We have an on-premise Exchange 2013 environment. Network Solutions has our A record (points to our static IP with host name=mail.domainname.com) & MX record (we have one - mail.domainname.com). We are receiving a lot of spam and are getting ready to implement  3rd-party software called ESET Mail Security for Exchange. We do not have an SPF record with Network Solutions or Reverse DNS setup as we thought these were to prevent us from sending spam and not receiving it?  However, it appears to be best practice to set these up. If that is the case can someone clearly explain how to do so- we have researched but confused by best method.

We want to ensure that we have properly configured Exchange to receive less spam so the 3rd party software has less to do.

Thank you!

PTR record is essential because lots of organization do reverse lookup. If you don't have it, you stand a very high chance that email from your domain is rejected by some external party.

SPF is best practice but not compulsary. You can ignore it for time being since you're focusing on inbound email flow.

SRV is for autodiscover and not related mail delivery.

So is the PTR the same as the "A Record" that points to our static IP with Host= mail.domainname.com  which is setup at our external DNS host - Network Solutions?

Is there anything we should double-check on our server or external DNS host to make sure it is not vulnerable to inbound spam?

Thank you

A record translate hostname to IP address while PTR is working in the reverse way which is why it's call reverse lookup. PTR may or may not be hosted by the same service provider. But they can advise if you approach your service provider.

PTR record is essential because lots of organization do reverse lookup. If you don't have it, you stand a very high chance that email from your domain is rejected by some external party.

SPF is best practice but not compulsary. You can ignore it for time being since you're focusing on inbound email flow.

SRV is for autodiscover and not related mail delivery.

• Proposed as answer by Winnie LiangMicrosoft contingent staff, Moderator 22 hours 25 minutes ago

PTR record is essential because lots of organization do reverse lookup. If you don't have it, you stand a very high chance that email from your domain is rejected by some external party.

SPF is best practice but not compulsary. You can ignore it for time being since you're focusing on inbound email flow.

SRV is for autodiscover and not related mail delivery.

• Proposed as answer by Winnie LiangMicrosoft contingent staff, Moderator Wednesday, July 29, 2015 9:05 AM

Hi,

PTR (pointer) Creates a pointer that maps an IP address to a host name for reverse lookups. Please refer to the following article to create PTR record:

https://technet.microsoft.com/en-us/library/bb727018.aspx

As for Anti-spam protection for Exchange 2013, there are some basic built-in anti-spam protection features as well as other anti-spam protection options such as using a cloud-hosted anti-spam solution and managing quarantined messages. The built-in agents that are available in Exchange 2013 are relatively unchanged from Microsoft Exchange Server 2010. For detailed information about it, please refer to:

https://technet.microsoft.com/en-us/library/jj218660(v=exchg.150).aspx

If you still want to get more anti-spam features and easier management, you can elect to purchase Microsoft Exchange Online Protection (EOP). For a comparison of EOP and Exchange 2013 features, see Benefits of anti-spam features in Exchange Online Protection over Exchange Server 2013.

Regards,

Hi Porbar,

Just to clarify on some points.

"We do not have an SPF record with Network Solutions or Reverse DNS setup as we thought these were to prevent us from sending spam and not receiving it?"

Reverse DNS is the PTR Li Zhen is talking about. SPF record is a record that you put up in your Public DNS, which lists out the servers\IP that you use for sending out email.

SPF, It doesn't prevent you from sending spam, but actually prevent others from impersonating your @domain.com and send spam to other domains.

Reverse DNS is similar, which makes your email look valid, this prevents your emails been dropped by other servers as spam. Again it doesn't prevent you from sending spam, but enables you to appear authentic, trustworthy.

Now coming back to your inbound spam issue:

• What you should check is if SPF checking is enabled, this is different than you having a SPF record. SPF record in your DNS is for others validating your domain. SPF checking is you checking if email@gmail.com is actually coming from @gmail.com servers, you do this by matching the incoming server's IP with the @gmail.com SPF list exposed in Public DNS.
• You can also enable reverse DNS checking, that would mean drop any email@spamnonexistantdomain.com . Unless there is a  Reverse DNS entry for the incoming@domain.com you don't accept the email.
• Configure blacklist checking, this drops any connection request from blacklisted servers.
• Run a SMTP Diag, or Test Email Server on MXtoolbox.com

http://mxtoolbox.com/SuperTool.aspx?action=smtp:domain.com

Thank you for such an informative reply!  It was explained so well.

1. How do we enable reverse DNS checking?

2. How do we configure blacklist checking?

I am assuming this checking is done within Exchange 2013  antispam configuration ?  If so, we do plan to disable the malware filtering in Exchange in order to implement the 3rd party solution. I will do some research but if you get a chance to follow-up I would appreciate it.

I assume also that this will be how the 3rd party ESET Mail Security program we plan to implement will work.

Thanks again!

Hi Porbar,

These things are relvant to your SMTP Gateway Spam filtering settings not within the Mailbox or CAS roles.

Edge Server or any other 3rd party that you are using would allow you to do that. I don't have exact steps how exactly to do that, it would vary from product to product.