NethServer Version: 7.8.2003
Module: Email
Hello friends,
I have set up DKIM on my Nethserver and it looks like this will work. But when I want to check the status of my mail domain, I see a red warning at port 25 (exit code not zero) and a yellow triangle at IP (MX or IP not found).
Port 25 in my separate firewall is open and points to the NS.
Why is that? Enclosed a picture for a better understanding.
Thanks and Regards …
Uwe
Hi
I assume you have DNS registered for your mailserver’s IP.
But do you also have reverse lookup (DNS) registered?
Mailservers should have both forward and reverse lookup in DNS registered…
eg:
nslookup -query=mx mail.mydomain.com 123.45.67.89
nslookup -query=ptr 123.45.67.89 mx mail.mydomain.com
My 2 cents
Andy
Hi Andy,
DNS and reverse lookup is registered. The Tests vial MX Lookup Tool are okay. Can it be a problem to have two different FQDN for the Server. The Name of the Server is not the same like the HELO.
Hi Uwe
That could easily be the problem. Does the other domain report OK?
Most of these stuff is to try to reduce global spam.
No if you have a server called mail.mydomain.de and it sends mail, the recieving mail server detects that the helo does NOT contain the expected domain name mail.mydomain.de but reports itself vie EHLO as mail.otherdomain.com…
How much would you trust online banking if after you made a payment via your bank’s online site, but during logout it displays the goodbye from another (competitor’s) bank?
EG, you use DeutscheBank, do a payment, but at the end, the Kommerzbank site is displayed…
my 2 cents
Andy
Sorry Andy, there was a mistake in my last posting.
The domain name is the same.
Name of the Server: server01.domain1.com
HELO mail.domain1.com
mail.domain1.com is registered in reverse DNS and points to my static ip.
server01.domain01.com is not registered in reverse DNS, but points also to my static ip.
Then that’s not the issue, as the domain part of the name is important and that part is correct…
Some are very fussy about the EHLO bit, among them Apple, Gmail, Yahoo…
PS: What Domaincheck Tool are you using?
Ich benutze unter anderem oft:
http://multirbl.valli.org/lookup/
https://mxtoolbox.com/
https://www.kitterman.com/spf/validate.html
Gruss
Andy
Normaly i use mxtoolbox. But here i have a other testresult.
I deleted the first part of the domain name.
Regards
Uwe
And here the result of a test with kitterman.com
Input accepted, querying now…
Mail sent from this IP address: xxx.xxx.xxx.xxx
Mail from (Sender): xxx@domain-online.com
Mail checked using this SPF policy: v=spf1 mx -all
Results - PASS sender SPF authorized
Mail sent from this IP address: xxx.xxx.xxx.xxx
Mail Server HELO/EHLO identity: mail.domain-online.com
HELO/EHLO Results - none
Might be an odd question but does your ISP filter/block that port? Here in the states, Comcast for instance blocks port 25 on residential internet connections.
Hi Royce
We already did an external test with telnet to port 25, that is reachable, the NethServer responds correctly…
Here in Europe, a lot of providers also block port 25. (Under the assumption, this is a private home, there are NO mailservers here, ergo, this must be spam!
My 2 cents
Andy
Hi,
there’s nothing here with spam. I have a business line with five static IP’s Not one of them is on any blacklist.
Regards…
Uwe
Hi,
Mail has always worked. But the problem described above still exists.
Regards…
Uwe
My observations:
I enter in Dashboard with IP address:
And FQDN:
My DKIM, DMARC, SPF etc records work fine.
I send and recieved my email fine!
Sorry my ENglish…
