Complete

Reverse DNS set for WebRoot alert email servers

  • 25 July 2013
  • 7 replies
  • 1048 views

Userlevel 1
Hey guys,
 
After a couple of support to and fros, I've discovered that our spam filter (TrendMicro Hosted Email Security) is blocking all email alerts from WebRoot, due to a 'dynamic-like' reverse DNS.
 
The IP/rDNS in question is;
ec2-79-125-19-220.eu-west-1.compute.amazonaws.com
 
I can understand where Trend are coming from - it doesn't exactly *look* like a standard rDNS for a mail server.  I know that for most of the mail servers I configure I have to put a proper rDNS in place otherwise certain MTA's will reject mail.
 
I've been told that it's not possible for there to be a proper rDNS put in place, as it's in the Amazon AWS - yet I know other places don't have this issue.
 
Would it be possible to put this on the 'To Do' list?
 
Further reading;
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#Using_Elastic_Addressing_Reverse_DNS
https://forums.aws.amazon.com/message.jspa?messageID=396371 
 
 
Thanks,
 
Ryan

7 replies

Userlevel 5
Hello Ryan, Thank you for reporting this. Have you contacted TrendMicro about this and is there a way to allow our traffic through by adding us to their whitelist? In the meantime, we are reviewing the information you have provided. Thanks Ryan, Shawn
Userlevel 1
Hey Shawn,
 
We can't whitelist the site as it gets rejected before making it that far.  So, I contacted them as an end user, as I have no control over WebRoot's systems, and was told that it would have to be resolved by the ISP or webhost.
 
The AWS forum has quite a few posts from people having similar issues, and adjusting the rDNS to be less 'dynamic' has resolved the issue.
 
Also, it would appear that my link to the AWS forum is broken, has an extra space on the end somehow...  Try this one;
 
https://forums.aws.amazon.com/message.jspa?messageID=396371
 
Thanks,
 
Ryan
 
Userlevel 5
Thank you Ryan, We were able to track down the cause. It turned out to be an issue related to changes in our backup processes resulting in one of our mail servers getting the wrong IP address after a maintenance period. This has been corrected with added logic to detect and prevent this issue in the future. Thank you and please let us know if you see this issue again. -Shawn
Userlevel 7
Thanks for bringing this to attention and pursuing it ryang.
Userlevel 1
Perfect!  I can see that they are coming from a proper rDNS now - thanks heaps for fixing this up!
 
Ryan
Userlevel 7
It's pretty cool they will look into stuff like this and make changes to their infrastructure just based on a forum post.
Userlevel 7
Badge +35
Implemented.

Reply