4

'm having some trouble with email on a dedicated server, with Windows Server 2008. I've reached the conclusion I have to setup reverse dns for the mail server.

The current setup is this:

The mail server is an exchange server rented from a 3rd party company, and is set as MX record in our dns server. The dns server is hosted on a different machine, a dedicated server (Windows Server 2008) under my control.

The question is who needs to set the reverse dns:

  1. The company that hosts the email server
  2. Me, that controls the dns zone for the domain
  3. The company that hosts our name server

I've never really understood who has the authority to set the reverse dns zones.

Caleb
  • 11,813
  • 4
  • 36
  • 49
Tudor Carean
  • 155
  • 3

2 Answers2

3

The entity (netblock owner) that has authority for the reverse lookup zone (and therefore the PTR record in that zone) is the entity that owns the ip address, which is probably the ISP or entity that you're getting the routable ip address for the mail server from.

In addition, think of a reverse lookup zone as you would any other zone. Who "owns" (has authority for) the zone? That's who you need to go to to have records set up in that zone.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • the general rule of thumb is the company that hosts the email server – anthonysomerset May 02 '11 at 15:33
  • @anthonysomerset: The email host may not be the netblock owner. I work at an email hosting company, but we don't own our ip addresses. we get those from our ISP and they have authority for the reverse lookup zone. When we need to create a PTR record we contact them to create it for us. – joeqwerty May 02 '11 at 15:37
1

Responsibility for reverse DNS falls to the entity that assigned the address. If you got an address or addresses from your ISP or hosting provider, they should be responsible for giving it a reverse value.

If you got a block of addresses and provisioned the nameserver for the address block to you, then you are responsible for reverse DNS. However it is unlikely that you have been provisioned as the DNS provider for the block without knowing what you were in for.

Caleb
  • 11,813
  • 4
  • 36
  • 49
  • in this case the email server is rented from another company then our dedicated server where we have the name server. Does this mean I have to tell the company we've rented the email server to add this dns record? Does it matter what they put in it or it just has to exist? I'm wondering if they need to set it as mail.ourdomain.com or not. – Tudor Carean May 02 '11 at 19:05
  • Yes, you will need to talk to whoever OWNS the address the mail server uses. If this is a large company they might own the IP block, if they just provide a couple servers they might have gotten the addresses from and ISP and the change will need to be made there. Usually what mail systems want to see is that the reverse and forward lookups are the same. If your mail server identifies itself as mail.x.tld, and mail.x.tdl resolves to your ip, that IP also needs to resolve to mail.x.tdl in reverse. It's not a hard rule, but sometimes used by spam filters to establish credibility. – Caleb May 02 '11 at 19:10