Email & PTR Issues
Hello. I'm looking for help with an issue I've been fighting for some time. Background: Running BIND 9.9. Forwarding UDP & TCP Port 53 through firewall. I have issues emailing to certain domains. I use my own mail server to deliver mail. It is currently not sending through SMTP Relay. The failure says that I have a missing PTR record. For example: host al-ip4-mx-vip2.prodigy.net[144.160.235.144] said: 550 5.7.1 Connections not accepted from servers without a valid sender domain.alph151 Fix reverse DNS for 108.212.144.25 (in reply to MAIL FROM command) If I do a test on mxtoolbox it also says I have the issue: https://mxtoolbox.com/SuperTool.aspx?action=smtp%3aobrien-pifer.com&run=toolpage# If I look at dnsstuff and do a test on Mail Server Test Center and run selected tests under the MX Dashboard it gives a DNS Mismatch. BUT, If I look at dnsstuff,com and do a reverse lookup test, that seems successful: http://www.dnsstuff.com/tools#reverseDns|type=ipv4&&value=108.212.144.25&&optionalServer=mail.obrien-pifer.com Also, from a pc somewhere else on the internet, if you change your DNS server to mine (or use nslookup) it resolves the reverse entry ok. >nslookup > server 108.212.144.25 Default Server: [108.212.144.25] Address: 108.212.144.25 > 108.212.144.25 Server: [108.212.144.25] Address: 108.212.144.25 Name: obrien-pifer.com Address: 108.212.144.25 > If anyone has any helpful suggestions it is appreciated. I also tried moving my DNS to the provider I purchased my domain name from thinking that would be an easy fix. They don't support PTR records and actually had no clue what they even were. I've also tried configuring my mail servers to use ATT's SMTP Relay, but so far I've been unsuccessful getting it to send at all. The emails keep getting deferred. Obviously not an issue for anyone on this list. Just providing info. Thanks James ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Email & PTR Issues [Solved]
On 11/7/2017 12:59 PM, Matthew Pounsett wrote: On 7 November 2017 at 10:31, James Pifer <mailto:j...@obrien-pifer.com>> wrote: Hello. I'm looking for help with an issue I've been fighting for some time. Background: Running BIND 9.9. Forwarding UDP & TCP Port 53 through firewall. I have issues emailing to certain domains. I use my own mail server to deliver mail. It is currently not sending through SMTP Relay. The failure says that I have a missing PTR record. For example: You may have configured reverse DNS on your DNS server, but that reverse DNS zone is not delegated to you, so nobody else's DNS server will ever query yours for that PTR record. It's being managed by swbell.net <http://swbell.net>, who returns NXDOMAIN for that lookup. I'm presuming swbell.net <http://swbell.net> is your ISP. You either need to get them to delegate reverse DNS for your address block to you, or have them set up the PTR record(s) you require in their DNS. ; <<>> DiG 9.11.2 <<>> +trace -x 108.212.144.25 ;; global options: +cmd .223262INNSh.root-servers.net <http://h.root-servers.net>. .223262INNSa.root-servers.net <http://a.root-servers.net>. .223262INNSc.root-servers.net <http://c.root-servers.net>. .223262INNSg.root-servers.net <http://g.root-servers.net>. .223262INNSi.root-servers.net <http://i.root-servers.net>. .223262INNSm.root-servers.net <http://m.root-servers.net>. .223262INNSd.root-servers.net <http://d.root-servers.net>. .223262INNSe.root-servers.net <http://e.root-servers.net>. .223262INNSk.root-servers.net <http://k.root-servers.net>. .223262INNSj.root-servers.net <http://j.root-servers.net>. .223262INNSl.root-servers.net <http://l.root-servers.net>. .223262INNSb.root-servers.net <http://b.root-servers.net>. .223262INNSf.root-servers.net <http://f.root-servers.net>. .223262INRRSIGNS 8 0 518400 2017111921 2017110620 46809 . OL3PH3LpCrgzyohVZas9X42iwOpXsYD8CRkNiJZ1Oy6jwIfb8Shy57XN 5noPxtghdHBLutGBIdMwL2rA5AR2yaaVgRC6TM0eSqeixFFeETu6EV89 ZpBgSDNSVL1fmwnSoni1mZRj+F0iLT+Q+t/DveqVwh4o/2czWsnfiqTk 89jZRB30W3Ja9E4EMNW1+WNCkib1KTFvnwwgfYGPtjyFSUIQrv1vOByN R3Yu11YYkgauY0Q5C7vcUkchwsDlkaWIgnvEZQXRUM3Ibi1QX6kq1g6Q JW9mSzf7YqrPfU90HId+TSfuvTL4MrkN81iQXSl37+sldtJzDSKOKQij 7Wj1hg== ;; Received 525 bytes from 8.8.8.8#53(8.8.8.8) in 7 ms in-addr.arpa.172800INNSe.in-addr-servers.arpa. in-addr.arpa.172800INNSf.in-addr-servers.arpa. in-addr.arpa.172800INNSd.in-addr-servers.arpa. in-addr.arpa.172800INNSc.in-addr-servers.arpa. in-addr.arpa.172800INNSb.in-addr-servers.arpa. in-addr.arpa.172800INNSa.in-addr-servers.arpa. in-addr.arpa.86400INDS53696 8 2 13E5501C56B20394DA921B51412D48B7089C5EB6957A7C58553C4D4D 424F04DF in-addr.arpa.86400INDS63982 8 2 AAF4FB5D213EF25AE44679032EBE3514C487D7ABD99D7F5FEC3383D0 30733C73 in-addr.arpa.86400INDS47054 8 2 5CAFCCEC201D1933B4C9F6A9C8F51E51F3B39979058AC21B8DF1B1F2 81CBC6F2 in-addr.arpa.86400INRRSIGDS 8 2 86400 2017112012 2017110711 36264 arpa. VMG4mxJ1Kdcm4QsK/i8qP+EzIubfzl2Hlo9hG1aDAZ8/y+GIKz+bYGVG f1wZKCZAfFPMrDBIVAhghK3eTQooY12oUEGICksbtSukvDQcL6LwqZKf yfPuSW29Qj+hsdmeDZAwRiaCjAeMf5tucgX7yr9SD08gCTJcaPltjdlv QuM= ;; Received 740 bytes from 198.41.0.4#53(a.root-servers.net <http://a.root-servers.net>) in 18 ms 108.in-addr.arpa.86400INNSr.arin.net <http://r.arin.net>. 108.in-addr.arpa.86400INNSu.arin.net <http://u.arin.net>. 108.in-addr.arpa.86400INNSx.arin.net <http://x.arin.net>. 108.in-addr.arpa.86400INNSy.arin.net <http://y.arin.net>. 108.in-addr.arpa.86400INNSz.arin.net <http://z.arin.net>. 108.in-addr.arpa.86400INNSarin.authdns.ripe.net <http://arin.authdns.ripe.net>. 108.in-addr.arpa.86400INDS42060 5 1 DCD6C8C3D6F68C6A4495EA2C1C5DA76BBCB466E2 108.in-addr.arpa.86400INRRSIGDS 8 3 86400 20171114073514 20171024172923 50761 in-addr.arpa. l8UaM1j4VZ14OnIdBoH7b3xgFPyueh6A82423FAp53ohpOf+enHrh26s O0Vaq3LnIk3fTED6bspZCour38srNTmWWKvYRSzAQ+vAsarAo//Cma4U nCLAQAJqQRrUzQ2ZXC/AZoC+E0jfyA0saXC3mQb76+iwPx8hLJnw6wD1 Vhj/mwU= ;; Received 387 bytes from 203.119.86.101#53(e.in-addr-servers.arpa) in 236 ms 212.108.in-addr.arpa.86400INNSns1.swbell.net <http://ns1.swbell.net>. 212.108.in-addr.arpa.86400INNSns3.sbcglobal.net <http://ns3.sbcglobal.net>. 212.108.in-addr.arpa.86400INNSns2.swbell.net <http://ns2.swbell.net>. 212.108.in-addr.arpa.10800INNSEC213.108.in-addr.arpa. NS RRSIG NSEC 212.108.in-addr.arpa.10800INRRSIGNSEC 5 4 10800 20171121173125 20171107163125 14796 108.in-addr.arpa. aTXD4vS9gVjOP9uzozcUdXhSFuCXKqKUKUpZnHuStZO7QPqXKnB8EOoj F0lRJDkdvGNng/BwMLj22EFC3kWtFhOTLl2l6oq7tjb+fhGJCWCY5Pbp Cyc3VSiIU7wCPa2HDJbYMTLKLm4UZOBA1Mlp+0rcGDosGcnqmRl7oGNh Y6A= ;; Received 348 bytes from 192.82.134.30#53(y.arin.net <http://y.arin.net>) in 18 ms 212.108.in-addr.arpa.3600INSOAns1.swbell.net <http
Re: Email & PTR Issues [Solved]
On 11/7/2017 3:09 PM, John Levine wrote: In article you write: I have issues emailing to certain domains. I use my own mail server to deliver mail. It is currently not sending through SMTP Relay. The failure says that I have a missing PTR record. For example: I'm amazed that it works at all. Like most ISPs, AT&T usually blocks port 25 on their consumer broadband. If you want to run your own mail server, get a VPS somewhere. They're cheap, like $5/mo or less if you pay by the year. If you just want your mail to work, get it hosted somewhere. R's, John No guarantee how long it will last, but I did verify that that will not block any ports before signing up as I was coming from Business Class with Time Warner/Spectrum. Anyway, AT&T came through. I posted on their forum and got a response from someone at AT&T. They gave me the contact information for their DNS services. This morning they updated the PTR record and mail is working for sites that it wasn't working from before. Thanks for all the help everyone. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
