SMTP Auth and relay blocking

By ivandd ·
Hi all

I have a theory question related to the following scenario on spam control.

My email is eg: my smtp server is not on this domain but somewhere else on the internet e.g. I smtp auth to this server to send mail. When the receiving server gets the mail it does a reverse query on to if the receiving server does not get on acknowledgement that can send mail from then the mail is rejected but this normally does not happen.

The question:
How does store a sender address to answer reverse queries when the sender don't exist on managed domains.
Or am I miss understanding how reverse smtp checks work.

Hope someone can answer or direct me to a document to explain.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

mx record

by Triathlete1981 In reply to SMTP Auth and relay block ...

it's in the mx record. if the mx record says is the legit server for, than all's good. otherwise, if i'm spoofing a address, trying to send from, it won't go.

does that make sense?

Collapse -


by Nimmo In reply to SMTP Auth and relay block ...

When you send email it contains a header field which along with other bits of infomation it contains the senders IP address.

If for example you have an exchange box ( and it is using your ISP's server to route email ( then the receiving host (

when the recipitant( receives email will do a reverse lookup and find that the IP address ( it is resolving doesn't match the domain to which the email came from (

I have found that some *nix boxes that use certian firewalls (sorry can't remember of the top of my head which ones) really hate this kind of setup and to fix the issue you will need to have your mail server use DNS to do the routing, instead of having mail forwarded to your ISP's mail servers.

(you'd be pretty hard up trying to tell and administrator to change his setting to allow your email to get through, considering it is only your mail bouncing LOL).

Collapse -

Reverse Query (PTR)

by Churdoo In reply to SMTP Auth and relay block ...

Reverse query is taking an IP address and querying for the hostname registered to that IP. For a successful reverse query, a PTR record must exist in the zone for the IP address.

When SMTP servers communicate, they exchange their hostnames. A receiving mail server may do a reverse query of the connected server's IP address to see if the resultant PTR record matches the name the server says it is. This does not necessarily mean that the server is authorized to send email for, it's just a check to see if the server is who it says it is.

There are several sites where you can do a reverse query manually for your own learning and information. I like to go to and enter an IP in the whois search box.

So to answer your example question, doesn't answer any reverse queries. As an email message traverses the SMTP servers along its path, each one adds its info to the headers of the email, and the receiving servers use common resources like PTR lookups and/or SPF lookups and/or DNS Blacklists to try to validate the server or servers that the email has passed through.

I don't have a link for one site that explains the various checks and current best practices for SMTP and SPAM control, but hopefully another poster knows a good link.

Hope this helps.

Related Discussions

Related Forums