question

MicMac-6638 avatar image
0 Votes"
MicMac-6638 asked joyceshen-MSFT commented

Reverse DNS for hybrid exchange setup

Hi,

We have an Exchange hybrid setup between O365 and a linux server installed on a VPS. O365 is the front server and all inbound and outbound emails are relayed through it.

Before connecting the two servers, we setup successfully the reverse DNS on the VPS. Now that we have connected the two servers, we don't know how to setup the reverse DNS for O365. We don't pass Mail-tester anymore and get the following error message:

"Your IP address 40.107.xxx.xxx is associated with the domain mail-viXXXXXXXXXXX.outbound.protection.outlook.com.
Nevertheless your message appears to be sent from EUR05-XXXXXX.outbound.protection.outlook.com."

Our DNS are managed by Squarespace and we have added an TXT spf record: "v=spf1 ip4:xxx.xxx.xxx.xxx include:spf.protection.outlook.com -all" with "xxx.xxx.xxx.xxx" the IP of the VPS.

We read a number of answers on this forum, but without founding a solution.

It would be great if someone could help.

office-exchange-hybrid-itpro
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @MicMac-6638

Any progress so far?

0 Votes 0 ·

Thank you for your answer.

If you meant the ISP of the linux server, well it's a VPS, so we don't have a communication channel with their ISP. However, the VPS host enabled us the set up the reverse DNS for the linux server. And we did it when the linux server was used on a standalone basis. All was working fine.

But now we have connected our linux server to O365, my understanding was that the reverse DNS on our linux server was irrelevant, and only the one from the "front-end" server mattered. This error message from above support my understanding:

Your IP address 40.107.xxx.xxx […]

Are you trying to say that despite ALL outbound emails is going through O365, we still have to setup reverse DNS on our linux server? If yes, what should we put?

1) the smarthost address of our server eg. mail.XXX.com (the one we set up in the connectors of the mail flow section of O365 admin panel?
2) something from Microsoft?
3) something else?

0 Votes 0 ·

Hi

What's the test result returned from mxtoolbox? Are you using EOP in your hybrid environment?

For each Public IP from your on-premises that you allow to use the EOP services to send messages to the Internet, you must configure:
Reverse DNS for that IP
Make sure that same IP is defined in the SPF record (it could be explicit or through other options such as A or MX parameters)



0 Votes 0 ·

1 Answer

joyceshen-MSFT avatar image
0 Votes"
joyceshen-MSFT answered

Hi @MicMac-6638

First make sure the A and ptr records configured correctly for your domain, we could use MXTOOLBOX to check that.

Reverse DNS is something set at your ISP level, not on your Exchange server. If you have a static IP from your provider you should be able to contact them (or log into the ISP's portal) to change the reverse DNS.

Here is also an article introduces about Managing SPF and reverse DNS in Exchange Server (Part 3)

And a related thread here for your reference as well: unable to send emails to hotmail/outlook or live email address


If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
 

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.