP deal with to the interior private address of your mail server. You will need to implement these regulations on your firewall to port ahead SMTP (port 25) and NAT an external IP deal with to the inner deal with of the server.
Some thing that a good deal of administrators ignore to do or test is to set the outgoing NAT rule to use the exact same external IP tackle established for the inbound rule to the mail server. If this isn’t established, Reverse DNS will not match and in turn your mail server will be shown on blacklists. If your firewall procedures are setup effectively the IP tackle shown on this web site must be the similar IP address you mapped to the inner private IP handle of the mail server.
Create the MX data for your mail server
For the goal of this instance, listed underneath are all the aspects of my mail server to assist you recognize what you will need to do.
Exterior IP: 188.8.131.52
E-Mail Area: area.com
You will need to be an administrative get hold of for your External DNS provider for your area to make these improvements. In most cases this can be done by means of an on the web management panel by means of your DNS provider. Failing that on the cellphone or through E-Mail.
1. The very first matter we need to have to do is generate an A file to issue to the external IP deal with mapped on your firewall to the mail server. The host A file can be called any matter but is generally identified as “mail”. In our instance we will build “mail.area.com” to position to IP tackle “184.108.40.206”
2. Future we will generate an MX file to position to the recently developed A record of our mail server.
Inside your DNS control panel pick “add MX file”. Make sure that the host tackle is the root domain title in our situation “area.com”
Set the FQDN as the A document we just produced which in our case is “mail.domain.com”.
The least expensive home is the most preferred but in our instance we will set the precedence as 10.
Use NSlookup to test DNS and MX documents are used
It can get up to 48 hours for DNS to propagate but in most circumstances 12-24 hours. To test our DNS entries are utilized and right we can use nslookup.
1. Open up a CMD prompt and style nslookup
2. Sort set type=mx
3. Type the area title which in our situation is domain.com.
In our example the output really should examine as follows if properly setup:
domain.com MX desire = 10, mail exchanger = mail.area.com
mail.domain.com online tackle = 220.127.116.11
Configure Reverse DNS
Reverse DNS is used to verify that the mail server is who it suggests it is. The recipients mail server will do a reverse lookup to make positive that the IP address of the mail A or host report in DNS is the exact as the IP deal with it is speaking with. Only 1 RDNS entry can be existing for every IP address.
To do this you will have to have to contact your ISP to make this entry. You will not be equipped to do this in your DNS management panel except if your ISP also host your DNS and give you the performance to insert your personal RDNS records.
In our circumstance we would make contact with our ISP and recommend that we would like to produce an RDNS entry for our IP handle 18.104.22.168 which would solve much too mail.domain.com.
Verify Reverse DNS
Once again it can take up to 48 hrs for DNS to propagate but in most instances 12-24 hrs. To validate that the RDNS entries have been added and are appropriate do the following:
1. Open up a CMD prompt.
2. Kind Ping -a 22.214.171.124 (This is the external IP handle for your mail server. In our case we use our external IP tackle mentioned previously mentioned)
If RDNS is configured correctly the subsequent output will be revealed:
C:UsersUser>ping -a 126.96.36.199
Pinging mail.domain.com [188.8.131.52] with 32 bytes of data:
Each time a mail server establishes a relationship with your mail server it exhibits its SMTP banner. This banner should be resolvable on the net and very best apply is to have it as your mail host/A history.
Configure SMTP banner Trade 2003
1. Open Exchange procedure manager.
2. Extend your administrative group (“1st administrative group” by default).
3. Develop Servers.
4. Extend YourServerName.
5. Broaden Protocals container.
6. Pick SMTP container.
7. On the right window, proper click the Default SMTP digital Server (Or the identify you set your SMTP Server) and
8. Decide on the Shipping and delivery Tab.
9. Click the Superior button.
10. Underneath the Totally-capable area title form mail.area.com (The A/Host record you created in DNS for your mail server)
11. Click on Ok and Ok once again to acknowledge the modifications
Configure SMTP banner Exchange 2007/2010
1. Open the Exchange administration console.
2. Decide on the Organisation Configuration container.
3. Pick out Hub Transportation container.
4. On the proper pick out the Send Connectors tab.
5. Appropriate click on your send out connector and pick out homes.
6. On the General tab beneath the Established the FQDN this connector will… type the A document domain identify you established. Which in our situation is mail.area.com. Click on Okay.
7. Under the Server Configuration container simply click the Hub Transport container.
8. In the Correct window Select the homes of the Get Connector less than Receive Connectors tab.
9. On the Basic tab underneath the Established the FQDN this connector will… kind the A history domain title you developed. Which in our circumstance is mail.domain.com. Click on Ok
To verify these alterations we can use telnet to look at the output upon setting up a link on port 25 to our mail server. Use the next measures to do this:
1. Open up a CMD prompt
2. Kind Telnet mail.domain.com 25.
The output you see really should search a thing like this and comprise your A record of your mail server:
220 mail.domain.com Microsoft ESMTP MAIL Assistance ready at Solar, 28 Feb 2
010 17:51:20 +0000
If you use an edge server or a SPAM filter appliance like a Barracuda the SMTP banner will have to be established on this device/server.
Verify to see if your mail server is on spam lists and/or an open up relay
A good internet site to use to check out your MX documents, RDNS, verify if your mail server is an open up relay and look at to see if you are stated on spam lists is www.mxtoolbox.com. This is a excellent web site and 1 to retain in your favourites.
Subsequent these information traces will productively and correctly configure mail routing to and from your mail server. The subsequent step is far too secure and ensure your mail server is not an open relay. I will be producing a separate article dedicated to this in the in the vicinity of future.