Let’s say you completed your Microsoft Exchange 2010 setup. Everything looks great; you sorted out a proper SSL certificate and setup the MX record correctly.
Now the issue is you are getting some bounced emails back? You check the email blacklist and for sure you are clean – as a matter of fact is a brand new setup with a new domain name that is using a brand new Internet setup.
The oddity is the bounce back emails do not happen for all emails just a small portion of them; let’s say only 10% or less. What can be the situation?
Well usually the reasons are stated in the bounced back NDR (Non Delivery Report) email. If you look carefully it may state something about a reverse DNS not being setup correctly. What does this mean? The email address you are sending to probably has a SPAM filter that is making sure you have a matching reverse DNS entry and if you do not it will reject your email.
What is this reverse DNS? Well let’s drill down a bit on an email delivery in general. The recipient SPAM filter system wants to make sure your email is legitimate. It does this by going down a check list. For example if your email is part of a mass email, it may deem it as a spam. If your email is corrupt or doesn’t have all the full email heading information, it may be rejected. Maybe it checks the IP you are coming from and finds it on a blacklist. Lastly one of the checks that some SPAM filters do is a reverse DNS lookup.
Basically the system knows you are coming from yourdomainname.com address, it knows where it is coming from as far as both your domain name address and also the IP. These are basic information that your Exchange server will provide the recipient system for the email handshake to complete. Now this SPAM filter system will make an inquiry on the delivering IP to see if the IP has a reverse DNS setup. How does it do this? Well if you look at this website: http://remote.12dt.com/ you can put in your public IP and see what this SPAM filter system will also see.
If it sees a reverse DNS look up does not match up with the senders domain name address, it will flag it and decide to reject this email.
How do you get your reverse DNS setup correctly? You need to contact the ISP (Internet Service Provider). They are the ones that provided you with the public static IP and now you must work with them to get a reverse DNS setup so when a SPAM filter system check it, it will clearly show yourdomainmame.com instead of some other previous entry.
Once you get this in order SPAM filters will view your IP and domain name address match as a token of good email citizenship and the doors will open for you. Real spammers will never spend any time to actually set something like this up. Only legitimate companies will put out the effort to do this. Also spammers will not have a stationary domain name address, most of their addresses are spoofs or random domain addresses which change constantly; so it makes no sense for them to bother with such details.
This reverse DNS setup is an excellent step to prevent SPAM in general, but it is an extra and often forgotten step for the IT consultant or IT support personnel to get done. In the grand scheme of things you can see why it is worth it though to tighten up the system and to be part of the responsible community of email citizenship.