I have set up DKIM on my Nethserver and it looks like this will work. But when I want to check the status of my mail domain, I see a red warning at port 25 (exit code not zero) and a yellow triangle at IP (MX or IP not found).
Port 25 in my separate firewall is open and points to the NS.
Why is that? Enclosed a picture for a better understanding.
DNS and reverse lookup is registered. The Tests vial MX Lookup Tool are okay. Can it be a problem to have two different FQDN for the Server. The Name of the Server is not the same like the HELO.
That could easily be the problem. Does the other domain report OK?
Most of these stuff is to try to reduce global spam.
No if you have a server called mail.mydomain.de and it sends mail, the recieving mail server detects that the helo does NOT contain the expected domain name mail.mydomain.de but reports itself vie EHLO as mail.otherdomain.com…
How much would you trust online banking if after you made a payment via your bank’s online site, but during logout it displays the goodbye from another (competitor’s) bank?
EG, you use DeutscheBank, do a payment, but at the end, the Kommerzbank site is displayed…
Sorry Andy, there was a mistake in my last posting.
The domain name is the same.
Name of the Server: server01.domain1.com
HELO mail.domain1.com mail.domain1.com is registered in reverse DNS and points to my static ip. server01.domain01.com is not registered in reverse DNS, but points also to my static ip.
Mail sent from this IP address: xxx.xxx.xxx.xxx
Mail from (Sender): xxx@domain-online.com
Mail checked using this SPF policy: v=spf1 mx -all
Results - PASS sender SPF authorized
Mail sent from this IP address: xxx.xxx.xxx.xxx
Mail Server HELO/EHLO identity: mail.domain-online.com
Might be an odd question but does your ISP filter/block that port? Here in the states, Comcast for instance blocks port 25 on residential internet connections.
We already did an external test with telnet to port 25, that is reachable, the NethServer responds correctly…
Here in Europe, a lot of providers also block port 25. (Under the assumption, this is a private home, there are NO mailservers here, ergo, this must be spam!