3

We are using postfix on centos as a mail server to send out newsletters. but in the mail log file I can see that many receivers rejected our newsletters. and with the help of mxtoolbox, I found a warning message for our mail server - "reverse DNS does not match SMTP banner".

my hostname is webserver.XXXX.com that has both outgoing / incoming ip to 109.XX.XX.93, when I use reverse DNS lookup tool, the ip adress 109.XX.XX.93 resolved to webserver.XXXX.com.XX.XX.109.in-addr.arpa. Should I actually expect this to be webserver.XXXX.com, if it has to be correct? and I guess this is the case that mxtoolbox give "reverse DNS does not match SMTP banner" message?

If I telnet 109.XX.XX.93 25, i got 220 webserver.XXX.com ESMTP Postfix.

Zhenyu
  • 263
  • 1
  • 3
  • 10
  • 2
    Banner match and "no relay allowed" are totally different issues. Both are critical but still two issues. – TomTom Jul 08 '14 at 08:32
  • Thanks for advice. but i want to fix this reverse DNS thing first – Zhenyu Jul 08 '14 at 08:36
  • 1
    Then why the heck do you even mention the relay issues? Trying to confuse people? – TomTom Jul 08 '14 at 08:47
  • just look at the title of the post, and the question in my post. stop commenting if you don't have solution for the reverse DNS issue. thanks. – Zhenyu Jul 08 '14 at 08:48
  • 2
    I Have a solution. The solution is simple - fix the reverse mapping. – TomTom Jul 08 '14 at 08:58

1 Answers1

5

Yes, both name-to-ip and ip-to-name mapping must match exactly, that is:

109.XX.XX.93 must resolve to webserver.XXXX.com and webserver.XXXX.com must resolve to 109.XX.XX.93 exactly.

Then additionally, the SMTP banner presented must match the same hostname.

If your IP address reverse lookup does not match webserver.XXXX.com, you should contact your hosting provider for instructions on how to fix it, as it is the IP block owner that controls reverse DNS records.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63
  • Thanks. I contacted my ISP, and they corrected the error. now our hostname and Ip adresse matching in reverse DNS. Great help, thanks. – Zhenyu Jul 08 '14 at 10:40