Denial due to rDNS

baxterdmutt · February 8, 2021, 4:09am

Hi all,
Everything seemed to be working fine with my server until I started getting complaints that mail was being returned due to rDNS failures. What would be the best way then to convince hestia (exim) to send all mail, from any of he websites, through the ip of the hostname (which of course has a valid rDNS record. I have a block of IPs being announced by BGP and am using some of them to host websites, so the sites don’t all have the same IP as in a shared hosting environment. I though changing the remote_smtp interface to the hostname IP but that doesn’t seem to do it. I realize this isn’t a hestia issue per se but I know there are some pretty knowledgable people here that I’m sure have already resolved this issue for themselves.
Thanks

jlguerrero · February 8, 2021, 11:37am

So if you have a valid PTR record, maybe you could check the SPF record.

Are you setting multiple PTR records for the same IP address?

baxterdmutt · February 8, 2021, 4:11pm

No it’s definitely rDNS. The bounce reply says “rDNS for ip 206… does not exist”
PTR records are all good.

Felix · February 13, 2021, 6:18pm

Isn’t it possible to set PTR record for each IP address that you use on the Hestia server?

baxterdmutt · February 13, 2021, 6:51pm

Yes but setting the ptr does nothing for rDNS unless you own the ip, and can create a ptr on your own name server.

Felix · February 13, 2021, 11:01pm

I’m confused by your last message. As far as I know, to set the PTR record you need to own* the IP and by doing that you’ll get a hostname when you run dig / nslookup on the IP (reverse DNS). Which essentially is rDNS so by doing that you’ll get rid of the error.

*Usually the IPs are owned by the data-center / provider (Like Hetzner, OVH, etc) but they give us a way (control panel of some sort) to set the PTR record for the IPs of the VPSes / Servers they rent.

You said that you have a block of IPs being announced by BGP, so I understand that you own the IPs. And then you said that one of these IPs has a valid rDNS. Thus I concluded that you are able to set rDNS for them (set PTR records) as well. So I don’t get why you can’t set rDNS for the rest of the IPs >.<

Anyway, what I suggested was kinda of a work-around. But unfortunately I can’t answer the question “How to convince hestia (exim) to send all mail, from any of he websites, through the ip of the hostname?”

baxterdmutt · February 14, 2021, 1:26am

Yes! That’s correct. But when you own your own block, Hestia sets the IP based on the name of the domain the email is sent from, but that doesn’t work if you are using just one IP to host the emails from all IPs and domains. Because only that one domain has a valid PTR (unless you also run your own Nameserver). So i figured out a work around for me. In the Exim4 config, I’ve had to modify the OUTGOING_IP , and also the DKIM_DOMIAN, DKIM_FILE and DKIM_PRIVATE_KEY.

I imagine most people aren’t like me, but if anyone else announces a block of IPs and wants their email to work properly without bouncing, then I hope this helps.