(Sorry for double reply...) On Thu, 19 Nov 2020 at 13:29, Chris Woods < christopherwoods+list-mai...@gmail.com> wrote:
> Correct the PTR, it's currently "romana.vs.mythic-beasts.com". >> > Unless it's out of preference you're leaving it like that - I do similarly with a domain distinct from whatever domains are hosted on a box. As long as your mailserver is helloing to GMail with the same hostname. What do the Original message headers say in GMail? I usually send myself a test to GMail to examine. Do emails sent to GMail recipients get the yellow "be careful with this message - Gmail could not verify that it actually came from xk7.net" banner? Consider quarantine instead of reject for DMARC, and perhaps ~all instead of -all for SPF. I've had too many issues with -all and it arguably doesn't mean now what it originally represented. My DMARC configurations usually follow the structure v=DMARC1;p=quarantine;sp=none;pct=100;adkim=r;aspf=r;rua=mailto: dmarc...@example.com;ruf=mailto:dmarcf...@example.com;fo=1:d:s My SPFs tend to be slightly more verbose, remembering the ten lookup max guide... I usually start from structure of "v=spf1 a mx a:any.additional.domain ip4:10.10.0.1 ip6:anot:her::ipv6:addr:ess ~all" (I have a couple of edge cases for some of my email sending) Is your DKIM at least 1024 bits? I honestly never bothered winding down TTLs when I migrated mailservers to new IPs in the past, IME it never made a difference to deliverability.
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
