Set up reverse DNS for virtual mail hosting

Similar Messages

• Set up secondary DNS for mail?

  When I first configured my server using the advance setup, I successfully setup my DNS services using a domain name for the primary zone that is not a registered domain. I have no intention of ever using the domain name I use internally on the net.
  I usually host my mail services with third-party hosting company and just use my server for file and print services. However, I recently purchased a new domain name and have considered using the mail services to host the domain. My question is:
  Do I need to setup a secondary zone for this domain, or should I start over and reconfigure my server? I had read that once you configure your primary DNS, it is hard to go back and reconfigure it.
  Also, once I have the DNS properly configured, it is my understanding that I'll just need to point the MX records at my hosting company towards my server to make it work, correct?

  If you're just looking for mail then there's no need to start from scratch - you can just tell the mail server to accept mail for your new domain in addition to the existing domain.
  Before you do this, though, make sure you have a) a static IP address and b) working reverse DNS for your IP address. If you don't have this then remote mail servers may not accept your mail since you look like a spammer.
  Apart from that, once you setup postfix to accept mail for your new domain then, yes, all you need to do is change your MX records.

• Virtual mail hosts: 255 character limit on SPF records

  This one was a surprise to me, and caused a lot of headache, so I thought I'd pass it along.
  I'm running multiple virtual mail hosts off of my doughty PowerMac single G5 1.8GHz running OS X Server 10.4.11. Some of the outgoing mail was being bounced as spam because a) there wasn't an SPF record on any of the domains and b) the domain of the mailserver didn't always match the domain of the sender. (Most often, it went out under the hostname of the server, cerberus.limbo.jcf.org—which is useless, since that's a LAN address.)
  Trying to be a good citizen (and make sure that all of everyone's mail got through), I added SPF records that explicitly named each and every mailserver on the machine, just so that everything was clear and aboveboard—but they ended up being about 500 characters long.
  Fastforward a week or two... and I was having problems with my DNS zones loading—I'd get errors that they'd timed out. After pulling my hair out for a while, I discovered that TXT records have a limit of 255 characters (including spaces, etc.) Some folks running servers on non-OS X Server machines have split the records over multiple TXT records (does that even work?), but you get exactly one TXT record per OS X Server machine: the Comment box.
  I've now simplified the SPF records so that they read something like this:
  +v=spf1 a mx mx:cerberus.limbo.jcf.org mx:cerberus.jcf.org mx:jcf.org ip:173.164.140.96/30 ip:207.58.140.213/30 include:comcast.businessclass.net include:comcast.com -all+
  To translate:
  • +v=spf1 a mx+ It authorizes deliveries from any IP listed in the DNS zone, and from any mailserver defined in the zone
  • +mx:cerberus.limbo.jcf.org mx:cerberus.jcf.org mx:jcf.org+ It also explicitly authorizes deliveries from the server's main LAN and internet DNS names as well as the domain of the foundation for which I work (and through which emails are occasionally relayed)
  • +ip:173.164.140.96/30 ip:207.58.140.213/30+ Next it authorizes the public static IP blocks for the server and the foundation's remote server
  • +include:comcast.businessclass.net include:comcast.com+ Finally it includes the domain names of the ISP through which most of the mail are relayed
  • -all The last item says that if the mail didn't originate from one of those addresses, it isn't ours.
  (I think that I've got that right. If I've botched it anywhere, let me know, okay?)
  That's 169 characters. The DNS zones loaded happily, and the mail seems to be going out without getting bounced. So far so good!
  (There's probably a way to get the hostname on each email to match the domain from which it is being addressed, but I haven't gotten there yet.)
  Message was edited by: David Kudler

  Most often, it went out under the hostname of the server, cerberus.limbo.jcf.org—which is useless, since that's a LAN address.
  You can control this via the myhostname setting in Postfix. This defines the name it uses to identify itself to remote mail servers, which sounds like it'll address a lot of your issues.
  I added SPF records that explicitly named each and every mailserver on the machine, just so that everything was clear and aboveboard—but they ended up being about 500 characters long.
  OK, this doesn't make sense. You don't need to list every virtual hostname for every domain.
  All you need to do is add this specific mail server's address in each domain.
  There's no requirement that the hostname of the mail server matches the domain name, so it's entirely valid to create an SPF record in domain1.com that lists mailserver.someotherdomain.com as authoritative. Then, as long as postfix's myhostname says it's mailserver.someotherdomain.com and your reverse DNS resolves to that address your problem is solved.
  ...but you get exactly one TXT record per OS X Server machine: the Comment box.
  Unless you edit your zone file directly and add whatever other records you like. However, given the above, I don't think the 255-character limit should be an issue.
  Even if you didn't want to mess with your zone files directly there's still a way around that - SPF allows for an 'include' record which basically tells remote servers to include the record from some other domain, so for each domain you could just tell it to include some other domain's record (which, in turn, could include another domain) allowing virtually unlimited record length (or, at least, 255 characters per domain you manage).
  SPF Includes are covered here.
  • include:comcast.businessclass.net include:comcast.com Finally it includes the domain names of the ISP through which most of the mail are relayed
  Bzzzz. You've now allowed any other customer of comcastbusiness.net and comcast.com to send mail on your behalf. You probably don't want to do that. When you consider that 'comcast.com' includes every one of their residential customers you can see that you really don't want to do that.

• Setting apache reverse proxy for EP6SP2

  Hi friends,
  I want to set apache reverse proxy for EP6SP2. But after doing the following changes, it is showing the SAP J2EE Engine documentation page.
  The following changes has been dont to httpd.conf:
  NameVirtualHost 1.1.1.1:80
  <VirtualHost 1.1.1.1:80>
    ProxyRequests Off
    ServerName ep6.xyz.com
    ProxyPreserveHost On
    proxyPass        /  http://ep6.xyz.com:50000/
    proxyPassReverse /  http://ep6.xyz.com:50000/
    ErrorLog logs/base.80.error.log
    CustomLog logs/base.80.custom.log common
  </VirtualHost>
  Help needed.
  Regards,
  Nilz

  Hi,
  I have a problem with my proxy:
  ssl.conf.in like
  ProxyPass /irj http://debmsu06.server.###.de:50300/irj
  ProxyPassReverse /irj http://debmsu06.server.###.de:50300/irj
  RewriteRule ^/$ /irj/portal [R]
  If I use URL:
  https://bebuyer.###.de/ goto https://bebuyer.###.de/irj/portal
  but if I use
  https://bebuyer.###.de/irj/
  I get the info:
  https://bebuyer.###.de/irj/HTTPS:/bebuyer.###.de:443/irj/index.html
  What is happened? How I can redirect to /irj/portal?
  Of course I can use
  http://debmsu06.server.###.de:50300/irj/
  Could you please give me some tips?
  Best Thanks!
  Heren Zhou

• Setting up reverse DNS

  I've run my own DNS for some years under OS X Server, but in the past couple of months have had a real problem with mail from my domain to AOL and other domains bouncing since my reverse DNS was handled by AT&T, which returned one of those "consumer"-type adsl-whatever zone names instead of my zone name, neko.com. AT&T has now delegated reverse zone lookups to my server.
  My IP block extends from 71.158.134.193 through 71.158.134.222. Neko.com is 71.158.134.213.
  I've used Server Admin to set up the reverse zone file, which it created and named "134.158.71.in-addr.arpa." Reverse lookups, i.e. "dig -x 71.158.134.213" don't work; AT&T insists the reverse zone file should be called "192.134.158.71.in-addr.arpa".
  Of course renaming the file doesn't work since that's not the file name in named.conf. But I don't see any way to specify an IP range or net mask in Server Admin; it's as though it can't handle anything less than a full class C domain.
  Any hints?
  G5 Quad   Mac OS X (10.4.7)  

  The reverse zone file should be called:
  /private/var/named/hosts/masters/134.158.71.in-addr.arpa-hosts
  and inside that file you should have something like this:
  @ 1D IN SOA dns.neko.com. hostmaster.neko.com. 2007071905 8H 2H 1W 2H
  @ IN NS dns.neko.com.
  @ IN NS ns1.neko.com.
  213 IN PTR neko.com.
  Explanation: "dns.neko.com" would be your primary dns server.
  "ns1.neko.com" would be your secondary dns server.
  "hostmaster.neko.com" would be your hostmaster email address ([email protected]).
  NOTE: all domains end in period (ie, there is a '.' after every 'com') - that is not a typo!
  NOTE: use a period for the 'at' sign in you hostmaster email address - do NOT use @ there - that is also not a typo!
  some good resources:
  http://www.menandmice.com/knowledgehub/dnsqa/49
  http://www.menandmice.com/knowledgehub/dnsqa/56
  The AT&T people are confused. You have to cut them some slack though, they're too busy playing with their new iPhones to know what they're talking about.

• What to consider for setting up the iPad for POP mail?

  Hi to All,
  I would like to write a setup manual for setting up iPad on free web hosting account. I am currently using host1free.com, but I guess it is the same thing for every web hosting (setting up the email). So my questions would be:
  1. What steps in iPad I need to follow to setup for POP account.
  2. Is any wizard in iPad to setup POP mail account?
  Thank you.
  Message was edited by: Hathor5

  Welcome to Apple Discussions!
  Ask the company providing you internet juice to get online. If it is Comcast, it typically is smtp.comcast.net or mail.comcast.net. If it is Verizon, it is outgoing.verizon.net. If it is someone else it is some SMTP server that is assigned by the company that you pay your bills to get online with.

• Looking for Apple Mail hosting solution ...

  All,
  Not sure if this is the best place to post this, but I am looking for a good e-mail hosting company that knows how to deal with Mac users. I have a small consultancy with 5 people and we all use Mac's. I guess anyone can offer standards-based IMAP hosting, but a bonus would be to have a hosting company that could handle WebDav iCal calendar syncing.
  Some have suggested MobileMe, but I don't thing that works for small businesses ... right?
  Other suggestions?

  IMHO WD exteral HD's have the highest failure rate, the drives themselves are fine it is the enclosures WD uses. Many experienced users on these forums (including myself) only use OWC Mercury Elite Pro series. Extremely high quality and reasonable pricing. You can find them by clicking Here .

• Set up ?s for aol mail on Macbook Pro OS X

  My inbox doesn't populate - can someone review settings for aol mail account? 

  Search!!!
  http://lmgtfy.com/?q=setup+aol+mail+on+mac

• Setting up email accounts for virtual domains....

  Hello,
  I am bringing my email hosting in-house and am having problems getting it to work. I follow the documentation as best I can and am ending up with the inability to log into the account with my email client.
  I can send emails the the account without any bounce back, and my email client (Apple Mail) can find the server, but my login is failing.
  I can also ping the domain and it is resolving to the correct IP.
  I've :
  - enabled virtual domains
  - added the domain
  - added a user with the a shortname of [email protected]
  - given the user access to the mail service in server admin.
  My client is setup as:
  username: [email protected]
  passwork: ****
  incoming server: mail.virtualdomain.com
  My hunch is that I am not correctly setting up the user and/or their permissions.
  Any help would be appreciated.
  cheers,
  jr

  Thanks for the pointer.
  the mailaccess.log is empty and the ApplePassword* has no references to mail access attempts.
  Although I am not sure what needs to be fixed, it does seem to indicate that the server isn't responding to login attempts.
  The mail client is Apple mail.
  In addition, the test messages I sent did actually get bounced back, it just tool several hours.
  The additional test that I ran was turning off the mail services from the server preferences. This resulted in the client not being able to find the server at all.
  So, it's not completely messed up, but appears to be misconfigured.
  cheers,
  jr

• Setting up reverse telnet for 1900 witch access

  Hey all - I set up a lab to mess around with at home. The switch is an ancient dinosaur, but still it gives me something to mess with.
  Does the 1900 xswitch support a reverse telnet port? Anything I need to be aware of in configuring the line? I can telnet to the management port on the switch. I can attach a console cable and connect to the console port. I tried setting up a 2509 router with an Octal cable for access. It works for reverse telnet to my other Cisco routers, but I get "% Connection refused by remote host" when I try reverse telnet to the switch.
  Help!

  Thanks for the info. I verified the line:
  Swi1900-A#sh line
  RS-232 configuration:
  9600 baud, 8 data bits, 1 stop bits, None parity
  Autobaud: Enabled
  Modem dialin: Enabled
  Idle time-out: 0
  Modem Init String:
  Silent time: 0
  Password Threshold: 3
  I know on the routers I needed to configure login. I don't see that option when configuring console on the 1900.
  1900 line options:
  Swi1900-A(config)#line cons
  Swi1900-A(config-line)#?
  Line configuration commands:
  autobaud Match remote baud-rate
  databits Set number of data bits per character
  exit Exit from line configuration mode
  help Description of the interactive help system
  modem Configure the modem control lines
  no Negate a command or set its defaults
  parity Set terminal parity
  password-thresh Configure the maximum password threshold
  silent-time Configure the silent time on login intrusion
  speed Set transmit and receive speeds
  stopbits Set asynch line stop bits
  time-out Configure the line idle time-out period
  The switch is running pretty ancient IOS. Do you know off-hand if I would need to configure login on the console port, and if that option is available on more recent IOS? I'm running:
  Cisco Catalyst 1900/2820 Enterprise Edition Software
  Version V9.00.05
  Copyright (c) Cisco Systems, Inc. 1993-1999
  Swi1900-A uptime is 1day(s) 08hour(s) 45minute(s) 07second(s)
  cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memory
  Hardware board revision is 5
  Upgrade Status: No upgrade currently in progress.
  Config File Status: No configuration upload/download is in progress
  15 Fixed Ethernet/IEEE 802.3 interface(s)
  Base Ethernet Address: 00-04-27-A8-3E-80

• How do I set the same DNS for both Extreme and Express?

  I have an Airport Express that is configured to extend the network created and routed through my AirPort Extreme. However, when I connect to the network from the room where the Extreme is, I need to have the automatic DNS in place in order to connect. If, later, I want to connect to the same network from another room through the Express that is extending it, I must replace the automatic DNS with 4.2.2.4 or there is no internet connection. I was wondering if anybody could walk me through properly configuring the devices to avoid having to change DNS when I move elsewhere in the house that is not directly covered by the Extreme main base. I am only experiencing these issues with my iPads, by the way. hank you.

  No need to manually set DNS on any of the extending devices.....that is handled automatically during the setup.
  The real issue here is not DNS.....it is that iOS devices like the iPhone and iPad do not usually switch wireless access points automatically when there are multiple devices delivering a wireless signal.
  The iOS devices tend to connect to the first wireless router that they see.....and if you move the iOS device near another wireless access point that has a much better signal......the iOS device will stubbornly try to hold onto the original wireless access point.
  Not much that you can do about that.....nature of beast with iOS devices due to their much simpler operating systems and antenna.
  If you want to move the iPhone or iPad to another area, try turning off Wi-Fi on the device, then move it to the other area near another access point, wait a minute or two, and then turn WiFi back on.  That will usually force the iOS device to pick up the signal from the closer AirPort access point.
  By contrast, a Mac computer will automatically switch wireless access points as you "walk" it through the house to pick up the access point with the strongest signal. That is the way that iOS should work as well, but we'll have to wait to see if Apple ever delivers on this.
  Lately....maybe due to an update....my iPhone will sometimes switch to a closer access point after a few minutes.  My MacBook Pro switches quickly and automatically as soon as it moves closer to another wireless access point as I walk it down the hall.

• Mail&Exchange, where can i set the sync period for mails?

  Hello everybody!
  Where can i set the sync period for my mails with an exchange account? At the moment, i can only see the mails since january, i need to see all of my mails since 2010...
  Thanks!
  Greets
  Jan

  first you make a bookmark for WINDOWS LIFE MAIL:
  https://support.mozilla.com/en-US/kb/how-do-i-use-bookmarks#w_how-do-i-create-a-bookmark
  then you can make a shortcut of it(drag it) where you want it:
  https://support.mozilla.com/en-US/kb/Sorting%20bookmarks#w_rearranging-manually
  add bookmark to toolbar:
  http://support.mozilla.com/en-US/kb/Bookmarks%20Toolbar#w_add-bookmarks-to-the-bookmarks-toolbar
  thank you
  Please mark "Solved" the answer that really solve the problem, to help others with a similar problem.

• Warning - Reverse DNS does not match SMTP Banner

  I have a installed in exchange server 2013 in the Home network. Everything looks fine. But Reserve DNS was not setup properly.  Reverse DNS is not matching with my domain. "Reverse
  DNS does not contain the hostname" when I checked in MXToolBox.com 
  I have configured FQDN on port 25 to mail.xxxxx.com. I don't know what else need to configure as Iam new to exchange. 
  Can some give me some steps to do this?
  ItsMeSri SP 2013 Foundation

  Reverse DNS (aka PTR record) is something set at your ISP level, not on your Exchange server. If you have a static IP from your provider you should be able to contact them (or log into the ISP's portal) to change the reverse DNS. If you have a dynamic IP
  (meaning you didn't pay extra for a static) you will be unable to set your reverse DNS.
  The implication's of not having a matching reverse DNS is that many email providers will not allow you to send them email (ex. aol.com, hotmail.com). I am actually in the same boat (on a dynamic IP) but I set up my Exchange to send all my email through a
  spam filter service. If you send through a reputable spam filter you should have no issues sending to any email providers (even though reverse DNS checks will still fail). 

• DNS for multi-site same server scenario

  I setting up the DNS for a multi-site server, I understand that the second (and subsequent) site needs to be an alias of the first.
  I have tried setting up the DNS entires as aliases (CNAME) as well as A records to no avail.
  I am sure that it is me, but what am I missing?
  I am unable to access these sites locally so I am positive that no on can access the site outside of the firewall.
  Thank you!

  There's not much detail there to go on...
  In general, yes, you should create one A record for the host, e.g.:
  webserver.domain1.com. IN A 192.168.1.2
  Then other domains should, ideally, point to this via a CNAME:
  www.domain2.com. IN CNAME webserver.domain1.com.
  Technically, it's OK to have additional A records pointing to the same IP, it just makes it a little harder to keep track of, and changing server addresses is a PITA (there's only one place to change it when using CNAMEs).
  As to what your issue is, there's no way of knowing without seeing your domain records and the name server logs. bind is pretty good about logging errors and often provides a good clue when things are amiss. If I had to hazard a guess, though, I'd say you missed a trailing . on the CNAME records, but that's largely a shot in the dark without more information.

• Missing any Reverse details for new Primary Zone

  Evening,
  Following a successful install and update, I set about configuring DNS for local functionality as per numerous Leopard Server installations.
  Please note no network cable was attached during install and no network details were configured during install.
  While configuring the initial Primary Zone I noticed no Reverse Pointer setting and therefore no ns IP to input.
  Is this simply an install problem or am I missing something? I've followed the excellent advise of Antonio Rocca (http://discussions.apple.com/thread.jspa?threadID=1251475&tstart=0)for all my DNS issues in the past, but I'll admit I'm initially a bit thrown.
  Thanks
  Steve

  It seems, unlike 10.5 the server could not be installed without an 'active' ethernet connection providing basic DHCP information.
  This enabled DNS to be autoconfigured during the set up and provided the previously missing ability to edit the server IP. We did use an already fixed address from the other DHCP source on the network and the address was 'manually' configured in System Preferences.
  The DNS service was then already running when Server Admin was started.
  Onward.