0
For my exchange i need to create PTR record for many domains and assign it to single IP.
like :
mail.x.com assign to 51.51.51.51
mail.y.com assign to 51.51.51.51
mail.z.com assign to 51.51.51.51
I request that to ISP but i ask and need confirm there is any technical limitations and risks regarding assigning multiple domain names for single IP.
test0test
Posted 2017-03-02T08:09:05.327
Reputation: 3
0
@davidgo explained you everything technically correctly, but I afraid you didn't get the point.
Let start with this one:
I request that to ISP but i ask and need confirm there is any technical limitations and risks regarding assigning multiple domain names for single IP.
Technical limitation - No.
Risk - Yes.
Assume a situation, - you driving a car and policeman stop you and ask you for your driver license. What would you expect if you give to policeman 3 driver's licenses with your photo on each of them, but each of them has different last names ?
In your situation, when you have a single IP address and multiple domains that need to be served from the same IP, you need to setup a single SMTP server, assume it would be: mx.main.com
In DNS you should set forward and reverse PTR record for mx.main.com only, then other domains will simply use it as trusted sender. All you need to do, it is set their MX record to point to mx.main.com as
abc.com MX: mx.main.com
zxc.com MX: mx.main.com
...
yyy.com MX: mx.main.com
Alex
Posted 2017-03-02T08:09:05.327
Reputation: 5 606
thank you but can you explain that more
In DNS you should set forward and reverse PTR record for mx.main.com only, then other domains will simply use it as trusted sender. All you need to do, it is set their MX record to point to mx.main.com as
abc.com MX: mx.main.com zxc.com MX: mx.main.com ... yyy.com MX: mx.main.com
where i can do it ???? and i already add forward and reverse for 1 mail only like (51.51.51.51 <>mail.x.com ) and add mx record in domain c panal with this ip 51.51.51.51 – test0test – 2017-03-02T13:35:46.747
@user3904968 You should set in public DNS (where you bought domains) MX records for those other domains that would use your SMTP server(that one that has PTR). Don't set any mail.x.com, mail.z.com, assign MX record to TLD(top level domain) - x.com, z.com. – Alex – 2017-03-02T13:42:15.543
in domain c panal public DNS i entered mx record x.com assign to 51.51.51.51 and only 1 PTR in isp mail.x.com assign to 51.51.51.51 that enough !!!! to avoid block and right configuration ???? – test0test – 2017-03-02T15:31:27.013
If you set it up correctly then it might be enough. Test now your mail server against antispam blacklists. Enter IP of your Exchange server to https://mxtoolbox.com/blacklists.aspx and it will check your server
– Alex – 2017-03-02T20:30:35.013my problem with https://ers.trendmicro.com/reputations still my ip appear as Reputation: Bad Listed in: DUL but configuration that i create is right and ISP create right configuration if he did PTR for mail.x.com only
– test0test – 2017-03-02T21:55:01.163@user3904968 Use link I gave you above, it will check your IP against all major antispam databases. You will get info who exactly and why put your IP on blacklist, then contact that particular blacklist and submit query for clearance – Alex – 2017-03-02T22:28:52.070
thank you ISP new inform me they entered PTR to my email like mail.x.com how can i check they entered it right – test0test – 2017-03-05T12:21:02.517
@user3904968 dig mail.x.com a will return IP. Use this IP in dig -x IP. if result of last command would be mail.x.com then forward and revers PTR records set correctly – Alex – 2017-03-05T12:26:43.363
where i use dig mail.x.com a ???? in cmd ??? sry i ask alot – test0test – 2017-03-05T12:48:45.267
@user3904968 Ohh I forgot you are on Windows, on windows you can use nslookup mail.x.com and when you got IP use it as nslookup ip.ip.ip.ip. If you feel we resolved your question, check mark right answer that helped you as accepted answer then – Alex – 2017-03-05T13:07:48.470
0
Your question is wrong. A PTR record is typiclly used to convert an IP address back to a domain name. It is important that servers have a PTR record, but a PTR record can only point to a single (sub)domain.
You are more likely interested in MX, A and/or CNAME records, each of which could be relevant to setting up DNS for email - with MX being the only required one.
There is no problem pointing as many domains to an IP address using A records (or indirectly using CNAME or MX records - which are not IP addresses).
In reality, to get mail flowing to 51.51.51.51 you need the following -
An "A" record for mail.X.com pointing to 51.51.51.51. (You can optionally have an "A" record for each mail.(any).com record, but it is not required)
An "MX" record for each X.com which points to either mail.X.com or mail.(any).com
The risks of assigning multiple domains to a single IP for mail are minimal, but you do need to be aware of the reputation of the mail server, and if a lot of domains are able to relay email through that server, if one of them starts sending spam, the server could get blacklisted resulting in difficulty sending for all other users of the mail server.
davidgo
Posted 2017-03-02T08:09:05.327
Reputation: 49 152
the error begin when trend micro block our ip and while send email to him they reply "51.51.51.51 is listed on the Trend Micro Dynamic User List (DUL) because it appears to be an IP address not clearly labeled as static.
This email is designed to help you solve the problem. If you are an ISP, you can
ex: mail.mail-abuse.com (O) 99-47-70-150.dynamic-IP.mail-abuse.com (X)
" i ask ISP to create rDNS .. ASK IF limitations and risks – test0test – 2017-03-02T10:30:38.930
1
@user3904968 Even if you set PTR, but it isn't static IP it will be catched by PBL list. You need real static IP or ask ISP to remove your IP from PBL
– Alex – 2017-03-02T10:39:27.453yes it will assign to public ip not (51.51.51.51) i can't write my public ip :) i ask why ISP send to me ((confirmation that you aware about technical limitations and risks regarding assigning multiple domain names for single IP.)) what the limitations and risks of it ??? – test0test – 2017-03-02T11:04:19.297
@user3904968 You having a home and your home has an address. You cant point to multiple homes by the same address and address should point to particular home. PTR is canonical name associated with particular IP. FQDN<->IP. PTR it is official, legal association if you want. Read more about it in RFC1035
– Alex – 2017-03-02T12:23:32.713ok but we will do if we have multi domain in same exchange server ???? – test0test – 2017-03-02T13:03:37.960
@user3904968 Check my answer – Alex – 2017-03-02T13:09:14.833
The problem you have has nothing to do with DNS. The issue is that the particular IP you are using is part of a block of IPs Trend thinks should not be used to send email. You either need to get the IP removed from all common blacklists thay have it or get your ISP to assign an IP from a different range. – davidgo – 2017-03-02T17:54:20.877
http://serverfault.com/questions/669445/mx-server-multiple-domains-on-one-ip – Lenniey – 2017-03-02T08:16:09.710
@Lenniey He said exchange, as far as I was aware this post you linked is for linux configuration file used in BIND. And I don't this this answers the question – asmith – 2017-03-02T08:22:04.417
@user3904968, as far as I was aware as long as the system/software being used can handle multiple domains, you can attach as many domains to a single IP address as you want, I don't see any risks or limitations except those that would be imposed by the system/software being used, like maybe it is license for so many domains – asmith – 2017-03-02T08:24:18.657
@asmith that's why it's a comment, not an answer. It doesn't matter if you use Exchange, postfix, or whatever, this is a DNS setting. Just wanted to point in the right direction. On Exchange you just have to set up the different domains (if you even use diffent domains) – Lenniey – 2017-03-02T08:26:50.060
I worked for an ISP and we had god know how many domains bound to single IP addresses on the server. Although we did use BIND on CentOS as our DNS servers and we used Atmail (exim mail engine) and it handled them all. Everytime we got a new customer they would get setup with the default systems public IP unless they requested to have the own Public IP or they could use an IP that had very few domains on it. – asmith – 2017-03-02T08:29:40.550
@Lenniey Oh, I don't know exchange very well, or how windows sets up dns server configuration, so I didn't know if that was useful. – asmith – 2017-03-02T08:31:08.740
@asmith I meant: the setting OP is asking for is a DNS setting, it doesn't have anything to do with Exchange itself. Of course, if he wants to set up Exchange for different domains, he needs to configure it, but from a DNS point of view - as you said - this is a pretty common configuration :) – Lenniey – 2017-03-02T08:36:04.083
1It should also be noted that if they system allows for it, you can have as many IP addresses attached to an interface as you want. – asmith – 2017-03-02T08:39:59.133
i ask ISP to create PTR record for my multi domain because some time they assume domain as spam .. so ISP ask me confirmation that you aware about technical limitations and risks regarding assigning multiple domain names for single IP. what wrong on it ???? – test0test – 2017-03-02T09:08:41.993
You can point as many domains to a single IP as you want, but not vise versa, PTR should be resolved to a single FQDN only – Alex – 2017-03-02T10:32:36.310