I did a howto about all smtp policies you must have with your email server if you want that your emails have a chance to be delivered to the other email platforms (such as gmail, orange, Microsoft…) and not rejected or tagged as spam.
I talk about reverse dns (rdns), sender policy framework (spf), DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting & Conformance (DMARC).
Of course all of this is not needed if you have configured a smarthost to send your email, but I have had the case that my email was rejected by a SURBL blacklist because the smtp of my provider was considered as a spam sender…and you can do nothing except changing your smarthost. Hence the interest to send yourself your email.
Great summary, really useful even outside nethserver. Thanks.
For completeness, but it is already written in the official doc, I’d add that postfix has to send the server’s FQDN along with the HELO command when connecting to another MTA.
@stephdl
Congratulations that you are hired by Nethesis as developer. I saw many very good posts, so this will be also very good for Nethesis and the community!
I read your 'How to get rid smarthost. A few days ago I did almost the same as some of my mails got marked as spam, even though I have fixed IP-address and have no grey- or blacklisting on this address.
First I put a PTR record in DNS.
After that I put SPF-settings “v=spf1 a mx -all” in a TXT record in DNS.
At last I installed openDKIM according to this blog: https://blog.ceae.info/how-to-install-dkim-with-opendkim-and-postfix-on-a-centos-7/
The lines appended to /etc/postfix/main.cf have to be hardcoded every time the config changes. I don’t know how to change the Nethserver-templates to make this hardcoded changing unneccessary?
I tested my setup by sending a mail to test@allboutspam.com and according to the report all settings are marked OK (green) except the BATV (Bounce Address Tag Validation) Check as I dare not install this on a working mail-server. I don’t know how replies to existing mails (that don’t have the tag) will be handled: will they be rejected as spam or do they get passed?
Now my mails aren’t marked as spam anymore, so for the time being this worked!
New version, I tried to dive up a bit and also to cover generic mandatory dns records you must create after you installed your server mail, the easy part with nethserver
So, for clarification on reverse DNS: The neth server has a hostname of neth.domain1.tld, and handles mail for domain1.tld, domain2.tld, and domain3.tld. Does it matter what the rDNS record says? i.e., whether it points the IP to neth.domain1.tld, or simply to domain1.tld?