Solving Reverse DNS problem for multiple domains

Published April 15th, 2010

If you use virtual mail hosting to host multiple domains on a single mail server (e.g. qmail with vpopmail) and you are having problems with mail being rejected due to rDNS (reverse DNS) failures then here is the solution.

Background: In an effort to fight spam, many mail servers are now performing rDNS checks to see if the sender is who they claim to be. If the remote mail server cannot match the IP address of the sender to the domain they claim to come from then the mail may be rejected as spam.

Here is how the receiving mail server performs the rDNS check on your MTA (Mail Transfer Agent).

In this example the sender's MTA is mail.mymailserver.com

MTA: HELO mail.mymailserver.com (your MTA identifies itself to the receiving mail server)

MAILSERVER: perform DNS lookup mail.mymailserver.com and get IP address 1.2.3.4

MAILSERVER: perform reverse lookup on IP address 1.2.3.4, if I get mail.mymailserver.com then OK, otherwise reject as spam

The mail server performs the reverse lookup by using the PTR record published by the owner of IP address 1.2.3.4

Now if I am hosting multiple domains but I want to use a single MTA to handle all of my email then here is how to set it up correctly for reverse DNS.

Assuming the following setup:

I host websites on the domains apple.com, banana.com, and orange.com whose IP addresses are 1.1.1.1, 2.2.2.2, and 3.3.3.3 respectively.

I run a single mail server that uses virtual hosting to handle mail for all 3 website domains.

This is on domain mymailserver.com with IP address is 4.4.4.4

Here is how to set up the DNS records correctly for rDNS:

ZONE FILE FOR mymailserver.com

Create an "A" record for mail.mymailserver.com on 4.4.4.4

Create a "PTR" record for mail.mymailserver.com on 4.4.4.4 (Your ISP may have to set this up for you)

ZONE FILE FOR apple.com

Create an "A" record for apple.com 1.1.1.1

Create an "A" record for www.apple.com 1.1.1.1 (for the website)

Create an "MX" record pointing at "mail.mymailserver.com" (not it's IP address)

ZONE FILE FOR banana.com

Create an "A" record for banana.com 2.2.2.2

Create an "A" record for www.banana.com 2.2.2.2 (for the website)

Create an "MX" record pointing at "mail.mymailserver.com" (not it's IP address)

ZONE FILE FOR orange.com

Create an "A" record for orange.com 3.3.3.3

Create an "A" record for www.orange.com 3.3.3.3 (for the website)

Create an "MX" record pointing at "mail.mymailserver.com" (not it's IP address)

You can test if your rDNS is correctly set up here http://postmaster.aol.com/tools/rdns.html