Join the community today
Become a Member

Email rDNS and SPF

Discussion in 'Domains, DNS, Email & SSL Certificates' started by Jon Snow, Jan 11, 2022.

  1. Jon Snow

    Jon Snow Active Member

    628
    120
    43
    Jun 30, 2017
    Ratings:
    +179
    Local Time:
    4:30 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    I set up rDNS for domain.com so that the IP uses sub.domain.com.

    Do I add SPF records to domain.com or sub.domain.com so that domain.com can send emails?

     
  2. eva2000

    eva2000 Administrator Staff Member

    47,851
    10,920
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,961
    Local Time:
    6:30 AM
    Nginx 1.21.x
    MariaDB 10.x
    See https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/

    SPF/DKIMM records are for the sending domain, so for main host name will be for main hostname setup in Getting Started Guide Step 1. You'd then need to setup SPF/DKIM for your site domains via @yourdomain.com email providers instructions i.e. Google Suite/Workspace

     
  3. Jon Snow

    Jon Snow Active Member

    628
    120
    43
    Jun 30, 2017
    Ratings:
    +179
    Local Time:
    4:30 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    So it needs to be done for both? Or only for #2. your domain? This is for emails sent through the server only with an @domain.com I set in the web script in xenForo and rDNS set to sub.domain.com for the server IP. Or would you recommend setting both regardless?

    My server also has 2 IPs. I assigned Website A to IP A but it's sending emails through IP B instead. What would I need to ensure that Website A sends emails through IP A?

    Custom config has IP B assigned to SECOND_IP.

    In my ssl domain config I found IP B (not sure why it was there but my guess is through a nginx upgrade)

    Code (Text):
     server {
       listen   IP B:80;


    Code (Text):
    server {
      listen 443 ssl http2;
    

    I changed IP B to IP A here and restarted NGINX. Is that enough or is there something missing?

    It doesn't work:
    Code (Text):
    sub.domain.com: Sender not authorized by default to use 'nginx@sub.domain.com' in 'mfrom' identity
     
    Last edited: Jan 12, 2022
  4. Jon Snow

    Jon Snow Active Member

    628
    120
    43
    Jun 30, 2017
    Ratings:
    +179
    Local Time:
    4:30 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    I also added IP A here and restarted nginx but the server still sends emails through IP B.
     
  5. eva2000

    eva2000 Administrator Staff Member

    47,851
    10,920
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,961
    Local Time:
    6:30 AM
    Nginx 1.21.x
    MariaDB 10.x
    Nginx IP and server sent email IP are separate things. Emails sent from server will always be sent from main server IP. Nginx IP listener is just for when IP Nginx listens and registers for the domain routing to Nginx vhost
     
  6. Jon Snow

    Jon Snow Active Member

    628
    120
    43
    Jun 30, 2017
    Ratings:
    +179
    Local Time:
    4:30 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    How would I change the main server IP?

    My first IP was IP A which I thought was the main server IP. I had added IP B via SECOND_IP.
     
  7. eva2000

    eva2000 Administrator Staff Member

    47,851
    10,920
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,961
    Local Time:
    6:30 AM
    Nginx 1.21.x
    MariaDB 10.x
    What are you trying to accomplish? You can only sent server emails via the primary email address. So if you want to change that depending on server configuration /web host you may need to get your web host to switch it on their end reboot the server and then configure your nginx vhost listenersand then update dns records. But why fixated on a specific IP address when you can use what you have now? Only real validate reason is if you have a specific DDOS mitigation protected IP address you want to use.

    If it's just changing server email sending IP address then you can try https://www.vultr.com/docs/changing-postfix-outbound-ip-address