I have a client whose ISP recently switched their circuit and static IP to an IP that was already blacklisted for SPAM (nice).
The client is running Windows SBS 2003 with Exchange 2003 and DNS for the mail system is managed by GoDaddy.com.
When I ran the smtp test at http://mxtoolbox.com (MXTB) I was receiving a warning 'Reverse DNS does not match SMTP Banner' after the IP switch and updating the hosted DNS records (A, MX, etc…) at GoDaddy. I was able to squash that warning by setting the FQDN and Masquerade domain on advanced delivery options for the SMTP service in Exchange to the value returned on reverse DNS at MXTB (i.e., pool-##-###-###-##.fairpoint.east.myfairpoint.net – guess who gave us a dirty IP). I also added an SPF record for all A records on the GoDaddy account. It's been about 12 hours since these changes were made but my client's domain is still showing on a couple blacklists, spamrats in particular and when I use their delist form it still complains about a failed reverse DNS lookup.
Here are the lookups I get in terminal (obfuscated):
nslookup 66.###.###.53
Non-authoritative answer:
53.###.###.66.in.addr.arpa name = pool-66-###-###-53.man.east.myfairpoint.net
nslookup clientdomain.com
Non-authoritative answer:
Name: clientdomain.com
Address: 66.###.###.53
Not being an Exchange expert I could use some direction and/or a sanity check:
1 – should FQDN and masquerade in Exchange be set to the long form name noted (pool-##-###-###-##.fairpoint.east.myfairpoint.net) or just mail.clientdomain.com?
2 – is this likely a propagation problem and I just need to be more patient?
3 – shouldn't the ISP be able to resolve the reverse lookup correctly for us since they own the IP?
Right now client users are being bounced by some (not all) mail servers on send related to being listed.
Many thanks.
Best Answer
A couple of things I would recommend. In my opinion this may be the easiest way to set things up without getting in to a lot of unneccessary details. For more info than I'm providing, follow the link that SmallClanger posted in his answer.
You don't need to set the masquerade domain but you should set the FQDN on the SMTP virtual server in Exchange.
Set the FQDN in Exchange to match the name you're going to set in your MX record. This is probably going to be something akin to mail.clientdomain.com.
Set your SPF record to "v=spf1 mx -all".
Ask the ISP to create or modify the PTR record to match the FQDN that you set on Exchange.
This is a very simple answer that does not consider any additional variables or a more complex set up or requirements.