From owner-freebsd-isp Wed Jun 14 3: 7:39 2000 Delivered-To: freebsd-isp@freebsd.org Received: from ms1.meiway.com (ms1.meiway.com [212.73.210.73]) by hub.freebsd.org (Postfix) with ESMTP id C25FD37C29E for ; Wed, 14 Jun 2000 03:07:35 -0700 (PDT) (envelope-from lconrad@Go2France.com) Received: from sv.Go2France.com [212.73.210.79] by ms1.meiway.com with ESMTP (SMTPD32-5.05) id AB80144C0192; Wed, 14 Jun 2000 12:16:32 +0200 Message-Id: <4.3.1.2.20000614114606.04cd62f0@mail.Go2France.com> X-Sender: lconrad%Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Wed, 14 Jun 2000 12:06:06 +0200 To: freebsd-isp@freebsd.org From: Len Conrad Subject: Re: A records on mail domain In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >I am having problems with certain ISP mailservers rejecting my mail >because : > > 550 5.7.1 Invalid host: > key.co.za - authoritative host not found: A lot of mail servers are becoming able to be set up to be very restrictively about incoming mail, using MAPS database and, more aggressively, DNS for authentification of these items exposed in the SMTP dialog: 1. ip.ad.re.ss of the SMTP client (ie, the sending MTA) 2. EHLO/HELO hostname 3. @senderdomain In the first rank of these MTA's is postfix, see its UCE page to appreciate the deliciously paranoid restrictions: http://postfix.eu.org/uce.html I've got a page on my BIND site that might give you some practical ideas about how to set up your mail server in DNS that it has best chance of passing DNS authentifications: http://bind8nt.meiway.com/itsaDNSmess.cfm >The mail adminstrators say they have configured their mail servers as such >and that all domains must have valid forward and reverse lookups. this restrction is quite basic. hint: if your mail server shares its ip with a bunch of other servers, it's best to select the mail server hostname from all the virtual hostnames behind that ip address as the data portion of the PTR RR for that ip address. >So they've said to "add an A record anyway to the mail domain" > >They claim its an RFC requirement. If you have a mail host, you better have A and MX records for it to be : mydomain.com MX 10 mymailhost.mydomain.com mymailhost.mydomain.com MX 10 mymailhost.mydomain.com mymailhost.mydomain.com A ip.ad.re.ss and in your db. reverse file ip.ad.re.ss PTR mymailhost.mydomain.com All the above also applies to the EHLO/HELO hostname, which should be a FQHN, and have A and MX records. All the above also applies to the senderdomain of MAIL FROM: sender@senderdomain ... since MTA's such as postfix and sendmail can lookup @senderdomain for A, MX, and PTR before accepting the mail. Think I'm crazy? A couple of weeks ago, I helped an English Imail admin who couldn't get his mail delivered to sendmail server in .ch. The pb? The Swiss sendmail refused the msg because it could not find an A RR for @senderdomain. This is happening more and more, so you might as well pre-empt your headaches and set up the above 3 SMTP items completely. Len To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message