Warning - Reverse DNS does not match SMTP Banner
What does Warning - Reverse DNS does not match SMTP Banner mean?

The short answer is that the reverse IP address name is not contained in the server HELO or EHLO banner. In the example below, the string “someotherdomain.com” is not found anywhere in the server banner, which is reporting “example.com“. This is only a warning, and in some cases you may have no control over this. However, if you have the ability to make these match, you should. Some mail servers look for this and use it to mark messages you send as questionable. Most mail systems will not reject your messages outright, but this may effect your spam score increasing the likelihood your messages will be marked as spam.

In other words, it is a best-practice you should endeavor to follow. It doesn’t mean you are a bad person or won’t be able to send email.

220 mx.example.com StrongMail SMTP Service at Wed, 09 Sep 2009 17:00:01 -0700

Not an open relay.
0 seconds - Good on Connection time
0.156 seconds - Good on Transaction time
OK - 1.2.3.4 resolves to mail.someotherdomain.com
Warning - Reverse DNS does not match SMTP Banner

If you are not sure where to access your SMTP banner in your mail server, read below for some helpful hints. We do not advise making ANY changes to your mail server if you are not the system administrator or confident in making these changes.

Configure SMTP banner Exchange 2003

1. Open Exchange system manager.
2. Expand your administrative group (”First administrative group” by default).
3. Expand Servers.
4. Expand "YourServersName".
5. Expand Protocals container.
6. Select SMTP container.
7. On the right window, right click the Default SMTP virtual Server (Or the name you set your SMTP Server) and select Properties.
8. Select the Delivery Tab.
9. Click the Advanced button.
10. Under the Fully Qualified Domain Name (FQDN) type mail.yourdomain.com (The A/Host record you created in DNS for your mail server)
11. Click Apply and OK again to accept the changes

Configure SMTP banner Exchange 2007/2010

1. Open the Exchange management console.
2. Select the Organisation Configuration container.
3. Select Hub Transport container.
4. On the right select the Send Connectors tab.
5. Right click your send connector and select properties.
6. On the General tab under the Set the Fully Qualified Domain Name (FQDN) this connector will… type the A record domain name you created. Which in our case is mail.yourdomain.com. Click OK.
7. Under the Server Configuration container click the Hub Transport container.
8. In the Right window Select the properties of the Receive Connector under Receive Connectors tab.
9. On the General tab under the Set the Fully Qualified Domain Name (FQDN) this connector will… type the A record domain name you created. Which in our case is mail.yourdomain.com. Click OK.

Sendmail (instructions from here)

1. Open /etc/mail/sendmail.mc
2. Change the line
define(`confSMTP_LOGIN_MSG', `hexemail.yourdomain.com')
the should match exactly the same as what you see in the mxtoolbox,
220 hexemail.yourdomain.com ESMTP
3. Compile sendmail.mc
m4 sendmail.mc > /etc/mail/sendmail.cf
4. Restart Sendmail

To verify these changes we would recommend using our SMTP Diagnostic Tool again.

Let me know if you have any other questions or concerns.

Thanks,
Wendy

_________________
Wendy Young
Tier 2 Support Analyst
wendy@mxtoolbox.com

Follow us on Twitter at @MxToolBox, Facebook and read the MxToolBox Blog.

Hello Mxtoolbox.com,

We are using Microsoft Exchange 2007
and when we use smtp diagnostic tool i received Warning - Reverse DNS does not match SMTP Banner

we are using 3 domain from out. I've changed smtp banner from. Our isp says your PTR record is OK. I cant solve this problem.

Thank you for help

Best Regards.

Our IP : 84.51.47.130
domains: mail.sahinlersd.com
mail.besasunideri.com
mail.apexfabrics.com

I hope I do this correct by posting a response rather than a new question. I run the
smtp: 75.160.51.66, test, what comes back all looks fine except there is a
Warning - Reverse DNS does not match SMTP Banner
If I run the test a second time it comes back with out the warning.
OK - Reverse DNS matches SMTP Banner

Why is this doing this ?
Thank You
Jim

I don't agree about the rDNS anyway, it's giving me a headache too.

If you run your own nameservers, you need the rDNS to point to your nameservers.
When running a mailserver on your nameserver, you now would have a problem because you can only use 1 rDNS. So you want to say the mailserver's helo banner should be ns1.somedomain.com when my nameserver is ns1?
Mailservers normally are bannered as mail.domain.com or something like that.
That's why I think that these problems will keep occuring and the mx revers should only be checked against domain name and not against the hostname (or smtp banner). So that is a mistake of mxtoolbox which is also explained in this line:


This can be found here:
http://www.simpledns.com/kb.aspx?kbid=1052

Thank you for your discussion, I found the perfect answer, thank you very much..

Hi all,

I got the same warning.
my config is:
OVH dedicated server
Ip failover that goes to the dedicated (dns reverse ok on this)
Google App for all mails that are sent by the dedicated..

What can i do to solve this ?

Thanks

I have one send connector in Exchange 2007, and the FQDN is correct. I have three receive connectors. Two of them have
<servername.internaldomain.local> (titled as default and "clients"

The other one (titled from internet gateway), , is using <servername.internaldomain.local> for the FQDN. It won't let me change this though, not without adjusting the "Exchange Servers AuthMechanismParameter"... Short for "Exchange Servers permission group".

...My question is, if I disable the "Exchange Servers" permission group on that receive connector, is it going to screw up my whole server / ability to receive mail? ...Or am I just entirely nuts and not looking at the right thing at all? :S Does it even matter that one of my receive connectors (apparently the default) isn't set to use my external FQDN?

aj,

Can you let me know what domain/IP you are checking? I would like to see what our tool says.

If you are not comfortable posting this information, please feel free to email me at wendy@mxtoolbox.com.

Thanks,
Wendy

_________________
Wendy Young
Tier 2 Support Analyst
wendy@mxtoolbox.com

Follow us on Twitter at @MxToolBox, Facebook and read the MxToolBox Blog.

We're currently on a SPAM Listing (RATS) because of a virus. Their tool won't let us remove our listing from their service because our reverse DNS is not correct.

The domain in question is southeastindy.org and the mail server is webmail.southeastindy.org. However, when using the MXToolbox smtp tool we get the "Warning - Reverse DNS does not match SMTP Banner" and the IP address resolves like this:

"69.218.49.134 resolves to adsl-69-218-49-134.dsl.ipltin.ameritech.net"

Does anyone know how to fix this? Do I have to call AT&T (Ameritech) and pay them for the service or can I have the DNS in our server report "upline" to get it changed??

If this is unchangeable, what do we do about the blacklists?

Any help/guidance is much appreciated. Please pretend I know nothing about DNS and email in your replies, that'll save me looking stuff up. ;)

Thanks!