Email rDNS and SPF

Jon Snow · Jan 11, 2022

I set up rDNS for domain.com so that the IP uses sub.domain.com.

Do I add SPF records to domain.com or sub.domain.com so that domain.com can send emails?

eva2000 · Jan 11, 2022

See https://community.centminmod.com/th...ver-email-doesnt-end-up-in-spam-inboxes.6999/

SPF/DKIMM records are for the sending domain, so for main host name will be for main hostname setup in Getting Started Guide Step 1. You'd then need to setup SPF/DKIM for your site domains via @yourdomain.com email providers instructions i.e. Google Suite/Workspace

To ensure your site/server sent emails do not end up in users' spam inboxes, you need proper SPF/TXT, DKIM, DMARC and reverse PTR DNS records setup for your domain and server's main hostname (setup via Getting Started Guide Step 1) as outlined below.

There is a distinction between your site domain and server's main hostname:

server's main hostname - If you use a web app like Wordpress, Xenforo, IP.Board, Magento, etc to sent emails. Then emails can either be sent as is via Centmin Mod Postfix MTA server via root@host.domain.com where receiving email servers would evaluate the SPF, DKIM, DMARC and PTR DNS records for sending domain @host.domain.com. If server's main hostname i.e. host.domain.com has valid DNS records, then email will be less likely sent to spam box or being rejected by receiving email server.

your domain - If your web app allows you to set a from email field and you sent emails from say user@domain.com, then receiving email servers would evaluate the SPF, DKIM, DMARC and PTR DNS records for sending domain @domain.com so your domain.com would need to have those DNS records setup.

Click to expand...

Jon Snow · Jan 12, 2022

eva2000 said: ↑

SPF/DKIMM records are for the sending domain, so for main host name will be for main hostname setup in Getting Started Guide Step 1. You'd then need to setup SPF/DKIM for your site domains via @yourdomain.com email providers instructions i.e. Google Suite/Workspace
Click to expand...

So it needs to be done for both? Or only for #2. your domain? This is for emails sent through the server only with an @domain.com I set in the web script in xenForo and rDNS set to sub.domain.com for the server IP. Or would you recommend setting both regardless?

My server also has 2 IPs. I assigned Website A to IP A but it's sending emails through IP B instead. What would I need to ensure that Website A sends emails through IP A?

Custom config has IP B assigned to SECOND_IP.

In my ssl domain config I found IP B (not sure why it was there but my guess is through a nginx upgrade)
Code (Text):
 server {
   listen   IP B:80;
Code (Text):
server {
  listen 443 ssl http2;
I changed IP B to IP A here and restarted NGINX. Is that enough or is there something missing?

It doesn't work:
Code (Text):
sub.domain.com: Sender not authorized by default to use 'nginx@sub.domain.com' in 'mfrom' identity

Jon Snow · Jan 16, 2022

Jon Snow said: ↑

server {
listen 443 ssl http2;
Click to expand...

I also added IP A here and restarted nginx but the server still sends emails through IP B.

eva2000 · Jan 16, 2022

Jon Snow said: ↑

I also added IP A here and restarted nginx but the server still sends emails through IP B.
Click to expand...

Nginx IP and server sent email IP are separate things. Emails sent from server will always be sent from main server IP. Nginx IP listener is just for when IP Nginx listens and registers for the domain routing to Nginx vhost

Jon Snow · Jan 16, 2022

eva2000 said: ↑

Nginx IP and server sent email IP are separate things. Emails sent from server will always be sent from main server IP. Nginx IP listener is just for when IP Nginx listens and registers for the domain routing to Nginx vhost
Click to expand...

How would I change the main server IP?

My first IP was IP A which I thought was the main server IP. I had added IP B via SECOND_IP.

eva2000 · Jan 16, 2022

What are you trying to accomplish? You can only sent server emails via the primary email address. So if you want to change that depending on server configuration /web host you may need to get your web host to switch it on their end reboot the server and then configure your nginx vhost listenersand then update dns records. But why fixated on a specific IP address when you can use what you have now? Only real validate reason is if you have a specific DDOS mitigation protected IP address you want to use.

If it's just changing server email sending IP address then you can try https://www.vultr.com/docs/changing-postfix-outbound-ip-address

Log in / Register

Forums

Want more timely Centmin Mod News Updates?

Email rDNS and SPF

Jon Snow Active Member

eva2000 Administrator Staff Member

Jon Snow Active Member

Jon Snow Active Member

eva2000 Administrator Staff Member

Jon Snow Active Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Want more timely Centmin Mod News Updates?

Email rDNS and SPF

Jon Snow Active Member

eva2000 Administrator Staff Member

Jon Snow Active Member

Jon Snow Active Member

eva2000 Administrator Staff Member

Jon Snow Active Member

eva2000 Administrator Staff Member

.