If DNS is setup improperly, around time your mail server IP will be extra to blacklists. These days most E-Mail servers have some kind of spam protection services which in flip signifies that all your inbound mail will be blocked if you do come about to be stated on a spam blacklist.

In this post I will describe how to accurately configure your MX and reverse DNS data for your mail server. This post is primarily based on an Trade 2003/2007 server but just about every other messaging server will observe the exact same theory.

Assigning an IP deal with

Starting up from the bottom up the first detail you will need to do is assign a static exterior IP deal with to the inner non-public handle of your mail server. You will need to implement these regulations on your firewall to port forward SMTP (port 25) and NAT an external IP deal with to the inside address of the server.

Anything that a lot of administrators fail to remember to do or test is to established the outgoing NAT rule to use the exact exterior IP handle developed for the inbound rule to the mail server. If this is not set, Reverse DNS will not match and in change your mail server will be outlined on blacklists. If your firewall rules are setup accurately the IP address mentioned on this website page need to be the exact same IP handle you mapped to the inside private IP tackle of the mail server.

Develop the MX data for your mail server

For the objective of this case in point, stated underneath are all the details of my mail server to enable you realize what you require to do.

External IP:

E-Mail Domain: area.com

You will will need to be an administrative make contact with for your Exterior DNS company for your domain to make these improvements. In most situations this can be performed by an online command panel as a result of your DNS service provider. Failing that on the cellphone or by using E-Mail.

1. The to start with factor we require to do is generate an A history to issue to the external IP address mapped on your firewall to the mail server. The host A record can be called any point but is usually identified as “mail”. In our instance we will develop “mail.domain.com” to level to IP address “”

2. Future we will produce an MX file to issue to the freshly developed A history of our mail server.

Inside of your DNS control panel decide on “include MX record”. Make guaranteed that the host tackle is the root domain title in our scenario “domain.com”

Set the FQDN as the A report we just established which in our scenario is “mail.domain.com”.

The cheapest house is the most desired but in our illustration we will set the priority as 10.

Use NSlookup to look at DNS and MX data are used

It can choose up to 48 several hours for DNS to propagate but in most circumstances 12-24 several hours. To test our DNS entries are utilized and accurate we can use nslookup.

1. Open a CMD prompt and type nslookup

2. Type set style=mx

3. Type the domain title which in our case is area.com.

In our illustration the output need to browse as follows if properly set up:

> domain.com

Non-authoritative respond to:

area.com MX desire = 10, mail exchanger = mail.area.com

mail.domain.com internet deal with =

Configure Reverse DNS

Reverse DNS is employed to confirm that the mail server is who it suggests it is. The recipients mail server will do a reverse lookup to make confident that the IP address of the mail A or host file in DNS is the similar as the IP address it is speaking with. Only 1 RDNS entry can be existing per IP address.

To do this you will need to speak to your ISP to make this entry. You will not be able to do this in your DNS command panel except if your ISP also host your DNS and give you the features to incorporate your own RDNS documents.

In our scenario we would contact our ISP and suggest that we would like to develop an RDNS entry for our IP address which would solve as well mail.domain.com.

Confirm Reverse DNS

Yet again it can just take up to 48 hrs for DNS to propagate but in most circumstances 12-24 several hours. To validate that the RDNS entries have been added and are right do the following:

1. Open a CMD prompt.

2. Form Ping -a (This is the external IP address for your mail server. In our situation we use our external IP tackle stated previously mentioned)

If RDNS is configured appropriately the subsequent output will be proven:

C:UsersUser>ping -a

Pinging mail.area.com [] with 32 bytes of facts:

SMTP Banner

Each and every time a mail server establishes a connection with your mail server it demonstrates its SMTP banner. This banner need to be resolvable on the web and ideal apply is to have it as your mail host/A record.

Configure SMTP banner Trade 2003

1. Open up Trade program manager.

2. Broaden your administrative team (“To start with administrative team” by default).

3. Grow Servers.

4. Increase YourServerName.

5. Increase Protocals container.

6. Pick SMTP container.

7. On the right window, appropriate click on the Default SMTP digital Server (Or the name you set your SMTP Server) and

select Homes.

8. Select the Shipping and delivery Tab.

9. Click on the Advanced button.

10. Underneath the Thoroughly-experienced area name kind mail.area.com (The A/Host history you made in DNS for your mail server)

11. Click on Okay and Alright again to acknowledge the changes

Configure SMTP banner Exchange 2007/2010

1. Open up the Exchange administration console.

2. Pick the Organisation Configuration container.

3. Decide on Hub Transport container.

4. On the proper decide on the Ship Connectors tab.

5. Suitable simply click your deliver connector and find qualities.

6. On the Standard tab below the Set the FQDN this connector will… sort the A record area name you established. Which in our scenario is mail.domain.com. Simply click Okay.

7. Underneath the Server Configuration container click the Hub Transportation container.

8. In the Suitable window Pick the properties of the Acquire Connector beneath Receive Connectors tab.

9. On the Normal tab under the Set the FQDN this connector will… form the A file area name you developed. Which in our scenario is mail.area.com. Click Okay

To confirm these improvements we can use telnet to watch the output on setting up a relationship on port 25 to our mail server. Use the adhering to methods to do this:

1. Open a CMD prompt

2. Kind Telnet mail.area.com 25.

The output you see need to glance something like this and contain your A record of your mail server:

220 mail.area.com Microsoft ESMTP MAIL Company ready at Solar, 28 Feb 2

010 17:51:20 +0000

If you use an edge server or a SPAM filter equipment like a Barracuda the SMTP banner will have to be set on this machine/server.

Check to see if your mail server is on spam lists and/or an open relay

A fantastic web page to use to check out your MX records, RDNS, check out if your mail server is an open relay and verify to see if you are outlined on spam lists is www.mxtoolbox.com. This is a great web page and one particular to continue to keep in your favourites.

Pursuing these manual lines will properly and properly configure mail routing to and from your mail server. The future step is as well protected and assure your mail server is not an open relay. I will be composing a individual article dedicated to this in the in the vicinity of long run.