Server mail NS8

Support
,
1

How are you all doing, brothers? I hope you’re well. I’m working at half speed due to my health, but I’m still struggling. Yesterday I was configuring NetServer 8 on Hyper-V for the mail server, but the ISP doesn’t know what PTR is or how to configure it. Apparently, I have a video call with them tomorrow to discuss this. If you could tell me all the steps to validate my configuration, I’d appreciate it, since I didn’t follow a tutorial but relied on my own knowledge and testing.

Additionally, there’s a web server running Debian on the Hyper-V host, and I’m having a conflict with ports 80 and 443 on the MikroTik. I’m trying to figure out how to resolve this without affecting the web server.

2

Hello,

Before discussing PTR records with your ISP, let’s first verify that the DNS configuration is correct. From a Linux shell, replace the examples below with your actual mail server hostname, domain, and public IP address.

Check that the mail server hostname resolves to the public IP:

dig +short mail.example.com A

The output should be your public static IP address.

Check that the reverse DNS (PTR) points back to the mail server hostname:

dig +short -x 203.0.113.10 PTR

The output should be:

mail.example.com.

Check the MX records for each mail domain handled by NS8:

dig +short example.com MX

The output should contain your mail server hostname.

Check the SPF record:

dig +short example.com TXT

Look for a record similar to:

"v=spf1 mx -all"

Check the DKIM record generated by the Mail application. The selector name can be found in the Mail UI:

dig +short mail._domainkey.example.com TXT

Check the DMARC record:

dig +short _dmarc.example.com TXT

Once you have verified these records, please share the output (masking any sensitive information if needed).

Regarding the Hyper-V setup, if the Debian web server and NS8 Mail are both behind the same public IP, you cannot forward ports 80 and 443 from the MikroTik to two different servers at the same time.

A few questions:

  • Is the Debian web server hosting public websites?
  • Is NS8 only being used for Mail?
  • Are both servers using the same public IP address?

If NS8 is only handling email, it usually requires SMTP ports (25, 465, 587, 993, etc.). However, Let’s Encrypt certificate validation and webmail access may still require ports 80 and/or 443, depending on your setup.

Please provide a network diagram or a description of the current port forwarding rules on the MikroTik and we can suggest the most suitable solution.

Thanks in advance, and good luck with the ISP call tomorrow. The key point to explain is that the PTR record must resolve your public IP address back to the same mail server hostname used by the SMTP server during mail delivery.

2 Likes
3

Thanks bro

4

The ISPs here are insane; they have no clue what I’m talking about. They told me yesterday they’d escalate it to an international department, and they’re being told it’s just a matter of setting up a reverse DNS in the address zone, pointing to my host. That’s all. They don’t even know what a PTR or pointer is. Anyway, all the DNS records were done with Namecheap, where they bought the domain and SSL.

Nethserver is already using the provider’s SSL, and I’m thinking of using a Smarthost relay to run the server while I sort out the PTR with the ISP. But I don’t know which are better. Another option would be a VPS and setting up Nethserver there. The point is, I want to keep it local here. But I’m working with my bare hands.

I want to set up netserver outside of hyper-v on a powerful but refurbished PC, but I’m tired of constantly giving them quotes.