Re: [bitfolk] IPv4 reverse DNS

Hi Keith, On Tue, Apr 12, 2022 at 12:22:52AM +0100, Keith Williams wrote: Which IP address? What is the exact message? That's not how DNS works, so that's probably not what is happening. Anything that wants to know the IP address of keynesmail.com asks the DNS servers for keynesmail.com (unless the answer is already in a cache). Leaving aside tricks like split horizon or geolocation, which you would know if you were using, DNS should return the same answers for everyone everywhere. So either: - You have correct reverse DNS and these particular mail servers are broken - You don't have correct reverse DNS but most of your recipients don't care - The problem isn't actually DNS-related I don't know what the problem is yet so can't answer that. If the domain in question exists in DNS already, then it exists in DNS already and adding more DNS servers (e.g. BitFolk's ones) into the mix isn't going to make any difference since all servers will/should give the same answers. If the domain doesn't exist in DNS, well, how does anything work at all? Unclear to me what the setup is here. You set your reverse DNS for BitFolk IPs here: https://panel.bitfolk.com/dns/ What does this mean? Are you saying that you think that your emails to Gmail and Yahoo! go by IPv6 but your emails to these two problem recipients go by IPv4? Unfortunately several of the large email service providers enjoy providing services that don't function as Internet email, and the majority of their customers don't know the difference, so it must be the sender's fault. But we don't know what the actual problem is yet, so it is hard to assign blame or work out a solution. This is certainly *a* problem: $ dig +noall +answer +auth -t a keynesmail.com keynesmail.com. 38373 IN A 85.119.84.35 keynesmail.com. 38373 IN NS ns2.keiths-place.co.uk. keynesmail.com. 38373 IN NS ns1.keiths-place.co.uk. keynesmail.com. 38373 IN NS ns3.keiths-place.co.uk. $ dig +noall +comments +question -x 85.119.84.35 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53524 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;35.84.119.85.in-addr.arpa. IN PTR $ dig +noall +authority +answer -x 85.119.84.35 @a.authns.bitfolk.com 35.84.119.85.in-addr.arpa. 86400 IN CNAME 35.35-32.84.119.85.in-addr.arpa. 35-32.84.119.85.in-addr.arpa. 86400 IN NS ns3.keiths-place.co.uk. 35-32.84.119.85.in-addr.arpa. 86400 IN NS ns2.keiths-place.co.uk. 35-32.84.119.85.in-addr.arpa. 86400 IN NS ns1.keiths-place.co.uk. $ dig +noall +comments -t ptr 35.35-32.84.119.85.in-addr.arpa @ns1.keiths-place.co.uk ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 43717 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 $ for ns in 2 3; do dig +noall +answer -t ptr 35.35-32.84.119.85.in-addr.arpa @ns${ns}.keiths-place.co.uk; done (no output there either) So in summary you don't have functioning reverse DNS for the IP address 85.119.84.35 because none of the nameservers that it's delegated to are serving the (PTR) record 35.35-32.84.119.85.in-addr.arpa. They all give a REFUSED response. I don't know if that is your problem here, but not having working reverse DNS for an IP address that sends email is definitely going to cause you problems. Note that it is not really important that the reverse and forward DNS records match anything that is in the email headers, just that they match *each other* (reverse DNS resolves to a host name that also resolves back to the same IP address). Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting