Configure outgoing mail on shared hosting - PTR, SPF, so it doesn't get bounced?

10 posts / 0 new
Last post
#1 Sat, 02/16/2013 - 03:04
rulez22

Configure outgoing mail on shared hosting - PTR, SPF, so it doesn't get bounced?

Is there a manual about how to configure outgoing mail on shared hosting (Centos) with multiple (totally different) domains on a single shared ip so it does not get bounced? I heard about PTR and SPF records.
What has to be done here and is it possible at all?
Can someone give a little example?
Thanks

Sat, 02/16/2013 - 10:02
tpnsolutions
tpnsolutions's picture

Hi,

PTR records are setup at the data center level, and basically offer "reverse lookup" for an IP address.

*** "forward lookup" (A Record) points a "domain to IP", where "reverse lookup" (PTR Record) points a "IP to domain". ***

If you're data center does not have a PTR record for an IP, just tell them to add one which will fix this part.

SPF records can be automatically created within Virtualmin upon the creation of a domain where email is enabled.

*** "sender policy framework" (SPF Record) is an e-mail validation system designed to prevent e-mail spam ***

DKIM records can be created though currently not automatically.

*** DomainKeys Identified Mail (DKIM Record) is a method for associating a domain name to an email message, thereby allowing a person, role, or organization to claim some responsibility for the message. ***

Hope this information helps :-)

Best Regards,
Peter Knowles
TPN Solutions

E: pknowles@tpnsolutions.com
P: 604-782-9342
W: http://www.tpnsolutions.com
Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Sat, 02/16/2013 - 10:22 (Reply to #2)
rulez22

well, but i am sort of that "Data Center" because I have full control over that Virtualmin server. I just have an ip address with many domain names on it. How do you do a PTR for a single IP when domains belong to completely separate companies? If you create a PTR record for one domain, the rest will be left out, isn't it and their mail will be bouncing back?

Sat, 02/16/2013 - 22:42
tpnsolutions
tpnsolutions's picture

Hi,

The party who "owns" (not to be confused with the party "using") the IP addresses (the "data center") is the one who controls the PTR record, unless they have specifically delegated this role to you, which is rarely the case.

Some data centers offer a control panel to facilitate the updating of the PTR record in their DNS zone (such is the case with ours), and others will adjust and/or create the record on request.

Email only requires that a when a reverse lookup on an IP is done it resolves to something.

example:
web3.tpnservers.com => 184.75.242.177
184.75.242.177 => 177-242-75-184.web3.tpnservers.com
Best Regards,
Peter Knowles
TPN Solutions

E: pknowles@tpnsolutions.com
P: 604-782-9342
W: http://www.tpnsolutions.com
Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Sat, 02/16/2013 - 23:50 (Reply to #4)
rulez22

that's getting clearer, thanks but what about if you have aaa.com, bbb.com, ccc.com... and many others and all those on one IP shared that means that only one PTR record per IP? that means mail cannot be done, because when you send mail from it it will be bounced by recipients because their servers will not match HELO/EHLO and PTR records? Am I right?

Sat, 02/16/2013 - 23:55
tpnsolutions
tpnsolutions's picture

Hi,

Yes, one PTR per IP address is correct. However, email does not require that PTR be setup on a per domain basis, just that it exists.

Best Regards,
Peter Knowles
TPN Solutions

E: pknowles@tpnsolutions.com
P: 604-782-9342
W: http://www.tpnsolutions.com
Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Sun, 02/17/2013 - 01:05 (Reply to #6)
rulez22

so how do people like godaddy do it? say one shared ip and thousands of domain names hosted there?

Sun, 02/17/2013 - 01:55
tpnsolutions
tpnsolutions's picture

Hi,

Like I mentioned, email only requires that the IP address be resolvable to a domain in general.

So as long as the IP address resolves to "A" domain, it meets the requirements.

*** my original example which illustrates how we have reverse lookup setup on our own servers (web3.tpnservers.com is a real server) ***

The only time PTR based issues exist with email is when the IP address does NOT have a reverse lookup (PTR) record assigned to it. Sometimes when an IP owner (data center) has an IP address which is not being used, they either delete or don't setup the PTR record. Sometimes even when they are being used by a client like yourself, they don't set the PTR record up unless you specifically ask. And finally, in most cases, the PTR record is generic to their service.

You can check if your IP address has a PTR record by simply running this command:

nslookup X.X.X.X.X

(where "X.X.X.X.X" is the IP address you want to lookup)

For testing, I welcome you to run the command:

nslookup 184.75.242.177

mine will echo something like:

Name: 177-242-75-184.web3.tpnservers.com
Address: 184.75.242.177

Then run against your own IP address, and if you see something similar then the PTR is in place, but if it shows an error, then you have something to talk to your data center about.

*** If you require further assistance, I am available most days via Skype using nickname "tpnsupport" ***

Best Regards,
Peter Knowles
TPN Solutions

E: pknowles@tpnsolutions.com
P: 604-782-9342
W: http://www.tpnsolutions.com
Best Regards,
Peter Knowles | TPN Solutions
Email: pknowles@tpnsolutions.com | Skype: tpnassist
Sun, 02/17/2013 - 22:51
andreychek

Howdy,

Just to underscore what tpnsolutions mentioned -- it's no problem that multiple domains share an IP address.

Mail servers aren't going to be comparing the PTR record to all the domains running on your server.

A few of the more strict ones may compare the PTR record to your server's hostname -- but that's the most you'll have to deal with.

To deal with those stricter systems -- my suggestion is to make sure that, whatever your hostname is set to, that the PTR record for your server's primary IP be set to that same hostname.

-Eric

Thu, 02/21/2013 - 06:04
rulez22

thank you for helpful information guys! one question - will reverse address such as "170.60.0.170.in-addr.arpa" be classified as normal? (first ip is reverse to the real one)

Topic locked