1

Recently, I installed iredmail on my VPS and configured DNS records (including ptr). It confirms nslookup:

 nslookup zelenin.top
Name:   zelenin.top
Address: 191.101.251.182
 nslookup -query=mx zelenin.top
zelenin.top mail exchanger = 5 mail.zelenin.top.
 nslookup 191.101.251.182
182.251.101.191.in-addr.arpa    name = mail.zelenin.top.

I also configure DKIM, SPF, DMARC and google-site-verification records. Then I connected to the VPS by mail client and tried to send mail to gmail. But it was not delivered, and I got an answer:

host gmail-smtp-in.l.google.com[2a00:1450:4013:c01::1a] said: 550-5.7.1
[2a00:7c80:0:58::1:600] The IP address sending this message does not
550-5.7.1 have a PTR record setup. As a policy, Gmail does not accept
messages 550-5.7.1 from IPs with missing PTR records. Please visit
550-5.7.1  https://support.google.com/mail/answer/81126#authentication for
more 550 5.7.1 information. m65si25883044wmd.98 - gsmtp (in reply to end of
DATA command)

I don not know what information may be helpful or what can cause this. Thank you.

Vladislav
  • 13
  • 1
  • 4

1 Answers1

3

There doesn't appear to exist any PTR record for the IP address your mail was sent from (according to the error message: 2a00:7c80:0:58::1:600).

$ dig -x 2a00:7c80:0:58::1:600

; <<>> DiG 9.10.3-P3-RedHat-9.10.3-10.P3.fc23 <<>> -x 2a00:7c80:0:58::1:600
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31932
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;0.0.6.0.1.0.0.0.0.0.0.0.0.0.0.0.8.5.0.0.0.0.0.0.0.8.c.7.0.0.a.2.ip6.arpa. IN PTR

;; AUTHORITY SECTION:
0.8.c.7.0.0.a.2.ip6.arpa. 3600  IN      SOA     ns1.worldstream.nl. hostmaster.worldstream.nl. 2016022000 10800 3600 604800 3600

;; Query time: 166 msec
;; SERVER: 139.162.131.5#53(139.162.131.5)
;; WHEN: Sun Feb 21 11:58:22 UTC 2016
;; MSG SIZE  rcvd: 166

$

(Particularly note the NXDOMAIN status and the only included data being a SOA record in authority section.)

Could it be that you have set up PTR records only for your IPv4 addresses and not IPv6?

Håkan Lindqvist
  • 35,011
  • 5
  • 69
  • 94
  • Thanks for fast answer. I do have several ipv6 addreses on my VPS, but i do not use them at all. There is no AAAA record, and the only mx record is pointing to my A ipv4 record. Is it possible, that postfix uses wrong ip for transferring email? And if so, can you please tell me, where should I change my config to avoid it? – Vladislav Feb 21 '16 at 12:18
  • @Vladislav Which address is the right address? `MX` records for your own domain have nothing to do with which address you use to *send* mail. If you have a dual-stack mail server I presume you would want to pick one IPv4 and one IPv6 address. – Håkan Lindqvist Feb 21 '16 at 12:21
  • Honestly, I am not sure, which type is my server, but I definitely can use an IPv6 address. So I just need to add an AAAA record and create PTR record for it? Thing is, i have 8 IPv6 addresses, so I need to add them all? Or does postfix uses just one? – Vladislav Feb 21 '16 at 12:28
  • @Vladislav It will use whichever address the host OS prefers for the destination (probably not changing unless you change the host configuration). You could force postfix to use specific addresses: http://serverfault.com/questions/92181/how-to-make-postfix-use-another-ip-address – Håkan Lindqvist Feb 21 '16 at 12:37