Want more timely Centmin Mod News Updates?
Become a Member

DNS Email GMAIL won't accept ANY emails from my server IP6 rDNS PTR issue?

Discussion in 'Domains, DNS, Email & SSL Certificates' started by johnnyc, Mar 17, 2017.

  1. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    Hi guys, I've been struggling with this problem for 3 days now, I need help.

    I have rDNS and PTR setup on my VPS host solus working properly, I have my SPF TXT records in the DNS, I run checks on ANY and EVERY single DNS / rDNS website out there, I have GREEN lights down the board.

    Yet GMAIL is EXTREMELY STUBBORN.

    ----- Transcript of session follows -----
    ... while talking to gmail-smtp-in.l.google.com.:
    >>> DATA
    <<< 550-5.7.1 [MYIP6IPADDRESSDISPLAYED HERE] Our system has detected that this message does
    <<< 550-5.7.1 not meet IPv6 sending guidelines regarding PTR records and
    <<< 550-5.7.1 authentication. Please review
    <<< 550-5.7.1 Bulk Senders Guidelines - Gmail Help for more information
    <<< 550 5.7.1 . d197si2224691oib.74 - gsmtp
    554 5.0.0 Service unavailable


    How do I fix this regarding IP6 and PTR ??
     
  2. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    So:

    Server is called:

    Server1.CYBERDOMAIN.NET (HOSTNAME) (created nsd. zone named cyberdomain.net), wildcard * server1 A added. Example .zone file below:

    So far, does this look right or wrong?

    I can't figure out WHY I'm getting this 550-5-7.1 gmail error response, IP6 PTR reverse entry not authenticated.... My upstream DID set my IP4 and IP6 rDNS correctly to Server1.cyberdomain.net


    Do I need to edit /etc/hosts and add the IP6 in there somewhere?

    IP4 DOES show verified rDNS, but ip6 shows could be forged, server1.cyberdomain.net does not exist,..... Yes it does exist...
     
  3. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
    So you locally hosting your DNS via NSD I assume ? You'd be on your own for locally hosted NSD DNS, it's why I recommend 3rd party DNS management as you get tech support :)

    from IPv6 to PTR Record Reverse DNS v6
    Code (Text):
    e.0.1.d.f.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.1.0.0.5.c.f.f.2.0.8.2.ip6.arpa. 14400 IN PTR cyberdomain.net.
    


    your nameservers aren't valid either intoDNS: cyberdomain.net - check DNS server and mail server health

     
  4. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    I replaced my domain with cyberdomain.net, that's why. I didn't share the actual public domain, if you want an example of one real domain, onlythebestofhouston dot com and server1.cyberanonymous dot net

    God damn this is frustrating as shit. A week later I still can't figure this out. Emails send OKAY to YAHOO.com, or if I Send emails to ANOTHER one of my servers NAME@MYOTHERSERVERDOMAIN.COM, then it will forward to my Gmail properly, but if I try to send DIRECTLY from THE SERVER to GMAIL, it NEVER goes through. And I don't even see any messages in some of my VPS logs. I have this problem on ALL 10 of my VPS servers running Centmin and Sendmail ( I hate postfix personally postfix never got along with me).

    I have a server that I try to update my blogger with once a day on auto pilot using the secret email, and that won't work either because blogger is gmail servers!!


    Has anyone else experienced this with Gmail lately? Yahoo accepts my emails no problem, just gmail is f^ckeD UP!
    I just started having this problem in super LATE 2016 early 2017. The 10 VPS I have are spread out over 3-4 different hosts so I've even checked to make sure not a host problem or IP problem, IP's are not blacklisted, rDNS is in place.

    Here's another example on an additional server i'm trying to figure out how to fix the emails to gmail.

    This was a queued email inside my /var/spool/mqueue: It disappeared after a few minutes, but sometimes it remains indefinitely until I delete it.

    This is a test to check the PHP Mail functionality
    V8
    T1490378464
    K0
    N0
    P30446
    Fbs
    $_localhost.localdomain [127.0.0.1]
    $rESMTP
    $sserver0.cyberanonymous.net
    ${daemon_flags}
    ${if_addr}127.0.0.1
    S<nginx@server0.cyberanonymous.net>
    rRFC822; MYGMAILACCOUNT@gmail.com
    RPFD:<MYGMAILACCOUNT@gmail.com>
    H?P?Return-Path: <?g>
    H??Received: from server0.cyberanonymous.net (localhost.localdomain [127.0.0.1])
    by server0.cyberanonymous.net (8.14.4/8.14.4) with ESMTP id v2OI148Q031694
    for <MYGMAILACCOUNT@gmail.com>; Fri, 24 Mar 2017 13:01:04 -0500
    H??Received: (from nginx@localhost)
    by server0.cyberanonymous.net (8.14.4/8.14.4/Submit) id v2OI14h5031693;
    Fri, 24 Mar 2017 13:01:04 -0500
    H??Date: Fri, 24 Mar 2017 13:01:04 -0500
    H??Message-Id: <201703241801.v2OI14h5031693@server0.cyberanonymous.net>
    H??To: MYGMAILACCOUNT@gmail.com
    H??Subject: PHP Mail Test script
    H??X-PHP-Originating-Script: 0:test_email.php



    Thanks in advance.
     
  5. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
    So you manually removed postfix from Centmin Mod default installs and switched to Sendmail ? Tried with Centmin Mod default installed/configured Postfix ? I have 120+ Centmin Mod powered servers without issues as long as you follow all steps outlined for setup of SPF, DKIM, DMARC and PTR (ipv4 and if application ipv6) DNS records at https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/ and Getting Started Guide step 1 & 8 which applies to main hostname of Centmin Mod server as well as domains. So if main hostname setup in Step 1 of Getting Started Guide is host.domain.com and domain is domain.com, you need the relevant DNS records for both.

    Not having proper PTR DNS records is one of the easiest ways to have Gmail dump your emails into their spam box.
     
  6. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    I wish the emails would even MAKE it to the Spam box.

    They don't even make it to the spam box at all.

    I didn't uninstall postfix I believe... I remember installing sendmail like this:


    yum install sendmail*
    -Y

    Then after it's installed, I would go to the /etc/mail/ folder and I would nano -w / manually add my full list of domains to : domaintable and local-host-names, then i would add wildcard's to the virtusertable:

    @mydomain.com MYGMAILACCCOUNT@GMAIL.COM


    then I would edit sendmail.mc and put a "dnl #" in front of

    DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl

    then i would recompile sendmail and restart it, and then emails would be forwarded WILDCARED from all my domains to my Gmail account.

    This USED to work FLAWLESSLY.

    It's only recently (past few months (Late 2016 to EARLY 2017) it stopped working 100% and I can't figure out why.

    Inbound emails are still forwarded properly (as far as I can tell), but OUTBOUND emails originating from THE SAME SERVER, never make it to GMAIL specifically. and I don't see any more 550.7.1 ptr errors now either.
     
  7. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
  8. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    Here's a test email script I'm running.

    Emails don't make it at all to Gmail, not spam, not trash folder.

    Emails make it to Yahoo SPAM folder 97% of the time.
    Emails also DO make it to MYDOMAIN@MYDOMAIN.COM on a SECOND(different server)

    I'm trying to run sending to the mail-tester.com , with my return email address (assuming for the result report).

    <?php
    ini_set( 'display_errors', 1 );
    error_reporting( E_ALL );
    $from = "MYGMAILADDRESS@GMAIL.COM";
    $to = "web-1a0xv@mail-tester.com";
    $subject = "PHP Mail Test script";
    $message = "This is a test to check the PHP Mail functionality";
    $headers = "From:" . $from;
    mail($to,$subject,$message, $headers);
    echo "$from sent Test email sent to $to";
    ?>

    I just ran it 4 minutes ago, I don't see any report yet. Am I correct in the QUEUED emails TO BE SENT are in the /var/spool/mqueue folder ?
     
  9. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
    It is Sendmail: Clear / Delete / Flush Mail Queue but I'm not going to be troubleshooting Sendmail - that's something you'd have to figure out.

    but so you're testing where the from email address is from Gmail and not your server default ? i.e. root@host.domain.com when you test via SSH command line below
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" web-1a0xv@mail-tester.com
    

    or
    Code (Text):
    echo "mail-test" | mail -s "mail-tester" your@gmail.com
    
     
  10. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
  11. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    okay thank you! We are making huge progress:

    I am getting -6 score from 4 negative items. -3 from
    We didn't find a mail server (MX Record) behind your domain name server1.cyberanonymous.net.
    Which is confusing because I have a MX record as follows:
    ; MX Record
    cyberanonymous.net. 14400 IN MX 10 mail


    Do I need to add an additional one for
    server1.cyberanonymous.net 14400 IN MX 10 mail ?

    and how do I correct the "[SPF] and[Sender ID] does not allow your server to use root@server1.cyberanonymous.net





    I got a score of 4 / 10 = This is What I showed:

    Server1

    You're not fully authenticated

    We check if the server you are sending from is authenticated

    -1
    [SPF] server1.cyberanonymous.net does not allow your server 45.58.52.126 to use root@server1.cyberanonymous.net


    -1
    [Sender ID] server1.cyberanonymous.net does not allow your server 45.58.52.126 to use root@server1.cyberanonymous.net


    -1
    Your message is not signed with DKIM



    You do not have a DMARC record



    Your server 45.58.52.126 is successfully associated with server1.cyberanonymous.net


    -3
    We didn't find a mail server (MX Record) behind your domain name server1.cyberanonymous.net.



    Your hostname server1.cyberanonymous.net is assigned to a server.



    Server 2
    You're not fully authenticated

    We check if the server you are sending from is authenticated
    -1
    [SPF] server2.cyberanonymous.net does not allow your server 104.223.109.116 to use root@server2.cyberanonymous.net
    -1
    [Sender ID] server2.cyberanonymous.net does not allow your server 104.223.109.116 to use root@server2.cyberanonymous.net
    -1
    Your message is not signed with DKIM

    You do not have a DMARC record

    Your server 104.223.109.116 is successfully associated with server2.cyberanonymous.net
    -3
    We didn't find a mail server (MX Record) behind your domain name server2.cyberanonymous.net.

    Your hostname server2.cyberanonymous.net is assigned to a server.



     
  12. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
    ignore that one subdomain/hostnames don't require MX records

    Sounds like you don't have valid SPF, DKIM, DMARC DNS records for your hostnames server1.cyberanonymous.net and server2.cyberanonymous.net as per outlined and linked instructions at https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/ and Getting Started Guide Step 1. The addons/opendkim.sh addon in 123.09beta01 will help you setup SPF/DKIM for main hostname of your Centmin Mod server https://community.centminmod.com/threads/automated-dkim-setup-with-opendkim.7011/ though SPF records for hostname/subdomains are same as for domains.
     
  13. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
    whoops forgot addons/opendkim.sh only works for Centmin Mod installed/configured default Postfix MTA setups not Sendmail, so you can't use that and will have to setup DKIM manually yourself for Sendmail usage
     
  14. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    Thank you. I am running your latest Stable version, .08 i believe?

    The addons/opendkim.sh in the BETA version, Can I just install that ALONE, not fully upgrade to the .09 beta?

    Will also work with sendmail or is this specifically configured for Postfix? I really hate postfix personally. Sendmail never gives me trouble, postfix just one thing after another
     
  15. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    k thanks, any helpful links or advice how to create my own Sendmail friendly DKIM keys?

    With that auto script was for sendmail, or easily convertible!
     
  16. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
    Probably best to use with 123.09beta01 as that's what's it's tested for. 123.09beta01 upgrade and install guide is in 1st post and just involves centmin.sh menu option 23 submenu option 3 to switch branches - also shown in 1st post at https://community.centminmod.com/posts/14099/

    Google isn't returning any modern guides for DKIM and Sendmail on CentOS 6/7 from quick check. Hence, why using Centmin Mod default Postfix MTA is advisable :) But I'll leave the rest to your research and any other members input.

    Centmin Mod is provide as is, so short of scripted related bugs or issues, any further optimisation to the web stack components - nginx, php-fpm, mariadb mysql, csf firewall etc or web app specific configurations are left to the Centmin Mod user to deal with. So I do not provide any free support for such i.e. switched out Postfix MTA for Sendmal MTA.

    However, Centmin Mod users are free to help each other out and ask questions or give answers on this community forum. My hopes are that this community forum evolves so that more veteran long time Centmin Mod users help new Centmin Mod users out :)
     
  17. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    Thank you for all your help. I'm still curious, maybe I'M doing something wrong when setting up. I feel really uneasy about that -3 pt score I get for the MX record not existing for the server1.cyberanonymous.net.

    So I have 10 VPS Servers. I have server0 - 9 . cyberanonymous.net, and I name ALL of the sever HOSTNAMES by that. On whichever server actually hosts cyberanomyous.net, I setup 10 IN A records to forward to each of the ip addresses, so when you ping them, they go to the right server. Should I also be setting up 10 MX Records on that MAIN cyberanonymous server pointing the MX records at all 10 of them as well? I have IN A records, but not MX records. the MX records reside on each of the individual servers, I setup the same cyberanonymous.net on ALL 10 servers, and set the ns3& ns4, or ns 19 & 20 on each of them. Maybe that's where a problem is being caused specifcally for Mail routing that I wasn't aware of?

    Is there any problem with me adding 10 mx records to the main cyberanonymous.net

    server1.cyberanonymous.net. 14400 IN MX 10 mail ( should this have any pointing information?)
    server2.cyberanonymous.net. 14400 IN MX 10 mail
    server3.cyberanonymous.net. 14400 IN MX 10 mail
    server4.cyberanonymous.net. 14400 IN MX 10 mail
     
  18. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5
  19. johnnyc

    johnnyc Member

    33
    2
    8
    Mar 23, 2015
    Ratings:
    +2
    Local Time:
    9:41 AM
    okay that makes sense. Thanks. Do you think maybe Gmail is checking that it exists and is MATCHING and Correct ? I hate that -3 penalization. If I can get THAT fixed and not worry about the DKIM (which is only -1 penalization), I think I'd be okay with a 7/10 score (or possibly 9/10, I corrected the /etc/aliases root: marc(was the default), I corrected to my email address, i'm hoping that corrects the other -2 points
     
  20. eva2000

    eva2000 Administrator Staff Member

    29,034
    6,589
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,784
    Local Time:
    12:41 AM
    Nginx 1.13.x
    MariaDB 5.5