PTR Sanity Check and Failover
All - Is it RFC Compliant or looked down upon by Anti-SPAM vendors to assign different IP's to the same host name for PTR records? I'm working on documenting soft failover scenarios when the primary ISP link goes down temporarily and all traffic is routed through a backup ISP link. A separate thought, should the above not be recommended, is to possibly create two CAS servers that are NAT'd to different Public IP's but connected to the same MBX server. I'm curious to see how other folks prepare for this type of scenario. I haven't considered a DAG yet because of the amount of resources in involved. Cheers, Harry. --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
RE: PTR Sanity Check and Failover
PTR should be 1:1 mapping to a host name. Anything else isn’t going to provide reliable results. If you want to use multiple connections, then one option would be to route email out through an ISP neutral service, so it doesn’t matter how it gets there. This is what I do for myself and a few of my clients. Email is routed out through a server that lives in a data centre (which also hosts web sites, monitoring etc). You could also use a third party anti-spam service, one of the mail hop services etc. A DAG has nothing to do with this scenario because it is just protecting the data. You could do something with two servers only, as the DAG can live on the same server as the CAS and Hub Transport roles. While on the subject of a DAG, if you are even considering the option of putting in a DAG at any point in the future, configure a CAS array host name and configuration in the server. This will make the implementation of the DAG much more straight forward. CAS array implementation is much easier if done early than trying to retro fit it when the server has been in production a little while with many users connected. Simon. -- Simon Butler MVP: Exchange, MCSE Sembee Ltd. e: si...@sembee.co.uk w: http://www.sembee.co.uk/ w: http://exchange.sembee.info/ w: http://blog.sembee.co.uk/ Need cheap certificates for Exchange, compatible with the iPhone? http://CertificatesForExchange.com/http://certificatesforexchange.com/ for certificates from just $26.99. Need a domain for your certificate? http://DomainsForExchange.net/http://domainsforexchange.net/ Exchange Resources: http://exbpa.com/ From: Harry Singh [mailto:hbo...@gmail.com] Sent: 12 August 2011 12:52 To: MS-Exchange Admin Issues Subject: PTR Sanity Check and Failover All - Is it RFC Compliant or looked down upon by Anti-SPAM vendors to assign different IP's to the same host name for PTR records? I'm working on documenting soft failover scenarios when the primary ISP link goes down temporarily and all traffic is routed through a backup ISP link. A separate thought, should the above not be recommended, is to possibly create two CAS servers that are NAT'd to different Public IP's but connected to the same MBX server. I'm curious to see how other folks prepare for this type of scenario. I haven't considered a DAG yet because of the amount of resources in involved. Cheers, Harry. --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
Re: PTR Sanity Check and Failover
Thanks for the information Simon. We currently use Postini for inbound mail and will look into routing out via Postini, if there isn't an additional cost. Since I haven't routed out to a service like this, would be like setting up an authenticated smarthost to this service for outbound mail ? The information on the DAG could prove very helpful since we plan to move in that direction within 6 months. Harry On Fri, Aug 12, 2011 at 8:13 AM, Simon Butler si...@sembee.co.uk wrote: PTR should be 1:1 mapping to a host name. Anything else isn’t going to provide reliable results. If you want to use multiple connections, then one option would be to route email out through an ISP neutral service, so it doesn’t matter how it gets there. This is what I do for myself and a few of my clients. Email is routed out through a server that lives in a data centre (which also hosts web sites, monitoring etc). You could also use a third party anti-spam service, one of the mail hop services etc. ** ** A DAG has nothing to do with this scenario because it is just protecting the data. You could do something with two servers only, as the DAG can live on the same server as the CAS and Hub Transport roles. While on the subject of a DAG, if you are even considering the option of putting in a DAG at any point in the future, configure a CAS array host name and configuration in the server. This will make the implementation of the DAG much more straight forward. CAS array implementation is much easier if done early than trying to retro fit it when the server has been in production a little while with many users connected. ** ** Simon. ** ** ** ** -- Simon Butler MVP: Exchange, MCSE Sembee Ltd. e: si...@sembee.co.uk w: http://www.sembee.co.uk/ w: http://exchange.sembee.info/ w: http://blog.sembee.co.uk/ Need cheap certificates for Exchange, compatible with the iPhone? http://CertificatesForExchange.com/ http://certificatesforexchange.com/for certificates from just $26.99. Need a domain for your certificate? http://DomainsForExchange.net/http://domainsforexchange.net/ ** ** Exchange Resources: http://exbpa.com/ ** ** ** ** ** ** *From:* Harry Singh [mailto:hbo...@gmail.com] *Sent:* 12 August 2011 12:52 *To:* MS-Exchange Admin Issues *Subject:* PTR Sanity Check and Failover ** ** All - Is it RFC Compliant or looked down upon by Anti-SPAM vendors to assign different IP's to the same host name for PTR records? I'm working on documenting soft failover scenarios when the primary ISP link goes down temporarily and all traffic is routed through a backup ISP link. A separate thought, should the above not be recommended, is to possibly create two CAS servers that are NAT'd to different Public IP's but connected to the same MBX server. I'm curious to see how other folks prepare for this type of scenario. I haven't considered a DAG yet because of the amount of resources in involved. Cheers, Harry. --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
RE: PTR Sanity Check and Failover
If you are a Postini user then it is a simple decision. Route email out through them. Setup the Send Connector to use a smart host and then enter the details that they want (I can’t remember whether it is done by authentication, IP address or both). Most anti-spam providers prefer that solution as it allows them to “learn” about your email. Simon. From: Harry Singh [mailto:hbo...@gmail.com] Sent: 12 August 2011 13:21 To: MS-Exchange Admin Issues Subject: Re: PTR Sanity Check and Failover Thanks for the information Simon. We currently use Postini for inbound mail and will look into routing out via Postini, if there isn't an additional cost. Since I haven't routed out to a service like this, would be like setting up an authenticated smarthost to this service for outbound mail ? The information on the DAG could prove very helpful since we plan to move in that direction within 6 months. Harry On Fri, Aug 12, 2011 at 8:13 AM, Simon Butler si...@sembee.co.ukmailto:si...@sembee.co.uk wrote: PTR should be 1:1 mapping to a host name. Anything else isn’t going to provide reliable results. If you want to use multiple connections, then one option would be to route email out through an ISP neutral service, so it doesn’t matter how it gets there. This is what I do for myself and a few of my clients. Email is routed out through a server that lives in a data centre (which also hosts web sites, monitoring etc). You could also use a third party anti-spam service, one of the mail hop services etc. A DAG has nothing to do with this scenario because it is just protecting the data. You could do something with two servers only, as the DAG can live on the same server as the CAS and Hub Transport roles. While on the subject of a DAG, if you are even considering the option of putting in a DAG at any point in the future, configure a CAS array host name and configuration in the server. This will make the implementation of the DAG much more straight forward. CAS array implementation is much easier if done early than trying to retro fit it when the server has been in production a little while with many users connected. Simon. -- Simon Butler MVP: Exchange, MCSE Sembee Ltd. e: si...@sembee.co.ukmailto:si...@sembee.co.uk w: http://www.sembee.co.uk/ w: http://exchange.sembee.info/ w: http://blog.sembee.co.uk/ Need cheap certificates for Exchange, compatible with the iPhone? http://CertificatesForExchange.com/http://certificatesforexchange.com/ for certificates from just $26.99. Need a domain for your certificate? http://DomainsForExchange.net/http://domainsforexchange.net/ Exchange Resources: http://exbpa.com/ From: Harry Singh [mailto:hbo...@gmail.commailto:hbo...@gmail.com] Sent: 12 August 2011 12:52 To: MS-Exchange Admin Issues Subject: PTR Sanity Check and Failover All - Is it RFC Compliant or looked down upon by Anti-SPAM vendors to assign different IP's to the same host name for PTR records? I'm working on documenting soft failover scenarios when the primary ISP link goes down temporarily and all traffic is routed through a backup ISP link. A separate thought, should the above not be recommended, is to possibly create two CAS servers that are NAT'd to different Public IP's but connected to the same MBX server. I'm curious to see how other folks prepare for this type of scenario. I haven't considered a DAG yet because of the amount of resources in involved. Cheers, Harry. --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe exchangelist
