Question : How to set up rDNS for SBS 2003?

Our ISP shut down their SMTP server (smtp.tds.net) that I was using as a smart host on our SBS 2003. They are moving everything out through google now and that's not supported using SBS 2003 because of the SSL requirements (and I've tried every suggestion I could!).

But luckily we have a static IP from our ISP so if rDNS is set up correctly there shouldn't be a problem sending e-mail after simply removing the entry in our smart host field on the server.

So here's the issue/questions...

Our static IP on our SBS server (smtp server) is 134.215.237.102. Our web host is Network Solutions and our MX record is inbound.powercontrolsys.com.netsolmail.net. Our SBS 2003 POP3 connector grabs mail from mail.powercontrolsys.com because Network Solutions uses CNAME record.

I've set up an rDNS entry with our ISP for 134.215.237.102 to point to powercontrolsys.com and that's how it sits right now. But Yahoo is still putting e-mails in spam folder. Gmail and AOL are both receiving ok.

I assume there will be some mail servers rejecting mail because powercontrolsys.com doesn't point back to 134.215.237.102.

My ISP rep suggests that I remove the CNAME record for mail.powercontrolsys.com, change our POP3 connector to inbound.powercontrolsys.com.netsolmail.net, then change our rDNS record for 134.215.237.102 to mail.powercontrolsys.com

First off, would this work? And what else could this effect? I really hate to delete any records with Network Solutions!

What I would like to do, if possible, is use a new fqdn such as mail2.powercontrolsys.com, make A record for it to point to 134.215.237.102, then have ISP point 134.215.237.102 to mail2.powercontrolsys.com. Would this work? The reason I ask is because I see conflicting information regarding this and some saying that rDNS must match your MX record. I could have this configured but then if a mail server does a reverse lookup on the MX record it wouldn't point to the smtp server. How are people getting around this problem?

I would appreciate any assistance with this!

Answer : How to set up rDNS for SBS 2003?

rDNS needs to point to the hostname of your outbound mailserver not just the domain.  

MX records are strictly used to figure what IP address to deliver email for your domain.  

rDNS records are strictly used to verify a host connecting to you isn't lying about it's full hostname.  If you changed you rDNS for 134.215.237.102 to be mail.powercontrolsys.com, your ISP is probably right, your problems would probably go away (unless you are being blocked for another reason).  Did you receive a bounce message from Yahoo describing why your email was rejected?  If you didn't, then the info is in the error message your mailserver received when it was rejected from even attempting to deliver the email.

Since you mail flows asymmetrically you should have some other verification of where your outbound email is coming from (every little bit helps as sysadmins like myself implement trickier and trickier ways of extinguishing spam).  Since you are already in DNS you should set up SPF(Sender Policy Framework, RFC 4408) records which define your (outbound)SMTP mail hosts.  It just some TXT dns entries formatted a specific way, there are free wizards on the web that will generate the text that you need to drop into the TXT DNS record making it easy.  Note: standards include a new type of DNS record (SPF, type 99) dedicated to this task, but it will be awhile before the TXT record version will no longer be accepted.  For now, both types of records work.

Being able to deliver email these days is about complying with standards (RFCs), credibility, reputation, and trust.  Most commercial or enterprise mailservers these days use a weighted scoring system to determine whether to accept email from you.  Everything you do to support these things can help you avoid rejection.  If you feel inspired, look in DKIM (DomainKeys Identified Mail, RFC 4871)

Best Regards.

PS Wikipedia can give you a good explanation of just about anything