1

Our PTR records are managed by our ISP, as our ranges are too small for them to consider delegating to us. So, every time I want to update an entry, I have to email their support team.

In an effort to keep things simple, I'm considering asking them to do a one time change on all of our IPs. Each record would be set up such that 1.2.3.4 would be host-1-2-3-4.mycompany.net. Of course, we'd set up the corresponding A records as appropriate.

While this is all technically possible, my question is simple: Are we more likely to get our outgoing email marked as spam because the reverse lookup entries bear some resemblance to many home/small business ISPs - with the actual IP in the name?

(I ask because my office's IP is static-1-2-3-4.region.fios.verizon.net, and that gets blocked often despite being a static IP. But I think that's because it's *.fios.verizon.net. I suppose I could come up with some sort of random identifier for each IP, but this seemed straightforward to comprehend.)

AnFi
  • 6,103
  • 1
  • 14
  • 27
BJT
  • 358
  • 2
  • 10
  • 2
    If the PTR record matches the name that your email server identifies itself with during HELO/EHLO then I don't see why it would be a problem. Also, make sure you set up the appropriate SPF record. – joeqwerty Jul 18 '13 at 23:40
  • Actually, right now, we have longdeadserver.oldcompanyname.com as the reverse lookup, and an appropriate A record. That works fine, even though the server identifies itself as smtp.mycompany.com, which also has a proper A record. I'm not worried about the disconnect there; what concerns me is the dynamic appearance of using the IP in the hostname. – BJT Jul 19 '13 at 00:08

3 Answers3

2

Modern SMTP servers receiving mail from your servers care a lot more about valid SPF records for the domain than the PTR record from the sending server.

Kyle Smith
  • 9,683
  • 1
  • 31
  • 32
2

Some email servers may block generic reverse DNS names. Number of antispam policies internet wide is HUGE. It is safer to lower chances of hitting them as much as reasonably possible.

To be on safe side I would suggest you to assign a few (2 or more) reverse DNS entries for servers e.g. ice.mycompany.net.

Kyle Smith
  • 9,683
  • 1
  • 31
  • 32
AnFi
  • 6,103
  • 1
  • 14
  • 27
1

I have a published Email Policy that outlines the rules I apply. I don't believe any of the rules listed for incoming messages are uniquely mine. Most are derived from several documents.

As long as you pass rDNS validation most servers will not cause you much problem. Spam scanning software may. as your DNS entry looks the same as a lot of spam and not at all like a legitimate mail server.

Your easiest solution is to configure your email server to send all outgoing mail via a relay server. Verison should have one you can use.

Unless you are in the business of sending email you should have one email server dedicated to sending email to the Internet. That is the only one you need to worry about the DNS entries for.

You will have much better results if your server identifies itself as the name on the PTR record. Validations are often done on the name you provide in the HELO message. If it does not match the PTR record, then you may be penalized (sent to the Spam bucket).

An SPF record with a restrictive policy helps, although more to block Spam claiming to be your server.

BillThor
  • 27,737
  • 3
  • 37
  • 69
  • Indeed, we're talking about the entries for the relay server - we've already been burned trying to send email from a Verizon static IP; we route it through a VPN to a bi-directional relay in our colo. The question essentially boils down to whether having the IP address in the hostname is a trigger, which it doesn't appear to be. – BJT Jul 19 '13 at 03:31
  • @BJT If that is the format of DNS for Verison's relay server as seen from the Internet, do ask them to fix it. However, I see relay.versizon.net listed. Check the received headers or try sending email to port 25 to get a report. If you are relaying via verizon, you SPF record should allow them as a sender. When using a relay format of your mail servers address doesn't matter as long as the relay is happy. Often a PTR record is not required as the relay server will have other ways of checking your identity. – BillThor Jul 20 '13 at 03:03