date:20240625

[Mailman-Users] Re: lots of bounces after server move

2024-06-25 Thread Carl Zwanzig




Just to be sure, I would try your host's name in one of the DNS/email 
test pages, such as https://mxtoolbox.com/emailhealth/ (there are others).



z!

--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: lots of bounces after server move

2024-06-25 Thread Jim Dory

On 6/25/24 09:13, Carl Zwanzig wrote:

Just to be sure, I would try your host's name in one of the DNS/email test pages, such as
https://mxtoolbox.com/emailhealth/ (there are others).

Thanks Carl, a very good resource.

I put in compute.nomekennelclub.com and it shows nomekennelclub.com in the
results.

I gave me several warnings. Zero Errors

1. DNS: Names servers on the same subnet

2. SMTP: Reverse DNS doesn't match SMTP Banner (The SMTP banner issued by your email server did not contain the hostname
we resolved for your server’s IP address.)

3. SMTP: Does not support TLS

4. SMTP: 15.209 seconds - Not good! on Transaction Time

Reading up on this, the transaction time can cause warnings for reverse DNS and or TLS support. I did add TLSv1.3 into
the Apache global config and rebuilt/restarted Apache, but still get that same warning.

As for #1 - name servers.. I don't think that is contributing to the mail
rejections.

#2 - Reverse DNS - I have PTR records set for both compute.nkc.com
(abbreviated) and nkc.com. So that could be a problem?

#3 - TLS - not sure what more I can do there

#4 - transaction time.. ? Not sure I have control over that.. but one thing I googled reported that one could "Introduce
a delay into the SMTP transaction for unknown hosts and messages detected as spam" in Exim. Don't know about that.

/jd

--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@jab.org

[Mailman-Users] Re: lots of bounces after server move

2024-06-25 Thread Dmitri Maziuk


On 6/25/24 12:51, Jim Dory wrote:


2. SMTP: Reverse DNS doesn't match SMTP Banner (The SMTP banner issued 
by your email server did not contain the hostname we resolved for your 
server’s IP address.)


#2 - Reverse DNS - I have PTR records set for both compute.nkc.com 
(abbreviated) and nkc.com. So that could be a problem?




DNS is Evil. A host should not have more than one PTR because if it 
does, it's not clear which PTR will be returned by the nameserver. Ditto 
for A record, becasue teh one PTR can only match one of those -- but 
with something like unbound that doesn't support CNAMEs, you won't have 
much choice. And if you do have CNAMEs, the client has to do extra work 
to find the A and match it to the PTR -- if it cares.


I'm guessing they are flagging it because it *should* be playing nice 
and sending its A hostname that has a corresp. (one) PTR record, in the 
SMTP banner.


Dima

--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: lots of bounces after server move

2024-06-25 Thread Carl Zwanzig


On 6/25/2024 10:51 AM, Jim Dory wrote:
2. SMTP: Reverse DNS doesn't match SMTP Banner (The SMTP banner issued 
by your email server did not contain the hostname we resolved for your 
server’s IP address.)


That itself is suspicious (to a receiving MTA). And as Dmitri pointed 
out, multiple PTR records is also a problem.


Remember that many email systems look for "circular resolution" where 
eventually an A's address matches a PTR's name.


Example:
lists.x.com -> smtp.x.com  (CNAME)
smtp.x.com -> 1.2.3.4 (A)
1.2.3.4 -> mail.p.com (PTR)
mail.p.com -> 1.2.3.4 (A)
("equilibrium has been reached")

If 1.2.3.4 resolves to both mail.x.com and maybe mailhost.x.com (which 
might not have a matching A record), sometimes the magic smoke will come 
out :).


z!

--
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
   https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@mail-archive.com

[Mailman-Users] Re: lots of bounces after server move

[Mailman-Users] Re: lots of bounces after server move

[Mailman-Users] Re: lots of bounces after server move

[Mailman-Users] Re: lots of bounces after server move

4 matches

Site Navigation

Mail list logo

Footer information