Configurar un PTR reverso para evitar bloqueo de correos

Hola,

Hoy me ha comentado @alterannda que algunos de los correos que está mandando están siendo rechazados. Hay que decir que ella usa un dominio personal que hemos configurado recientemente y reportado aquí.

En concreto me ha llamado la atención el siguiente error:

imatge881×134 69.7 KB

He ido al enlace y he traducido del alemán:

554 Nemesis ESMTP Service not available No SMTP service Bad DNS PTR resource record.

Caused

Emails from your email server have been rejected because the PTR Resource Record (PTR-RR) of your IP address does not meet our policies.

Solution

Make sure that you are not using a dynamically assigned IP address, but rather one that is permanently assigned to your email server.

The PTR-RR should not correspond to the generic standard entry of your host/provider, e.g. “123-123-123-123-static.yourprovider.tld”.
Generic standard entries usually result in rejection.

Assign your email server its own full domain name (FQDN), e.g. according to the recommended format:
“mail.yourdomain.tld”

En la documentación de iredmail (el software que usamos para el correo) pone:

Why do you need a reverse PTR record

The most common use for looking up a PTR record is done by spam filters. Concept behind this idea is that fly by night spammers who send e-mails out using fake domains generally will not have the appropriate reverse PTR setup at the ISP DNS zone. This criterion is used by spam filters to detect spam. If your domain does not have an appropriate reverse PTR record setup then chances are email spam filtering software MIGHT block e-mails from your mail server.

How to setup a Reverse PTR record

You would most likely need to contact your ISP and make a request to create a reverse PTR record for your mail server IP address. For example, if your mail server hostname is mail.mydomain.com then ask your ISP to setup a reverse PTR record 192.168.1.5 (your internet public IP address) in their reverse DNS zone. Reverse DNS zones are handled by your ISP even though you may have your own forward lookup DNS zone that you manage.

En nuestro caso creo que se puede configurar en Hetzner, dónde tenemos el servidor y se nos ha asignado la IP.

He ido al panel de Hetzner y he cambiado el parámetro Reverse DNS entry de la configuración IP del servidor.

imatge804×132 7.46 KB

He cambiado “static.157.21.216.95.clients.your-server.de” por “anartist.org”.

Esperemos que sirva para no ser rechazados!

Brutal, gràcies!

MArcel moltes i moltes gràcies, us mantinc updated!!!

HOlaaaa! Abans no sé on ho he escrit, però el correu anartist torna a no enviar els que de destinatari són gmail…

Ja en van dos avui, surt aquest error:

This is the mail system at host mail.anartist.org.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

<accioculturaviva@gmail.com>: host gmail-smtp-in.l.google.com[108.177.14.26]
said: 550-5.7.25 [95.217.142.137] The IP address sending this message does
not have a 550-5.7.25 PTR record setup, or the corresponding forward DNS
entry does not 550-5.7.25 match the sending IP. As a policy, Gmail does not
accept messages 550-5.7.25 from IPs with missing PTR records. For more
information, go to 550-5.7.25
Email sender guidelines - Google Workspace Admin Help 550-5.7.25 To learn
more about Gmail requirements for bulk senders, visit 550 5.7.25
Email sender guidelines - Google Workspace Admin Help.
2adb3069b0e04-52ca282625esi4399820e87.70 - gsmtp (in reply to end of DATA
command)

Reporting-MTA: dns; mail.anartist.org
X-Postfix-Queue-ID: 4W4gVw2CzLz39j6
X-Postfix-Sender: rfc822; info@alteranndamusic.com
Arrival-Date: Thu, 20 Jun 2024 14:57:12 +0200 (CEST)

Final-Recipient: rfc822; accioculturaviva@gmail.com
Original-Recipient: rfc822;accioculturaviva@gmail.com
Action: failed
Status: 5.7.25
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 550-5.7.25 [95.217.142.137] The IP address sending this
message does not have a 550-5.7.25 PTR record setup, or the corresponding
forward DNS entry does not 550-5.7.25 match the sending IP. As a policy,
Gmail does not accept messages 550-5.7.25 from IPs with missing PTR
records. For more information, go to 550-5.7.25
Email sender guidelines - Google Workspace Admin Help 550-5.7.25 To learn
more about Gmail requirements for bulk senders, visit 550 5.7.25
Email sender guidelines - Google Workspace Admin Help.
2adb3069b0e04-52ca282625esi4399820e87.70 - gsmtp

Hola!

Sí, a mi m’ha passat amb algun correu també amb domini anartist.org. Però tornant-ho a enviar a funcionat. Tot i així, demà intentaré donar un cop d’ull als registres PTR dels que parla.

He configurat el rPTR amb la mateixa IP que el VPS de mail:

A veure si ara ho hem solucionat.

Hola Marcel, merci per mirar-t’ho!
diria que no s’ha solucionat, perquè ara mateix fa 1 min n’acabo d’enviar un i me l’'acaba de retornar …

Ei!

Donem-li un dia de marge, a vegades aquestes coses tarden en “propagar-se”…

Holaaaa! Què tal com anem? Torno a escriure per aquí perquè segueixen arribant avisos de mails que no es poden enviar… L’últim aquest que copio aquí (que torna a ser gmail). Ja direu què us sembla… Merci!!!

This is the mail system at host mail.anartist.org.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

<laruralcultura@gmail.com>: host gmail-smtp-in.l.google.com[74.125.131.27]
said: 550-5.7.25 [95.217.142.137] The IP address sending this message does
not have a 550-5.7.25 PTR record setup, or the corresponding forward DNS
entry does not 550-5.7.25 match the sending IP. As a policy, Gmail does not
accept messages 550-5.7.25 from IPs with missing PTR records. For more
information, go to 550-5.7.25
Email sender guidelines - Google Workspace Admin Help 550-5.7.25 To learn
more about Gmail requirements for bulk senders, visit 550 5.7.25
Email sender guidelines - Google Workspace Admin Help.
2adb3069b0e04-52e7ab2a2b1si2186121e87.449 - gsmtp (in reply to end of DATA
command)

Reporting-MTA: dns; mail.anartist.org
X-Postfix-Queue-ID: 4WCMf74J7Gz39b8
X-Postfix-Sender: rfc822; info@alteranndamusic.com
Arrival-Date: Mon, 1 Jul 2024 12:26:39 +0200 (CEST)

Final-Recipient: rfc822; laruralcultura@gmail.com
Original-Recipient: rfc822;laruralcultura@gmail.com
Action: failed
Status: 5.7.25
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 550-5.7.25 [95.217.142.137] The IP address sending this
message does not have a 550-5.7.25 PTR record setup, or the corresponding
forward DNS entry does not 550-5.7.25 match the sending IP. As a policy,
Gmail does not accept messages 550-5.7.25 from IPs with missing PTR
records. For more information, go to 550-5.7.25
Email sender guidelines - Google Workspace Admin Help 550-5.7.25 To learn
more about Gmail requirements for bulk senders, visit 550 5.7.25
Email sender guidelines - Google Workspace Admin Help.
2adb3069b0e04-52e7ab2a2b1si2186121e87.449 - gsmtp

Hola! Justo ayer compartí una publicación por nuestro social de alguien que hablaba de los registros PTR. Era la primera vez que oía hablar de ellos. ¿Crees que en este caso puede ser eso @marcelcosta?

Sí, es algo de eso. Pero no entiendo porqué, diría que los he cambiado…

Quizás no lo he entendido bien, por lo que he leído es lo mismo que el rDNS. Y eso lo habíamos cambiado!
https://docs.iredmail.org/setup.dns.html#ptr

Tendré que revisarlo mejor y pedir ayuda a alguien que sepa más que yo (no tan difícil)…

Con @RickyAKA hemos hecho algun cambio, a ver si ahora deja de fallar!

@hidepaulahide @alterannda

hola, muchas gracias por mirarlo y arreglarlo! os informaré si algo me falla, un saludo!