ISPConfig set up reverse DNS - ubuntu-16.04

I have an Ubuntu 16.04 server with ISPConfig 3.1.
I set up many websites and emails, but when I send an email to a certain email address I have the following error:
Your server IP address [186.156.31.17] does not have a valid reverse
550-DNS entry [pc-17-31-156-186.cm.vtr.net]. see
550-http://spamauditor.org/best-practices/check_dynamic_reverse_dns/
for
more 550-information. Protection provided by MagicSpam 2.1-8.3 550
http://www.magicspam.com (in reply to RCPT TO command)
How can I set up reverse DNS in ISPConfig? I learned that I need a PTR record but I'm not sure how to do it correctly.

This isn't something you can configure from your end unless your ISP has specifically given you the ability to do it.
Linode, for example has a button for it, but if you don't, you would need to contact your ISP.
Normally individuals don't have access to the rDNS records

Related

How to connect my Mac Mail to my domain which his DNS are handled through DigitalOcean?

I bought a domain.
I pointed his name servers to:
ns1.digitalocean.com
ns2.digitalocean.com
I have added a CNAME record point to #
I want to send and receive emails using my Mac mail program.
I know that I should probably build a full mail server which is an awful thing to do.
Therefore, I have another server (not digitalocean) running on cPanel. In this cPanel I have a very powerful cPanel's mail server.
How can I point my digitalocean CNAME to the remote server where the cPanel is?
I hope it's clear enough.
In order to make your domain points to the digital ocean server, you will have to create A record that points to the IP of that server, same goes to any subdomain.
Regarding your mail server, you need to make mail.mydomain.com points to the IP of your cPanel server using A record not CName and also modifying other records like SPF/DKIM records.
For your local mail client you can get the configuration by logging into the cPanel user account and view the mail settings

Reverse IP configuration in a VPS with several registered domains to avoid spam mails

Hello everyone in the community.
I have a headache that you can't imagine with this topic and I need your help.
I have a VPS server contracted at OVH, where I have access to the WHM and the Cpanel.
I currently have two hosted domains, I have created for each one their account in Cpanel, so each domain has its own configurations: Ftp, Mail etc...
The problem is that the mail that comes out of any of these domains are going directly into SPAM. I've read a lot on the internet, there's talk about configuring the PTR, configuring a reverse IP and so on.
The thing is that I am confused because I have two different domains, with all their different characteristics and the OVH server is one with one IP and already has its reverse IP.
So when I check the CPANEL of each account in the Email Deliverability option it tells me that there is a problem with the PTR.
The truth is that I have no idea how to change this for each domain, each domain appears in the DNS zone of the WHM and I can edit or add what I need but I see that everything is fine.
I don't know what to change or how to change it. I hope you can guide me. Thank you
Your cPanel/WHM server ip address has to have a valid PTR record which should matche your server's hostname. If the PTR doesn't match the hostname then that's a reason your emails go to SPAM. You should also check your server ip address to see if it's listed in any blacklist. You can check that on mxtoolbox.com for example. You also need to have valid DKIM, SPF and DMARC dns records for your domains.

Mail not getting send to specific domains

We have a VPS with CentOS combined with DirectAdmin which we use for a Magento shop. This runs fine, except for sending email.
Problem:
It appears that some specific domains won't receive our emails and we get a bounce. If we use any other email sending systems, the mails arrive without problems.
The bounce mail contains the following error:
SMTP error from remote mail server after HELO Company-Shops:
host mx-cluster-b2.one.com [IP ADRESS]: 504 5.5.2 :
Helo command rejected: need fully-qualified hostname
After googling and trying things for a week now, I am a bit lost. I tried checking postfix in CentOS, but this is not installed and I'm not quite sure if this is needed.
Possible issue?
I believe the hostfile in CentOS is setup incorrectly:
127.0.0.1 localhost localhost.localdomain localhost4 ... etc
OUR IP Company-Shops
'Company-Shops' should probably be a domain name, am I right? The same as the rDNS. But I'm afraid if I change this it will kill my site and whatnot. I'm not sure if this entry correlates with the 'company-Shops' helo label in the bounce error.
Some extra info:
- We use the webmail Roundcube from DirectAdmin
- At the moment we run one shop, but this might grow a bit (multiple sites on 1 IP)
- We don't use subdomains
- We've set up a reverse DNS, with the domain
Is there anyone with similiar experiences or with a bit more knowledge about this subject? I appreciate any advice we can get, as we are stuck..
Many thanks.
Yes, that's right: your mail server should identify itself using a fully-qualified domain name when it connects to send mail via SMTP. You don't say what mail server you're running, but since you're using DA, it's probably Exim. If so, you want to edit /etc/exim.conf and set primary_hostname to the FQDN of your server.
This would also be a good time to double-check that reverse DNS is set up properly for your IP address. Many hosts will also reject email from servers on IPs without a valid rDNS record.
I'm not familiar with Magento, but I can't see any way that changing the Exim configuration in this way could impact that program.

How to properly set up DNS SPF records for a .local server?

We send out mail via Microsoft Exchange 2010 running on a Windows Server set up as server.organization.local.
When error messages are generated it shows:
Generating server: server.organization.local
I am confused as to what our SPF records should look like based on this. Should it simply contain the external IP address that this server uses to send out mail, or both this .local address and external IP address?
Currently it is set as:
# 10800 IN SPF "v=spf1 mx a:server.organization.local ip4:10.10.10.10 -all"
The mx is included to be safe but I'm not sure if it needs to be? The MX records on the domain name is set to a third-party filtering service, no mail is sent via it.
You need to specify the public IPs if you want to send emails to the internet.
If you are sending emails to another mail server on the LAN then you might have to add the private IPs as well.
I suggest to use a testing utility to check your SPF records.

Ubuntu exim4 - Config setup and spam filters

I've recently setup my Ubuntu web server with exim4 so my PHP website applications can send email such as "thank you" and "confirmation" notices.
I've got it setup and working such that I can send email to gmail, Yahoo! and my work address. However, my work email gets caught up in our spam filter. I'm new to setting up mail servers so I'm not sure what I might need to look for in making this mail server more trusted, while keeping is secure.
Here are some details:
Server is NATed behind a firewall.
Firewall has port 25 open for outgoing SMTP traffic (from server to anywhere).
Server is virtual hosting a couple different of our websites
The server is running the following exim4 config:
dc_eximconfig_configtype='internet'
dc_other_hostnames='web-serv.example1.com;example2.com'
dc_local_interfacees='127.0.0.1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets='' dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
Questions:
Do I need to open port 25 to incoming SMTP mail (anywhere to server)? I wonder if other mail servers need to talk to my mail server to verify itself, in a sort of handshake attempt.
I have not created any MX records primarily because the server has different websites on it the mail server should send mail for all the websites. Do I need to pick/create a domain address and create MX records for it?
One thing of note is that the mail headers look like this:
Return-Path: <www-data#example2.com>
Received: from web-serv.example1.com ([Firewall public IP Address])
Received-SPF: neutral (google.com: [Firewall public IP Address] is neither permitted nor denied by best guess record for domain of www-data#example2.com)
"web-serv" is the host name of the server, such that you get this if you type it into the command line:
$ hostname
web-serv
and "www-data" is the account name for the Apache2 server that Ubuntu gave it as default.
Any other general advice would be appreciated. It's all new to me.
Cheers!
One item of note, since I posted this question time time ago (almost 10 months) is that I found out the biggest issue I had was with setting up the DNS for reverse DNS on our hosting providers side of things.
In other words, our hosting provider (the people who give us our IP address and manage our hardware) had to enter a record to match my server(s) hostname to whatever IP address it used.
There's a specific name for this. I believe it's a "PTR" record but the name escapes me at the moment, but you basically tell them "my server hostname is ..." and they do a quick update to the DNS for reverse DNS purposes.
When I asked this question, we had a different hosting provider who didn't really help explain this to me, and after switching providers, I got to talk to someone who was happy to help me understand that side of the equation.
And as I understand it, this is setup by the people who assign you the IP addresses. But there's probably more to it than that.
Once I got that setup properly, email had no problem getting through the spam filters and Gmail/Yahoo showed SPF as "passed". It was showing neutral before.
Our company email was set to drop any email that would not resolve reverse DNS, which is why I could not even receive the email or find it in the spam filter. Of course, that situation would be dependent on the company and what email policy and software they're using to manage spam. Some might just drop all email that does not reverse DNS and some might dump it in to spam filters instead.
Hope that might help some people with similar issues.
Cheers!