Reversable Domain/DNS Problems in E-mail Genuinity Check
I hope I posted in the right forum.
Title: Reversable Domain/DNS Problems in E-mail Genuinity Check Tags: DNS, firewall, internet protocol, routing, email
This is a real world scenario that I need help figuring out. I have thought of everything I could, but now I must seek the privileging knowledge and help from WebhostingTalk Forumers.
This is a real world scenario -- how so? Well know that Microsoft's TechNet newsletter probably goes out to at least a million people. How many of those e-mails go out to yahoo.com? Gmail.com? Hotmail.com? AOL.com? Etcetera. This is the same scenario that my company is in, except with a little bit of a kicker that has caused me to seek help.
In this scenario we have at least 10,000 clients with an e-mail at company-b.com. We need to send all of our clients an important e-mail with confidential information. We have one physical server and it is located in a ventilated and cooled datacenter'ish room. We also have two internet service providers for connection redundancy. On our firewall, we have it set so that if our primary ISP goes down it will instantly switch over to our secondary ISP until our primary ISP is back online. The IP address our primary ISP gives us on the internet is 188.8.131.52, and our secondary ISP gives us 184.108.40.206.
Company-b.com, for the protection of their customers, will resolve the reverse DNS from the address an e-mail would come from to make sure that the IP addresses match. In other words, when you send an e-mail from company-a.com it will come out from mail.company-a.com (with an IP address of 220.127.116.11 for example). When the mail gets to company-b.com, that server will resolve the reverse DNS (or try to anyway) of mail.company-a.com to make sure that it is indeed coming from 18.104.22.168. If it resolves it to a different IP address, it will not deliver the e-mails you sent from company-a.com to its customers on company-b.com.
In general, this verification process tries to verify the genuinity and validity from where e-mail was sent from to its own customers. If mail.company-a.com resolves to a different IP address than what it came from, then it is possible to say that we (or company-a.com) are using a relay (which is like a proxy), or that our domain name is simply not reversable.
To summarize: mail is sent out through 22.214.171.124 (but then goes offline coincidentally) and is sent to 126.96.36.199. Because 188.8.131.52 is down, mail.server-a.com will resolve to 184.108.40.206 instead of the original IP address we sent out our mail from, and because the IP addresses differ, the server 220.127.116.11 rejects the mail we sent, thinking that we either (1) have a DNS problem, (2) are spammers/spam-bombers, or (3) using a relay or proxy, which many companies are against, do not support, and have counter-measures against relay/proxy-users.
Any and all help will be appreciated. We are looking for a workable, proper/appropriate solution so that we can successfully pass the reverse domain test. We can add/modify DNS/MX records to company-a.com. We must have the two ISPs we have for redundancy; our company and clients heavily depend on our internet connection's uptime. Also, a lot of people in the company depend on IMAP/POP3/SMTP with their cell phones, iPhones, PDAs, laptops, timecards, etcetera. We may be able to schedule something maintenaince for a weekend if necessary.