SendFailedException: 421 Refused. Your reverse DNS

Similar Messages

• Warning - Reverse DNS does not match SMTP Banner

  I have a installed in exchange server 2013 in the Home network. Everything looks fine. But Reserve DNS was not setup properly.  Reverse DNS is not matching with my domain. "Reverse
  DNS does not contain the hostname" when I checked in MXToolBox.com 
  I have configured FQDN on port 25 to mail.xxxxx.com. I don't know what else need to configure as Iam new to exchange. 
  Can some give me some steps to do this?
  ItsMeSri SP 2013 Foundation

  Reverse DNS (aka PTR record) is something set at your ISP level, not on your Exchange server. If you have a static IP from your provider you should be able to contact them (or log into the ISP's portal) to change the reverse DNS. If you have a dynamic IP
  (meaning you didn't pay extra for a static) you will be unable to set your reverse DNS.
  The implication's of not having a matching reverse DNS is that many email providers will not allow you to send them email (ex. aol.com, hotmail.com). I am actually in the same boat (on a dynamic IP) but I set up my Exchange to send all my email through a
  spam filter service. If you send through a reputable spam filter you should have no issues sending to any email providers (even though reverse DNS checks will still fail). 

• Reverse DNS does not match SMTP Banner

  Hello,
  We have a client with an SLS who is configured to send mail using the ISP as relay. With this situation, the server-side mail rules (vacation notices) are not working.
  So, I need to configure the server to use DNS to send mail. The client has one public static IP, in the form of client.static.isp.gr. ISP refuses to change the PTR for a single IP, so when I check the server using mxtoolbox.com, I get +Reverse DNS does not match SMTP Banner+.
  In MS Exchange, you can set the "Internet e-mail name" and change the default SMTP banner.
  How can I change the SMTP banner in Postfix? (in order to put the ISPs PTR for the static IP).
  Regards
  Kostas

  Kostas B. has been tussling with other issues ("ISP refuses to change the PTR for a single IP") and this is unrelated to the configuration of Mail itself, from what I can tell of it. He's really trying to do something that the ISP involved isn't supporting, and that's more of an administrative or ISP issue and less of a technical issue.
  As for your question (and presuming your public-facing DNS forward and reverse translations are correct and your MX record is correct, details which are not yet in evidence), launch Server Admin and set your mail server host name in the mail configuration. Server Admin > select server > Mail > general > fill in your internet-facing host name. This name should matche your public DNS MX record, and your public forward and reverse DNS translations should (also) match.
  And as a general rule, please don't thread-jack. That largely serves to confound and confuse the discussions.

• Set up reverse DNS for virtual mail hosting

  I need a bit of server configuation advice.
  I have a static IP and two public domains on a Snow Leopard server connected using NAT behind a firewall - with the necessary port forwarding to ensure all works. 
  1. abc.com is my primary domain on the server - server.abc.com
  2. I have xyz.com set up as a virtual domain and also as a virtual mail host
  This setup has worked well for a long time but I have found that emails to [email protected] are going missing.  If I check my mx records using one of the web based tools it show an error on the reverse dns for server.xyz.com showing a reverse DNS of server.abc.com.
  So the question - is it possible to have secondary 'virtual' DNS record on the server so reverse DNS works for the virtual mail host xyz.com?  If not how do I handle the reverse DNS problem which i think is causing some external mail server to reject mail due to the inconsistency on the reverse DNS lookup?
  Many thanks for any suggestions

  SMTP requires a DNS A record.
  A DNS A record is also known as a machine record.
  A DNS A record inherently means that forward DNS and reverse DNS will match.
  The forward translation translates the host name to the IP address.
  The reverse translation translates the IP address to host name.
  When the full translation produces the same host name, that's an A record.
  DNS CNAME records are aliases, and are used for virtual hosts.
  CNAME records inherently do not match the reverse DNS translations.
  To get your configuration to work, your server must have an A record.
  That means forward and reverse DNS will match.
  Any of the virtual hosts within your mail server then all use an MX pointing at the A record host.
  If you have your DNS hosted somewhere other than your ISP, then you'll need your ISP to set up a DNS PTR.
  The DNS PTR is the reverse translation; address to name.
  If you have your own DNS services within your network (as would be typical with a privately-addressed NAT'd network), set that up as a virtual host within SMTP.
  Here is some related reading on external (public) DNS, as related to SMTP servers and such.

• How to disable reverse DNS lookup on SSH login

  How do I disable reverse DNS lookup on SSH login in Solaris 9? I'm using the version bundled with Solaris 9.
  OpenSSH documentation says that I should set UseDNS to no but the option doesnt work in the bundled version of SSH server.
  I do not want to upgrade the bundled version of SSH server. Your help will be greatly appreciated.

  Ah nevermind. I think it was some command I ran changing english.lproj that did this so i am starting over.

• No Name Available / No Reverse DNS Entry in System Log

  On our network, we have two Macs running different versions of OSX Server software. Our "main" server is a G5 dual 2GHz (2.5 Gb RAM) running Leopard Server 10.5.6, and it runs most of our major services such as Open Directory (it’s designated an OD Master), Mail, Web, FTP and DNS. Our "secondary" server is an XServe dual 2.3GHz (G5) (2 Gb RAM) running Tiger Server 10.4.11. It only runs the AFP service and exists solely as our company’s fileserver. Both of its ethernet ports are connected to our company’s 10/100 switch, and the ports are configured as follows: Built-in Ethernet 2 (BSD Device Name en1) IP addr. 10.1.10.154; Built-in Ethernet 1 (BSD Device Name en0) IP addr. 10.1.10.152. In the Network control panel’s Network Port Configurations, Built-in Ethernet 2 (IP address 10.1.154) is moved to the top of the configuration window and as a result, Network Status indicates that that XServe "is connected to the Internet via Built-in Ethernet 2."
  That said, I see the following every 30 minutes in the System log:
  Apr 20 11:01:51 NAGXServe2 servermgrd: servermgr_dns: no name available via DNS for 10.1.10.154
  Apr 20 11:01:51 NAGXServe2 servermgrd: servermgr_dns: no reverse DNS entry for server, various services may not function properly
  This doesn’t cause any apparent problems in daily operation but if it’s something I could fix myself, I’d be willing to try. In the TCP/IP configuration for both ports, the DNS Server entry points to our "main" G5 server (which has a static IP address) and the Search Domain entry is that "main" G5 server’s domain name.
  In the DNS setup on the "main" G5 server, its domain name is entered in the "Primary Zone" field and its static IP address is entered in the Reverse Zone field; Whois lookups work successfully both forward and backward. But there is no mention of our "secondary" server anywhere in the "main" G5 server’s DNS setup.
  Thanks for any help!

  I am going to assume that the IP addresses you have given are REAL.
  You have to add an entry for NAGXServe2 in the DNS server's (NAGXServe1?) configs.
  First, what you need to enter are hostnames. The zone/domainname (example.com) should resolve to one representative server (your main server) for www service's sake, but otherwise, even your main server should have its own hostname (hostname.example.com).
  Let's say you already have an entry for your domain, example.com. This zone should already have one (or even two) A record, nagxserve1.example.com (and maybe example.com, without any hostname). You need to add another A record for nagxserve2.example.com with the IP address 10.1.10.154.
  You do this buy selecting "Computer (A) record" from the "Add record" dropdown button. A new A record called "newMachine" should appear under the zone record. If you can't see it, try clicking on the little triangle next to the zone/domain name.

• How to setup DNS behind Airport Extreme and ISP that will not reverse DNS

  Hi,
  I am having issues setting up my Mac Mini with SLS. Right now my server is connected to the internet through my Airport Express. It gets a static address from the router (10.0.1.13). The router also has a static address from my ISP. I own the domain redcedarpoint.com. I have set the A record to point to my static router IP address. I also setup a CNAME for server.redcedarpoint.com to the same address.
  During the initial portion of setup SLS sees my ISP's domain versus my own domain and incorrectly fills the local domain name. I manually changed these to redcedarpoint.com and called the server 'server'. This puts server.redcedarpoint.com into all the host names. Everything seems to work, but now all my users get email addresses like [email protected] versus [email protected]. I have manually set mail host name to redcedarpoint.com (although this is wrong I think). It solves the email addressing issue, but now postfix gives me a warning about a duplicate:
  +Jan 27 21:20:45 server postfix/postmap[70670]: warning: /var/amavis/local_domains.db: duplicate entry: "redcedarpoint.com"+
  My question is: What should I fill in during setup and how should I setup DNS from my hosting service.
  By the way, I am also trying to funnel all inbound and outbound email through my premium Google Apps subscription.
  Here's also the result of postconf -n
  +Last login: Wed Jan 27 21:19:47 on ttys000+
  +server:~ ianknight$ postconf -n+
  +biff = no+
  +command_directory = /usr/sbin+
  +config_directory = /etc/postfix+
  +content_filter = smtp-amavis:[127.0.0.1]:10024+
  +daemon_directory = /usr/libexec/postfix+
  +debugpeerlevel = 2+
  +enableserveroptions = yes+
  +header_checks = pcre:/etc/postfix/customheaderchecks+
  +html_directory = /usr/share/doc/postfix/html+
  +inet_interfaces = all+
  +mail_owner = _postfix+
  +mailboxsizelimit = 0+
  +mailbox_transport = dovecot+
  +mailq_path = /usr/bin/mailq+
  +manpage_directory = /usr/share/man+
  +mapsrbldomains =+
  +messagesizelimit = 10485760+
  +mydestination = $myhostname, localhost.$mydomain, localhost, dmcwatering.com, internationalcardio.com+
  +mydomain = redcedarpoint.com+
  +mydomain_fallback = localhost+
  +myhostname = redcedarpoint.com+
  +mynetworks = 127.0.0.0/8,216.239.32.0/19,64.233.160.0/19,66.249.80.0/20,72.14.192.0/18,209.8 5.128.0/17,66.102.0.0/20,74.125.0.0/16,64.18.0.0/20,207.126.144.0/20,173.194.0.0 /16+
  +newaliases_path = /usr/bin/newaliases+
  +queue_directory = /private/var/spool/postfix+
  +readme_directory = /usr/share/doc/postfix+
  +recipient_delimiter = ++
  +relayhost =+
  +sample_directory = /usr/share/doc/postfix/examples+
  +sendmail_path = /usr/sbin/sendmail+
  +setgid_group = _postdrop+
  +smtpsasl_authenable = yes+
  +smtpsasl_passwordmaps = hash:/etc/postfix/sasl/passwd+
  +smtpdclientrestrictions = permit_mynetworks permitsaslauthenticated rejectrblclient zen.spamhaus.org permit+
  +smtpdenforcetls = no+
  +smtpdhelorequired = yes+
  +smtpdhelorestrictions = rejectinvalid_helohostname rejectnon_fqdn_helohostname+
  +smtpdpw_server_securityoptions = cram-md5,gssapi,login+
  +smtpdrecipientrestrictions = permitsaslauthenticated permit_mynetworks rejectunauthdestination checkpolicyservice unix:private/policy permit+
  +smtpdsasl_authenable = yes+
  +smtpdtlsCAfile =+
  +smtpdtls_certfile =+
  +smtpdtls_excludeciphers = SSLv2, aNULL, ADH, eNULL+
  +smtpdtls_keyfile =+
  +smtpdtlsloglevel = 0+
  +smtpduse_pwserver = yes+
  +smtpdusetls = no+
  +unknownlocal_recipient_rejectcode = 550+
  +virtualaliasmaps =+
  +server:~ ianknight$+

  The first one is easy...
  Jan 27 21:20:45 server postfix/postmap70670: warning: /var/amavis/local_domains.db: duplicate entry: "redcedarpoint.com"
  You have redcedarpoint.com set as both the domain name and the hostname of the server. That is not correct:
  mydomain = redcedarpoint.com
  myhostname = redcedarpoint.com
  In this case, myhostname should be the reverse DNS hostname that the recipient mail server would see on outgoing mail - typically this would be something like 'mail.redcedarpoint.com
  You should also fix the mydestination parameter so that it includes your domain name as well:
  mydestination = $myhostname, localhost.$mydomain, localhost, dmcwatering.com, internationalcardio.com
  mydestination identifies the domains this server accepts mail for. In this setup it will accept mail addressed to @mail.redcedarpoint.com (assuming you fix myhostname, as above), @localhost.redcedarpoint.com, @localhost, @dmcwatering.com and @internationalcardio.com
  Nowhere here does @recedarpoint.com appear, so users won't get mail addressed to [email protected]
  It's easiest to just add redcedarpoint.com to the list of domains the server handles mail for.
  how should I setup DNS from my hosting service
  Your subject implies a reverse DNS question, but there's nothing in this post about reverse DNS. Other than that, you should have an MX record for your domain that points to the public IP address of your router.

• OS X 10.4.11 Server - configured name and reverse DNS do not match / DNS

  Hi all,
  I have looked for similar posts but all seem to have different scenarios, hoping to get an answer from someone more experienced than myself before I do anything silly.
  Help much appreciated!
  Scenario:
  We run a 10.4.11 OS X Server on an XServe, hosted at an ISP. ISP provides all DNS services, incl. the reversed DNS entry.
  I am currently only running the following services (based on the display in ServerAdmin):
  AFP
  Firewall
  iChat
  Mail
  QuickTimeStreaming
  Web
  All others (incl. DNS) are grayed out. (As ISP instructed us not to add a DNS service on our box, that's "normal" according to my experiences with dedicated /co-location server hosting).
  We never used changeip after the initial setup, meaning the server's
  Current Hostname = somename.local and
  DNS Hostname = mail.ourdomainname.net
  So in system.log I find this re-occuring entry:
  Jul 8 11:41:22 somename servermgrd: servermgr_dns: configured name and reverse DNS name do not match (somename.local != mail.ourdomainname.net), various services may not function properly - use changeip to repair and/or correct DNS
  Finally, my question:
  As Mail and Web services etc. are currently running OK from what I can tell,
  1) do I HAVE to change this at all?
  2) Would it be much better / why?
  3) Could I change this using the following command
  (111.11.111.1 indicating the server's IP address)
  changeip 111.11.111.1 111.11.111.1 somename.local mail.ourdomainname.net
  4) without running a DNS server on the machine, i.e. DNS service is not required for this to work?
  5) obviously I want to be able to use Server Admin after I issue this command...
  6) can I fall back easily in case this would screw it up, or is there no risk whatsoever doing this in my case?
  THANK YOU so much for any help!

  Hi Jonas
  If port 443 is already being used on the same box as KMS then it will complain and probably not start the service? I've seen this with LDAP port 636. This is when Kerio is installed on a server configured as an OD Master. Clearly the port can't be used by both servers.
  It might be easier to change the port your sites are currently using to something else? Although don't do anything yet. Pose the question to Kerio Support and see what advice they offer.
  Yes moving the mail to a local folder on the mail client will do it.
  Is Kerio going on the same box? If its a different box (presumably different IP address?) Then what you can do is to port forward to the new server's IP address instead of disabling it. This way while you are bringing the new server on line users can still send mail right up until the time you give instructions on changing their inbound/outbound mail server details. Of course they won't be able to receive but if you time it right they may not even get an error message? Depends on what their schedules are.
  If it was me I would choose IMAP every time. As the mail admin you have full control and a central location for easy backup. KMS has a built in archiving feature that makes this a simple process. This is an easier option than going round individual client machines and making sure mail held locally in POP accounts are backed up. Besides there is always someone who falls through the loop and I'm not taking into account drive failures. It makes good sense anyway as there is talk of legislation being introduced to make this a requirement for businesses who run their own mail servers. This is certainly true for certain parts of the US and what usually happens there is generally taken up in the UK and most parts of Europe.
  Kerio's WebMail Client means users don't even have to have their own computer. Just as long as they have access to one that has access to the internet they can send/receive mail. No need for dedicated mail applications such as Apple Mail, Thunderbird, Entourage etc. How mail is uses remains consistent for all users.
  Yes. I did this not so long ago with Leopard's built in Mail Server. I sent an e-mail defining a time when no inbound mail would be received. Disabled port forwarding for SMTP port 25 and approx 30 minutes after that another mail stating no outbound mail should be sent. Once everything was swopped over (we were changing from a G4 10.4 server to a G5 10.5 Server) port 25 was enabled, new server brought online and everyone was mailing again with no appreciable downtime.
  These boxes were to have the same IP address hence the slightly different approach.
  Does this help?
  Tony

• Pipex rejects my mail - Reverse DNS Policy???

  My mail is being rejected by Pipex with a 450 error. Their support people tell me that I have to configure a reverse DNS policy on my mail server, but I do not know how to do this or where to look.
  Does this make any sense and if so what do I have to do?
  Here is the result os postfix -n
  Last login: Tue Feb 19 13:28:18 on console
  Welcome to Darwin!
  mailgate:~ admin$ postconf -n
  alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  html_directory = no
  inet_interfaces = all
  mail_owner = postfix
  mailboxsizelimit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mapsrbldomains =
  messagesizelimit = 20971520
  mydestination = $myhostname,localhost.$mydomain,localhost,cp-lighting.co.uk
  mydomain = cp-lighting.co.uk
  mydomain_fallback = localhost
  myhostname = mailgate.cp-lighting.co.uk
  mynetworks = 127.0.0.1/32,192.168.101.0/24,62.49.106.141
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  ownerrequestspecial = no
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  relayhost =
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdclientrestrictions = permit_mynetworks rejectrblclient zen.spamhaus.org rejectrblclient dnsbl.sorbs.net rejectrblclient list.dsbl.org permit
  smtpdtls_keyfile =
  unknownlocal_recipient_rejectcode = 550
  mailgate:~ admin$

  You need to ask your ISP to do it.

• Servermgr_dns: no reverse DNS entry for server

  Hi all,
  After installing and configuring OS X Server, Tiger, I realized I had given the machine the wrong IP-address. After changing it, I'm getting the following errors every half hour:
  Jun 28 12:54:26 g4 servermgrd: servermgr_dns: no name available via DNS for 10.0.0.3
  Jun 28 12:54:26 g4 servermgrd: servermgr_dns: no reverse DNS entry for server, various services may not function properly
  Can anyone enlighten me, as to wether this is something serious or not. The server is running fine, so it isn't mission critical, but you know, nobody likes error messages
  PowerMac G4, Dual 1.25, 768 MB RAM, Pro ADSL 4096/768   Mac OS X (10.4.6)   Mac OS X Tiger Server

  look at changeip
  <pre>
  ~>man changeip
  changeip(8) BSD System Manager's Manual changeip(8)
  NAME
  changeip -- Change IP adress related configuration.
  SYNOPSIS
  changeip -checkhostname
  changeip [directory-node | -] old-ip new-ip [old-hostname new-hostname]
  DESCRIPTION
  changeip is used to update configuration records when a server's IP
  address changes or check/fix the hostname of the server. It needs to be
  run by root on the machine who's IP address is changing. If the machine
  is hosting a parent directory (NetInfo or LDAP) or is connected to a par-
  ent directory, then the Open Directory path to the node must be used (eg
  /LDAPv3/192.12.0.43). Otherwise use a dash ("-") for the directory node
  argument. The tool may prompt for an admin user name and password for
  the directory node. After the tool has successfully completed, change
  the network settings in the Network Control Panel and reboot the server.
  </pre>
  you need to run this when you change your servers ip
  hope this helps.

• How to stop OS X from retrieving reverse DNS name ?!

  Hello guys,
  I have a small problem that's very annoying. I manage a couple dozen Macs at work via ARD. All Macs are up to date and so is ARD.
  Recently i started to notice something bizzare in ARD, meaning that from time to time a couple of Macs that were passed over from an ex employee to another current employee, behaved erradic in ARD. Sometimes they appear offline, sometimes they dissaper entirely (also in Scanner), BUT most of the times they appear with incorrect DNS name (ex DNS name from the ex employee or even duplicates DNS names)
  I attached a pic in which you can clearly see what i'm all about.
  I tried different situations and config mods, and i almost nailed it when i changed the DHCP DNS settings from the router. Currently the router LAN DNS settings points to the local server (ie: 10.0.1.2) which has DNS enabled and then to the public DNS. If i switch the entires, then the DNS names appear correctly in ARD, but if i do that i also loose the iChat service which is dependent of that entry.
  SO i think the best way is to figure out a way to stop OS X from retrieveing reverse DNS names. Is this possible?

  I've have this issue too.  This thread may be helpful:
  https://discussions.apple.com/thread/4190442
  Most of our computers have static IP addresses assigned, so it is just some laptops that receive DHCP that seem to get confused in ARD sometimes.  As in your case, the computers themselves never have an issue - it is just ARD that gets mixed messages.  It also never seems to affect ARD, it just displays incorrectly. While I'm not entirely convinced this is fixable, I took the advice of the thread above and when it gets really bad, I simply go to "All Computers" and delete everything out.  Then I quit and reopen ARD and then from the Scanner, I re-add the computers and re-organize them.  We only have about 30 computers, so it goes quick when they are all turned on.  They seem to stay pretty organized for a while... and then the cycle begins again.

• Exchange 2010 and reverse DNS

  Hi
  I have two exchange 2010 servers:  x.x.x.72 and x.x.x.73
  I have a reverse DNS ptr record for both of these machines pointing back to mail.mydomain.com
  My users are getting an error message when they try to send mail to a craigslist.com address.
  The error I see in the log is:
  mail.mydomain.com [x.x.x.73] Please setup matching DNS and rDNS records: http://www.craigslist.org/about/help/rdns_failure
  I have an A record [mail.mydomain.com] pointing back to .72
  BUT I don't have an A record pointing back to .73.
  So, I'm wondering is that what I need to do, create another A record and point .73 back to mail.mydomain.com
  I was concerned having two A records pointing back to the same  mail.mydomain.com. I wasn't sure if that would cause any problems.
  Or should I create a send connector on .72 and only allow mail to be sent out for craigslist.com?
  As you can see, I'm unclear on the best way to solve this.
  Any advice is welcome.
  Thanks!
  Mike

  Hi ,
  If you wanted to use the x.x.x.73 ip address to send emails to internet then you need to have the proper A record and PTR records .
  Please have a look in to the below mentioned points .Based upon the provided description i thought you are having like below.
  Host A record :
  mail.mydomain.com 192.168.1.72 
  PTR record :
  192.168.1.72 mail.mydomain.com
  Then on the send connector configuration you need have the smarthost as 192.168.1.72 to send emails to internet otherwise your emails get failed if the remote host has done reverse dns check.check. Because on your side i thought you don't have the proper
  A records and PTR records for x.x.x.73
  In case if you would like to have two A records .Please have the settings like below :-
  Host A record :
  mail.mydomain.com 192.168.1.72 
  mail1.mydomain.com 192.168.1.73 
  PTR record :
  192.168.1.72 mail.mydomain.com 
  192.168.1.73 mail1.mydomain.com 
  On the above configuration you can make use of the both the ip's on the smarthost in the send connector to send emails to internet.
  Note : You can make use of MXTOOLBOX to check the A and ptr records for your domain.
  Please reply me if anything is unclear.
  Thanks & Regards S.Nithyanandham

• Exchange 2013 Reverse dns setup

  I recently migrated from SBS to Standard Windows servers with exchange 2013 and I'm having a heck of a time fighting spam. Mailflow is working fine, and we setup spam fighter exchange module which is catching most of the spam. However, it is missing some
  that are spoofing our domain name with addresses that do and don't exist. I've read that the best way to stop this is to setup spf filtering and to do this you should setup reverse dns ptr records so you don't get blacklisted. The directions are rather confusing.
  They say to setup a ptr record with your mail server's ip address. Here are my questions...
  Do I have to set this up on both my dns and my service providers dns?
  I currently have a A record and a ptr record pointing to the internal ip address on my internal dns server with the actual server name, but no records pointing to remote.domain.com.
  Do I need to create additional A and PTR records using the External IP and remote.domain.com?
  Right now my mx record points to mail.domain.com, but all of our connectors use remote.domain.com. Should the mx be changed to remote.domain.com?
  Thanks for any help.

  I've read that the best way to stop this is to setup spf filtering and to do this you should setup
  reverse dns ptr records so you don't get blacklisted
  Some antispam products to a reverse lookup on your IP address to make sure it matches the entry in the forward lookup zone. It does this to check that your server
  is not spoofing the server name.
  This won't necessarily prevent getting blacklisted (especially if you are sending spam), but it is definitely recommended for your mail architecture.
  Do I have to set this up on both my dns and my service providers dns?
  You will need to set this up on your Service Provider's DNS, as they will
  technically own the IP address, and lease it to you.
  Best practice is to have reverse lookup zones for your internal subnets in your internal DNS as well.
  But this is not so much a spam related thing, as just a good idea.
  Right now my mx record points to mail.domain.com, but all of our connectors use remote.domain.com.
  Should the mx be changed to remote.domain.com?
  This depends what these are used for. As you have come from an SBS environment, I'm guessing that both
  of these names resolve to the same public IP address. If this is the case, you can leave the MX records as they are. If this is not the case, let me know and we'll discuss it later.
  Let's say that you have a server called
  mbx.contoso.com internally with an IP of
  192.168.0.1. Externally, this server is known as mail.contoso.com
  and has an IP address of 123.123.123.123.
  In this case, you would do two things:
  On your internal DNS server(s), create a reverse lookup zone for
  192.168.0.0 and create a PTR record for
  mbx.contoso.com with the IP of 192.168.0.1. This may already be done from when you set up Active Directory initially
  Contact your ISP, and ask them to setup a
  PTR record for mail.contoso.com for the IP
  123.123.123.123

• Reverse DNS not working

  Noticed today that reverse DNS is no longer working for our (10) VMs. It was yesterday and had been for several weeks.
  I removed and re-added one of them. Waited for over an hour and still not resolving.
  PS C:\Windows\system32> Get-AzureService "emvpodeast2"
  ServiceName             : EMVPodEast2
  Url                     : https://management.core.windows.net/xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/services/hostedservices/EMVPodEast2
  Label                   : EMVPodEast2
  Description             : emvpodeast2 with Reverse DNS
  Location                : East US
  AffinityGroup           :
  Status                  : Created
  ExtendedProperties      : {[ResourceGroup, EMVPodEast2], [ResourceLocation, East US]}
  DateModified            : 12/23/2014 10:32:34 AM
  DateCreated             : 9/2/2014 7:44:55 PM
  ReverseDnsFqdn          : fathersonholyghosttown.com.
  WebWorkerRoleSizes      : {}
  VirtualMachineRoleSizes : {}
  OperationDescription    : Get-AzureService
  OperationId             : xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
  OperationStatus         : Succeeded
  PTR Check:
  http://mxtoolbox.com/SuperTool.aspx?action=ptr%3a191.238.18.70&run=toolpage

  I'm having the exact same issue here.
  There were no IP changes. Reverse DNS was working until it wasn't anymore. We noticed it on the 22nd December when about 400 e-mails were refused from our newsletter because there was no reverse DNS.
  Tried reconfiguring like SIRob45 but to no avail.
  PS C:\> Get-AzureService "assistimo"
  ServiceName             : assistimo
  Url                     :
  https://management.core.windows.net/cac66cff-7d19-41a7-a012-e2197e145d36/services/hostedservi
                            ces/assistimo
  Label                   : assistimo
  Description             : S4 reverse DNS
  Location                : North Europe
  AffinityGroup           :
  Status                  : Created
  ExtendedProperties      : {[ResourceGroup, assistimo], [ResourceLocation, North Europe]}
  DateModified            : 24/12/2014 17:33:26
  DateCreated             : 14/11/2014 13:50:26
  ReverseDnsFqdn          : s4.assistimo.pt.
  WebWorkerRoleSizes      : {}
  VirtualMachineRoleSizes : {}
  OperationDescription    : Get-AzureService
  OperationId             : 670e5f9b-206d-5b41-a3c7-f5acf5f89fcd
  OperationStatus         : Succeeded
  Results from
  http://mxtoolbox.com/SuperTool.aspx?action=ptr%3a191.235.218.152&run=toolpage:
  ptr:191.235.218.152
  No ptr Records exist
  History results:
  Type
  IP Address
  Domain Name
  TTL
  PTR
  191.235.218.152
  assistimo.cloudapp.net
  1 min
  smtp diag
  blacklist
  port scan
  subnet tool
  Reported by PRD2.AZUREDNS-CLOUD.NET on 12/1/2014 at 11:15:54 AM (UTC -6),
  just for you.  (History)  Transcript
  Session Transcript:
  MXTB-PWS3v2 468ms
    0  f.in-addr-servers.arpa  193.0.9.1  NON-AUTH  109 ms  Received 8 Referrals , rcode=NO_ERROR    NS tinnie.arin.net,NS ns-lacnic.nic.mx,NS ns3.afrinic.net,NS ns.lacnic.net,NS
  sec1.authdns.ripe.net,NS sec3.apnic.net,NS a.arpa.dns.br,NS ns2.lacnic.net,  
    1  tinnie.arin.net  199.212.0.53  NON-AUTH  31 ms  Received 5 Referrals , rcode=NO_ERROR    NS PRD1.AZUREDNS-CLOUD.NET,NS PRD5.AZUREDNS-CLOUD.NET,NS PRD3.AZUREDNS-CLOUD.NET,NS
  PRD4.AZUREDNS-CLOUD.NET,NS PRD2.AZUREDNS-CLOUD.NET,  
    2  PRD2.AZUREDNS-CLOUD.NET  65.55.117.43  AUTH  46 ms  Received 1 Answers , rcode=NO_ERROR    PTR assistimo.cloudapp.net,  
  We have no support contract and cannot submit a support request as suggested.
  Thank you in advance.
  Carlos R. Calado

• Setting up reverse DNS

  I've run my own DNS for some years under OS X Server, but in the past couple of months have had a real problem with mail from my domain to AOL and other domains bouncing since my reverse DNS was handled by AT&T, which returned one of those "consumer"-type adsl-whatever zone names instead of my zone name, neko.com. AT&T has now delegated reverse zone lookups to my server.
  My IP block extends from 71.158.134.193 through 71.158.134.222. Neko.com is 71.158.134.213.
  I've used Server Admin to set up the reverse zone file, which it created and named "134.158.71.in-addr.arpa." Reverse lookups, i.e. "dig -x 71.158.134.213" don't work; AT&T insists the reverse zone file should be called "192.134.158.71.in-addr.arpa".
  Of course renaming the file doesn't work since that's not the file name in named.conf. But I don't see any way to specify an IP range or net mask in Server Admin; it's as though it can't handle anything less than a full class C domain.
  Any hints?
  G5 Quad   Mac OS X (10.4.7)  

  The reverse zone file should be called:
  /private/var/named/hosts/masters/134.158.71.in-addr.arpa-hosts
  and inside that file you should have something like this:
  @ 1D IN SOA dns.neko.com. hostmaster.neko.com. 2007071905 8H 2H 1W 2H
  @ IN NS dns.neko.com.
  @ IN NS ns1.neko.com.
  213 IN PTR neko.com.
  Explanation: "dns.neko.com" would be your primary dns server.
  "ns1.neko.com" would be your secondary dns server.
  "hostmaster.neko.com" would be your hostmaster email address ([email protected]).
  NOTE: all domains end in period (ie, there is a '.' after every 'com') - that is not a typo!
  NOTE: use a period for the 'at' sign in you hostmaster email address - do NOT use @ there - that is also not a typo!
  some good resources:
  http://www.menandmice.com/knowledgehub/dnsqa/49
  http://www.menandmice.com/knowledgehub/dnsqa/56
  The AT&T people are confused. You have to cut them some slack though, they're too busy playing with their new iPhones to know what they're talking about.