If DNS is setup incorrectly, over time your mail server IP will be added to blacklists. Nowadays most E-Mail servers have some kind of spam protection service which in turn means that all your inbound mail will be blocked if you do happen to be listed on a spam blacklist.
In this article I will describe how to correctly configure your MX and reverse DNS records for your mail server. This article is based on an Exchange 2003/2007 server but every other messaging server will follow the same principle.
Assigning an IP address
Starting from the bottom up the first thing you need to do is assign a static external IP address to the internal private address of your mail server. You will need to apply these rules on your firewall to port forward SMTP (port 25) and NAT an external IP address to the internal address of the server.
Something that a lot of administrators forget to do or check is to set the outgoing NAT rule to use the same external IP address created for the inbound rule to the mail server. If this isn’t set, Reverse DNS will not match and in turn your mail server will be listed on blacklists. If your firewall rules are setup correctly the IP address listed on this page should be the same IP address you mapped to the internal private IP address of the mail server.
Create the MX records for your mail server
For the purpose of this example, listed below are all the details of my mail server to help you understand what you need to do.
External IP: 22.214.171.124
E-Mail Domain: domain.com
You will need to be an administrative contact for your External DNS provider for your domain to make these changes. In most cases this can be done through an online control panel through your DNS provider. Failing that on the phone or via E-Mail.
1. The first thing we need to do is create an A record to point to the external IP address mapped on your firewall to the mail server. The host A record can be called any thing but is commonly called “mail”. In our example we will create “mail.domain.com” to point to IP address “126.96.36.199”
2. Next we will create an MX record to point to the newly created A record of our mail server.
Within your DNS control panel select “add MX record”. Make sure that the host address is the root domain name in our case “domain.com”
Set the FQDN as the A record we just created which in our case is “mail.domain.com”.
The lowest property is the most preferred but in our example we will set the priority as 10.
Use NSlookup to check DNS and MX records are applied
It can take up to 48 hours for DNS to propagate but in most cases 12-24 hours. To check our DNS entries are applied and correct we can use nslookup.
1. Open a CMD prompt and type nslookup…