Questions/Comments? We're here to help: (866) 267-4638

Knowledge Base

Reverse DNS and Incoming Email to Hubris Communications

Your mail to a Hubris Communications customer has been rejected due to a misconfigured SMTP relay at the sending IP address. In particular, it appears that the host does not have a valid DNS configuration.

Without valid DNS entries a SMTP relay will increasingly find it difficult to relay mail to the outside world (including to many of our customers). Most modern SMTP relays now offer at least the option of requiring valid DNS from relaying sites and an increasing number of sites (including large providers such as Cox Communications, AT&T, Comcast and AOL) require valid reverse DNS for relaying to their customers.

Hubris Communications also requires that any incoming connections to our mail servers come from IP addresses that have valid reverse DNS configured in order to properly identify themselves.

In order to correct this issue please contact the administrator of your SMTP relay (most likely your internet provider or system administrator) and have them fix this host's DNS records.

The lack of valid DNS for the host is most likely a simple oversight, however if you need assistance in fixing this problem we offer the following links on the subject:

This is a very simple but vital fix for a SMTP relay that intends to send email to the public internet.

Why Does Reverse DNS Matter

Think of reverse DNS like you would caller-ID for phone calls. If you get an incoming call from from a caller that hides their identity from the caller-ID, you might be suspicious of that call.

Now imagine you get 20 times as many calls without caller-ID as with it and nearly all those calls are from telemarketers. That is the situation we are in today with spam and relays that lack reverse DNS. Nearly all the spam we receive is from machines that don't follow the rules when it comes to reverse DNS. And once that email gets here, the anti-spam rules delete over 98% of it anyway.

Since the rules say that all email relays should have valid reverse DNS and nearly all the spam comes from machines that don't have it, any machine that doesn't have it is going to be treated as extremely suspicious.

What is Required for Reverse DNS

There are two components to reverse DNS when it comes to relaying mail.

  1. Reverse DNS exists at all. When one machine tries to connect to another machine on the internet, the receiving machine will initially only know the IP address of the connecting machine. So for example, one of our outbound relay machines is located at 207.178.96.48. When we connect to another machine the receiving end will look up that IP address to see what its host name is. In this case, 207.178.96.48 will resolve to outbound1.hubris.net.
  2. That reverse DNS is valid. Because anyone can pretend to be outbound1.hubris.net, the receiving end will then look up outbound1.hubris.net to see what IP address it should have. Looking up outbound1.hubris.net will return the IP address 207.178.96.48. This proves that 207.178.96.48 has the right to say that it is outbound1.hubris.net.

Many providers (us included), will outright reject or block any mail from an IP address that doesn't have any reverse DNS at all.

Emails that come from IP addresses that have reverse DNS but where that reverse DNS isn't set up correctly are normally accepted but are treated as suspicious and may be scored as spam or blocked in some other way. Hubris Communications does allow these emails in, but scores them as likely spam. Customers who receive emails from such broken mail relays have the option of adding these senders to their whitelist which will bypass the spam control scoring of these emails.

If you have any questions about this policy or why your particular email was rejected, please forward a sample to support@hubris.net.

Back to Top