Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
MTA
32 views
Skip to first unread message
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 9:30:04 AM7/5/21
to
Hi,
I'm getting this error when sending message (responding to user on the
mailing list).
Does someone has a small idea where I could start my investigation ?
I'm hosting my mail server on Cloudflare DNS but the MX record is in clear.
The mail server is using a reserved IP and it is serving many domain
name for email.
I was thinking that maybe I should start thinking about hosting my own
email server. But I wasn't sure if I felt like I had the nerve to do so.
Some people say it's a lot of maintenance work.
I don't want to use Google for my domain as a email provider, this is
too costly.
The actual hosting provider I use (Namecheap) does a great job, except
that because it's a shared hosting provider my mail often gets flagged
junk and seem to always raise some problem with DMARC compliance,
possibly relating to the above.
Thanks,
Start of the error message received by "returned mail" :
Reporting-MTA: dns; premium58.web-hosting.com
Action: failed
Final-Recipient: rfc822;bjoern...@greenbone.net
Status: 5.0.0
Remote-MTA: dns; mail.greenbone.net
Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
failed for 162.213.253.79 (failed)
--
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development
I'm getting this error when sending message (responding to user on the
mailing list).
Does someone has a small idea where I could start my investigation ?
I'm hosting my mail server on Cloudflare DNS but the MX record is in clear.
The mail server is using a reserved IP and it is serving many domain
name for email.
I was thinking that maybe I should start thinking about hosting my own
email server. But I wasn't sure if I felt like I had the nerve to do so.
Some people say it's a lot of maintenance work.
I don't want to use Google for my domain as a email provider, this is
too costly.
The actual hosting provider I use (Namecheap) does a great job, except
that because it's a shared hosting provider my mail often gets flagged
junk and seem to always raise some problem with DMARC compliance,
possibly relating to the above.
Thanks,
Start of the error message received by "returned mail" :
Reporting-MTA: dns; premium58.web-hosting.com
Action: failed
Final-Recipient: rfc822;bjoern...@greenbone.net
Status: 5.0.0
Remote-MTA: dns; mail.greenbone.net
Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
failed for 162.213.253.79 (failed)
--
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development
Greg Wooledge
Jul 5, 2021, 9:40:05 AM7/5/21
to
On Mon, Jul 05, 2021 at 09:23:03AM -0400, Polyna-Maude Racicot-Summerside wrote:
> Reporting-MTA: dns; premium58.web-hosting.com
>
> Action: failed
> Final-Recipient: rfc822;bjoern...@greenbone.net
> Status: 5.0.0
> Remote-MTA: dns; mail.greenbone.net
> Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
> failed for 162.213.253.79 (failed)
unicorn:~$ host 162.213.253.79
> Reporting-MTA: dns; premium58.web-hosting.com
>
> Action: failed
> Final-Recipient: rfc822;bjoern...@greenbone.net
> Status: 5.0.0
> Remote-MTA: dns; mail.greenbone.net
> Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
> failed for 162.213.253.79 (failed)
79.253.213.162.in-addr.arpa domain name pointer cyrania.com.
unicorn:~$ host cyrania.com.
cyrania.com has address 172.67.185.109
cyrania.com has address 104.21.59.235
cyrania.com has IPv6 address 2606:4700:3031::6815:3beb
cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
to say, none of the "A" results from cyrania.com. match the original
IP address of 162.213.253.79.
Some SMTP receivers may care about that. Apparently the receiver for
greenbone.net (whose name is mail.greenbone.net) is one of them.
Vincent Lefevre
Jul 5, 2021, 10:00:05 AM7/5/21
to
On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
[...]
Yes, the reason is that the owner of the IP address can technically
put anything for the reverse, in particular a domain he doesn't own.
Thus he can put a domain with a good reputation to send spam. That's
why antispam software should check that the reverse resolves back to
the IP address.
--
Vincent Lefèvre <vin...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
[...]
> Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> to say, none of the "A" results from cyrania.com. match the original
> IP address of 162.213.253.79.
>
> Some SMTP receivers may care about that.
[...]
> to say, none of the "A" results from cyrania.com. match the original
> IP address of 162.213.253.79.
>
> Some SMTP receivers may care about that.
Yes, the reason is that the owner of the IP address can technically
put anything for the reverse, in particular a domain he doesn't own.
Thus he can put a domain with a good reputation to send spam. That's
why antispam software should check that the reverse resolves back to
the IP address.
--
Vincent Lefèvre <vin...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 10:00:05 AM7/5/21
to
Hi,
On 2021-07-05 9:35 a.m., Greg Wooledge wrote:
> On Mon, Jul 05, 2021 at 09:23:03AM -0400, Polyna-Maude Racicot-Summerside wrote:
>> Reporting-MTA: dns; premium58.web-hosting.com
>>
>> Action: failed
>> Final-Recipient: rfc822;bjoern...@greenbone.net
>> Status: 5.0.0
>> Remote-MTA: dns; mail.greenbone.net
>> Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
>> failed for 162.213.253.79 (failed)
>
> unicorn:~$ host 162.213.253.79
> 79.253.213.162.in-addr.arpa domain name pointer cyrania.com.
> unicorn:~$ host cyrania.com.
> cyrania.com has address 172.67.185.109
> cyrania.com has address 104.21.59.235
> cyrania.com has IPv6 address 2606:4700:3031::6815:3beb
> cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
> cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
>
> Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> to say, none of the "A" results from cyrania.com. match the original
> IP address of 162.213.253.79.
>
So is there something I can do on my side ?
I don't have control over the IMAP/SMTP server (premium58.web-hosting.com).
Would it be better to simply not use Cloudflare (free tier) for the
domain where I am using mail service ?
Because my web server is mostly on polynamaude.ca / polynamaude.org .
It's mostly a parking page for polynamaude.com that I could simply remove.
> Some SMTP receivers may care about that. Apparently the receiver for
> greenbone.net (whose name is mail.greenbone.net) is one of them.
>
On 2021-07-05 9:35 a.m., Greg Wooledge wrote:
> On Mon, Jul 05, 2021 at 09:23:03AM -0400, Polyna-Maude Racicot-Summerside wrote:
>> Reporting-MTA: dns; premium58.web-hosting.com
>>
>> Action: failed
>> Final-Recipient: rfc822;bjoern...@greenbone.net
>> Status: 5.0.0
>> Remote-MTA: dns; mail.greenbone.net
>> Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
>> failed for 162.213.253.79 (failed)
>
> unicorn:~$ host 162.213.253.79
> 79.253.213.162.in-addr.arpa domain name pointer cyrania.com.
> unicorn:~$ host cyrania.com.
> cyrania.com has address 172.67.185.109
> cyrania.com has address 104.21.59.235
> cyrania.com has IPv6 address 2606:4700:3031::6815:3beb
> cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
> cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
>
> Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> to say, none of the "A" results from cyrania.com. match the original
> IP address of 162.213.253.79.
>
I don't have control over the IMAP/SMTP server (premium58.web-hosting.com).
Would it be better to simply not use Cloudflare (free tier) for the
domain where I am using mail service ?
Because my web server is mostly on polynamaude.ca / polynamaude.org .
It's mostly a parking page for polynamaude.com that I could simply remove.
> Some SMTP receivers may care about that. Apparently the receiver for
> greenbone.net (whose name is mail.greenbone.net) is one of them.
>
Vincent Lefevre
Jul 5, 2021, 10:00:06 AM7/5/21
to
On 2021-07-05 09:41:02 -0400, Polyna-Maude Racicot-Summerside wrote:
> Hi,
>
> On 2021-07-05 9:35 a.m., Greg Wooledge wrote:
> > On Mon, Jul 05, 2021 at 09:23:03AM -0400, Polyna-Maude Racicot-Summerside wrote:
> >> Reporting-MTA: dns; premium58.web-hosting.com
> >>
> >> Action: failed
> >> Final-Recipient: rfc822;bjoern...@greenbone.net
> >> Status: 5.0.0
> >> Remote-MTA: dns; mail.greenbone.net
> >> Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
> >> failed for 162.213.253.79 (failed)
> >
> > unicorn:~$ host 162.213.253.79
> > 79.253.213.162.in-addr.arpa domain name pointer cyrania.com.
> > unicorn:~$ host cyrania.com.
> > cyrania.com has address 172.67.185.109
> > cyrania.com has address 104.21.59.235
> > cyrania.com has IPv6 address 2606:4700:3031::6815:3beb
> > cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
> > cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
> >
> > Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> > to say, none of the "A" results from cyrania.com. match the original
> > IP address of 162.213.253.79.
> >
> So is there something I can do on my side ?
> I don't have control over the IMAP/SMTP server (premium58.web-hosting.com).
premium58.web-hosting.com is not your SMTP submission server:
> Hi,
>
> On 2021-07-05 9:35 a.m., Greg Wooledge wrote:
> > On Mon, Jul 05, 2021 at 09:23:03AM -0400, Polyna-Maude Racicot-Summerside wrote:
> >> Reporting-MTA: dns; premium58.web-hosting.com
> >>
> >> Action: failed
> >> Final-Recipient: rfc822;bjoern...@greenbone.net
> >> Status: 5.0.0
> >> Remote-MTA: dns; mail.greenbone.net
> >> Diagnostic-Code: smtp; 550 X-Host-Lookup-Failed: Reverse DNS lookup
> >> failed for 162.213.253.79 (failed)
> >
> > unicorn:~$ host 162.213.253.79
> > 79.253.213.162.in-addr.arpa domain name pointer cyrania.com.
> > unicorn:~$ host cyrania.com.
> > cyrania.com has address 172.67.185.109
> > cyrania.com has address 104.21.59.235
> > cyrania.com has IPv6 address 2606:4700:3031::6815:3beb
> > cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
> > cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
> >
> > Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> > to say, none of the "A" results from cyrania.com. match the original
> > IP address of 162.213.253.79.
> >
> So is there something I can do on my side ?
> I don't have control over the IMAP/SMTP server (premium58.web-hosting.com).
$ host premium58.web-hosting.com
premium58.web-hosting.com has address 198.54.120.203
What is this 162.213.253.79 IP address? Can you control its reverse?
Is cyrania.com a domain that you own?
Greg Wooledge
Jul 5, 2021, 10:10:04 AM7/5/21
to
On Mon, Jul 05, 2021 at 03:48:47PM +0200, Vincent Lefevre wrote:
> On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
> [...]
> > Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> > to say, none of the "A" results from cyrania.com. match the original
> > IP address of 162.213.253.79.
> >
> > Some SMTP receivers may care about that.
> [...]
>
> Yes, the reason is that the owner of the IP address can technically
> put anything for the reverse, in particular a domain he doesn't own.
> Thus he can put a domain with a good reputation to send spam. That's
> why antispam software should check that the reverse resolves back to
> the IP address.
It's a philosophical argument. The value stored in the "reverse" is
> On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
> [...]
> > Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> > to say, none of the "A" results from cyrania.com. match the original
> > IP address of 162.213.253.79.
> >
> > Some SMTP receivers may care about that.
> [...]
>
> Yes, the reason is that the owner of the IP address can technically
> put anything for the reverse, in particular a domain he doesn't own.
> Thus he can put a domain with a good reputation to send spam. That's
> why antispam software should check that the reverse resolves back to
> the IP address.
only important if you think it's important. Antispam software may
choose to consider it irrelevant, or somewhat important, or vitally
important.
If I'm sending email from 162.213.253.79 but I use bi...@microsoft.com as
my envelope sender address, does it *really* matter whether 162.213.253.79
has a mismatched reverse lookup? It's more important to check whether
microsoft.com considers 162.213.253.79 to be a valid sender. (And that
uses SPF or other optional mail-specific information sources.)
Strict reverse-match checking really hurts people who send email
from home computers, where controlling the reverse is not always easy.
Any impact on commercial spammers is negligible, unless the real goal is
to block bot nets by assuming that anyone with a mismatched reverse is a
home computer user and is therefore a compromised spam bot, because how
could anyone on a home computer network ever be a legitimate email sender?
A more sensible antispam filter might consider a mismatched reverse to
be one potential factor in deciding whether a given message is "spam".
In the absence of any other factors, it shouldn't be enough to reject
a message. But if the same message has other risk factors, then together
they might be enough to justify that judgment.
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 10:30:05 AM7/5/21
to
Hi Greg,
On 2021-07-05 10:06 a.m., Greg Wooledge wrote:
> On Mon, Jul 05, 2021 at 03:48:47PM +0200, Vincent Lefevre wrote:
>> On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
>> [...]
>>> Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
>>> to say, none of the "A" results from cyrania.com. match the original
>>> IP address of 162.213.253.79.
>>>
>>> Some SMTP receivers may care about that.
>> [...]
>>
>> Yes, the reason is that the owner of the IP address can technically
>> put anything for the reverse, in particular a domain he doesn't own.
>> Thus he can put a domain with a good reputation to send spam. That's
>> why antispam software should check that the reverse resolves back to
>> the IP address.
>
> It's a philosophical argument. The value stored in the "reverse" is
> only important if you think it's important. Antispam software may
> choose to consider it irrelevant, or somewhat important, or vitally
> important.
It's a argument that is pretty much impacting our day to day life, so
wouldn't consider this only on the philosophical side.
Probably that most email service provider (like Google, Microsoft and
other who rent the cloud) are suggesting and pushing for the validation
of reverse domain validation. The more people get problem from their
home computer sending email, the more they have possibility to rend
computer on the cloud.
What annoy my is that I am paying for a dedicated IP for my server (in
shared hosting) and I believe it must be a mis-configuration I've done,
possibly also the use of Cloudflare (but my mail server is in plain IP
not behind Cloudflare).
As I also rent a dedicated server (rack) in a data center, with two
dedicated IP, I'm thinking about starting to host the mail server myself.
>
> If I'm sending email from 162.213.253.79 but I use bi...@microsoft.com as
> my envelope sender address, does it *really* matter whether 162.213.253.79
> has a mismatched reverse lookup? It's more important to check whether
> microsoft.com considers 162.213.253.79 to be a valid sender. (And that
> uses SPF or other optional mail-specific information sources.)
>
I agree with you, people who SPAM do have the infrastructure to make
their domain resolution match, both forward, reverse and possibly
side-way if there's a need. They have huge amount of resources to do so,
they may even locate their server farm (physical) in some jurisdiction
who give them free play and doesn't enforce (or simple doesn't have) law
regarding the unsolicited mail.
So reverse matching ain't a big deal for them. There's huge amount of
cash involve so they can build a huge infrastructure to allow them doing
their bad practice.
> Strict reverse-match checking really hurts people who send email
> from home computers, where controlling the reverse is not always easy.
> Any impact on commercial spammers is negligible, unless the real goal is
> to block bot nets by assuming that anyone with a mismatched reverse is a
> home computer user and is therefore a compromised spam bot, because how
> could anyone on a home computer network ever be a legitimate email sender?
>
I agree that this type of action harm the home user.
Regarding anti-spam, if people who want to go use Netflix using a VPN
can find a way of having their reverse lookup point to a home user
domain then I'm sure every spam based business can find a way to do the
opposite, that is, get their IP resolve to a business / data center
domain name.
> A more sensible antispam filter might consider a mismatched reverse to
> be one potential factor in deciding whether a given message is "spam".
> In the absence of any other factors, it shouldn't be enough to reject
> a message. But if the same message has other risk factors, then together
> they might be enough to justify that judgment.
>
Everything is about have a good degree of balance between all the
different attributes. It's the basis of security. If you only rely on
one type of enforcement, people will find a way to go thru and you will
put a undue burden upon a class of user.
On 2021-07-05 10:06 a.m., Greg Wooledge wrote:
> On Mon, Jul 05, 2021 at 03:48:47PM +0200, Vincent Lefevre wrote:
>> On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
>> [...]
>>> Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
>>> to say, none of the "A" results from cyrania.com. match the original
>>> IP address of 162.213.253.79.
>>>
>>> Some SMTP receivers may care about that.
>> [...]
>>
>> Yes, the reason is that the owner of the IP address can technically
>> put anything for the reverse, in particular a domain he doesn't own.
>> Thus he can put a domain with a good reputation to send spam. That's
>> why antispam software should check that the reverse resolves back to
>> the IP address.
>
> It's a philosophical argument. The value stored in the "reverse" is
> only important if you think it's important. Antispam software may
> choose to consider it irrelevant, or somewhat important, or vitally
> important.
wouldn't consider this only on the philosophical side.
Probably that most email service provider (like Google, Microsoft and
other who rent the cloud) are suggesting and pushing for the validation
of reverse domain validation. The more people get problem from their
home computer sending email, the more they have possibility to rend
computer on the cloud.
What annoy my is that I am paying for a dedicated IP for my server (in
shared hosting) and I believe it must be a mis-configuration I've done,
possibly also the use of Cloudflare (but my mail server is in plain IP
not behind Cloudflare).
As I also rent a dedicated server (rack) in a data center, with two
dedicated IP, I'm thinking about starting to host the mail server myself.
>
> If I'm sending email from 162.213.253.79 but I use bi...@microsoft.com as
> my envelope sender address, does it *really* matter whether 162.213.253.79
> has a mismatched reverse lookup? It's more important to check whether
> microsoft.com considers 162.213.253.79 to be a valid sender. (And that
> uses SPF or other optional mail-specific information sources.)
>
their domain resolution match, both forward, reverse and possibly
side-way if there's a need. They have huge amount of resources to do so,
they may even locate their server farm (physical) in some jurisdiction
who give them free play and doesn't enforce (or simple doesn't have) law
regarding the unsolicited mail.
So reverse matching ain't a big deal for them. There's huge amount of
cash involve so they can build a huge infrastructure to allow them doing
their bad practice.
> Strict reverse-match checking really hurts people who send email
> from home computers, where controlling the reverse is not always easy.
> Any impact on commercial spammers is negligible, unless the real goal is
> to block bot nets by assuming that anyone with a mismatched reverse is a
> home computer user and is therefore a compromised spam bot, because how
> could anyone on a home computer network ever be a legitimate email sender?
>
Regarding anti-spam, if people who want to go use Netflix using a VPN
can find a way of having their reverse lookup point to a home user
domain then I'm sure every spam based business can find a way to do the
opposite, that is, get their IP resolve to a business / data center
domain name.
> A more sensible antispam filter might consider a mismatched reverse to
> be one potential factor in deciding whether a given message is "spam".
> In the absence of any other factors, it shouldn't be enough to reject
> a message. But if the same message has other risk factors, then together
> they might be enough to justify that judgment.
>
different attributes. It's the basis of security. If you only rely on
one type of enforcement, people will find a way to go thru and you will
put a undue burden upon a class of user.
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 10:40:04 AM7/5/21
to
Hi,
> premium58.web-hosting.com is not your SMTP submission server:
>
> $ host premium58.web-hosting.com
> premium58.web-hosting.com has address 198.54.120.203
>
The server premium58.web-hosting.com is hosted by NameCheap and is used
by many of their user as part of their server farm.
All the IP you see in my domain are either the ones used by Namecheap
for my dedicated IP or the IP of one of their server (ftp for example).
The IP that www.cyrania.com or www.polynamaude.com is proxied thru
Cloudflare, so does cyrani.com and polynamaude.com
> What is this 162.213.253.79 IP address?
The IP address 162.213.253.79 is the dedicated IP I rent from Namecheap.
Can you control its reverse?
>
Good question, I'll need to go back read a bit on networking and DNS
management.
email I am sending). I know the SMTP server respond to the name
CYRANIA.COM (HELO) but is relaying mail for polynamaude.com too.
>
This is a copy of the dump of my domain name config for CYRANIA.COM
-------START
;;
;; Domain: cyrania.com.
;; Exported: 2021-02-05 22:27:25
;;
;; This file is intended for use for informational and archival
;; purposes ONLY and MUST be edited before use on a production
;; DNS server. In particular, you must:
;; -- update the SOA record with the correct authoritative name server
;; -- update the SOA record with the contact e-mail address information
;; -- update the NS record(s) with the authoritative name servers for
this domain.
;;
;; For further information, please consult the BIND documentation
;; located on the following website:
;;
;; http://www.isc.org/
;;
;; And RFC 1035:
;;
;; http://www.ietf.org/rfc/rfc1035.txt
;;
;; Please note that we do NOT offer technical support for any use
;; of this zone data, the BIND name server, or any other third-party
;; DNS software.
;;
;; Use at your own risk.
;; SOA Record
cyrania.com. 3600 IN SOA cyrania.com. root.cyrania.com. 2036423064 7200
3600 86400 3600
;; A Records
autoconfig.cyrania.com. 1 IN A 162.213.253.79
autodiscover.cyrania.com. 1 IN A 162.213.253.79
cpanel.cyrania.com. 1 IN A 162.213.253.79
cpcalendars.cyrania.com. 1 IN A 162.213.253.79
cpcontacts.cyrania.com. 1 IN A 162.213.253.79
cyrania.com. 1 IN A 162.213.253.79
ftp.cyrania.com. 1 IN A 198.54.120.212
imap.cyrania.com. 1 IN A 162.213.253.79
mail.cyrania.com. 1 IN A 162.213.253.79
pop3.cyrania.com. 1 IN A 162.213.253.79
smtp.cyrania.com. 1 IN A 162.213.253.79
webdisk.cyrania.com. 1 IN A 162.213.253.79
webmail.cyrania.com. 1 IN A 162.213.253.79
whm.cyrania.com. 1 IN A 162.213.253.79
;; CNAME Records
www.cyrania.com. 1 IN CNAME cyrania.com.
;; MX Records
cyrania.com. 1 IN MX 0 mail.cyrania.com.
;; SRV Records
_autodiscover._tcp.cyrania.com. 1 IN SRV 0 0 443
cpanelemaildiscovery.cpanel.net.
_caldavs._tcp.cyrania.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_caldav._tcp.cyrania.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
_carddavs._tcp.cyrania.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_carddav._tcp.cyrania.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
;; TXT Records
_caldavs._tcp.cyrania.com. 1 IN TXT "path=/"
_caldav._tcp.cyrania.com. 1 IN TXT "path=/"
_carddavs._tcp.cyrania.com. 1 IN TXT "path=/"
_carddav._tcp.cyrania.com. 1 IN TXT "path=/"
cyrania.com. 1 IN TXT "v=spf1 +ip4:162.213.253.79
+include:spf.web-hosting.com +ip4:198.54.120.203 ~all"
-------END
and for polynamaude.com (the domain name I use for this email. I also
have some email on cyrania.com domain too, both hosted by the same server).
-------START
;;
;; Domain: polynamaude.com.
;; Exported: 2021-02-05 22:27:48
;;
;; This file is intended for use for informational and archival
;; purposes ONLY and MUST be edited before use on a production
;; DNS server. In particular, you must:
;; -- update the SOA record with the correct authoritative name server
;; -- update the SOA record with the contact e-mail address information
;; -- update the NS record(s) with the authoritative name servers for
this domain.
;;
;; For further information, please consult the BIND documentation
;; located on the following website:
;;
;; http://www.isc.org/
;;
;; And RFC 1035:
;;
;; http://www.ietf.org/rfc/rfc1035.txt
;;
;; Please note that we do NOT offer technical support for any use
;; of this zone data, the BIND name server, or any other third-party
;; DNS software.
;;
;; Use at your own risk.
;; SOA Record
polynamaude.com. 3600 IN SOA polynamaude.com. root.polynamaude.com.
2036423066 7200 3600 86400 3600
;; A Records
api.polynamaude.com. 1 IN A 162.213.253.79
autoconfig.polynamaude.com. 1 IN A 162.213.253.79
autodiscover.polynamaude.com. 1 IN A 162.213.253.79
cpanel.polynamaude.com. 1 IN A 162.213.253.79
cpcalendars.polynamaude.com. 1 IN A 162.213.253.79
cpcontacts.polynamaude.com. 1 IN A 162.213.253.79
ftp.polynamaude.com. 1 IN A 162.213.253.79
mail.polynamaude.com. 1 IN A 162.213.253.79
polynamaude.com. 1 IN A 162.213.253.79
webdisk.polynamaude.com. 1 IN A 162.213.253.79
webmail.polynamaude.com. 1 IN A 162.213.253.79
whm.polynamaude.com. 1 IN A 162.213.253.79
www.polynamaude.com. 1 IN A 162.213.253.79
;; MX Records
polynamaude.com. 1 IN MX 0 premium58.web-hosting.com.
;; SRV Records
_autodiscover._tcp.polynamaude.com. 1 IN SRV 0 0 443
cpanelemaildiscovery.cpanel.net.
_caldavs._tcp.polynamaude.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_caldav._tcp.polynamaude.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
_carddavs._tcp.polynamaude.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_carddav._tcp.polynamaude.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
;; TXT Records
_caldavs._tcp.polynamaude.com. 1 IN TXT "path=/"
_caldav._tcp.polynamaude.com. 1 IN TXT "path=/"
_carddavs._tcp.polynamaude.com. 1 IN TXT "path=/"
_carddav._tcp.polynamaude.com. 1 IN TXT "path=/"
default._domainkey.polynamaude.com. 1 IN TXT
---------END
> premium58.web-hosting.com is not your SMTP submission server:
>
> $ host premium58.web-hosting.com
> premium58.web-hosting.com has address 198.54.120.203
>
by many of their user as part of their server farm.
All the IP you see in my domain are either the ones used by Namecheap
for my dedicated IP or the IP of one of their server (ftp for example).
The IP that www.cyrania.com or www.polynamaude.com is proxied thru
Cloudflare, so does cyrani.com and polynamaude.com
> What is this 162.213.253.79 IP address?
Can you control its reverse?
>
management.
> Is cyrania.com a domain that you own?
Yes, I own cyrania.com and polynamaude.com (the domain name used for the
email I am sending). I know the SMTP server respond to the name
CYRANIA.COM (HELO) but is relaying mail for polynamaude.com too.
>
This is a copy of the dump of my domain name config for CYRANIA.COM
-------START
;;
;; Domain: cyrania.com.
;; Exported: 2021-02-05 22:27:25
;;
;; This file is intended for use for informational and archival
;; purposes ONLY and MUST be edited before use on a production
;; DNS server. In particular, you must:
;; -- update the SOA record with the correct authoritative name server
;; -- update the SOA record with the contact e-mail address information
;; -- update the NS record(s) with the authoritative name servers for
this domain.
;;
;; For further information, please consult the BIND documentation
;; located on the following website:
;;
;; http://www.isc.org/
;;
;; And RFC 1035:
;;
;; http://www.ietf.org/rfc/rfc1035.txt
;;
;; Please note that we do NOT offer technical support for any use
;; of this zone data, the BIND name server, or any other third-party
;; DNS software.
;;
;; Use at your own risk.
;; SOA Record
cyrania.com. 3600 IN SOA cyrania.com. root.cyrania.com. 2036423064 7200
3600 86400 3600
;; A Records
autoconfig.cyrania.com. 1 IN A 162.213.253.79
autodiscover.cyrania.com. 1 IN A 162.213.253.79
cpanel.cyrania.com. 1 IN A 162.213.253.79
cpcalendars.cyrania.com. 1 IN A 162.213.253.79
cpcontacts.cyrania.com. 1 IN A 162.213.253.79
cyrania.com. 1 IN A 162.213.253.79
ftp.cyrania.com. 1 IN A 198.54.120.212
imap.cyrania.com. 1 IN A 162.213.253.79
mail.cyrania.com. 1 IN A 162.213.253.79
pop3.cyrania.com. 1 IN A 162.213.253.79
smtp.cyrania.com. 1 IN A 162.213.253.79
webdisk.cyrania.com. 1 IN A 162.213.253.79
webmail.cyrania.com. 1 IN A 162.213.253.79
whm.cyrania.com. 1 IN A 162.213.253.79
;; CNAME Records
www.cyrania.com. 1 IN CNAME cyrania.com.
;; MX Records
cyrania.com. 1 IN MX 0 mail.cyrania.com.
;; SRV Records
_autodiscover._tcp.cyrania.com. 1 IN SRV 0 0 443
cpanelemaildiscovery.cpanel.net.
_caldavs._tcp.cyrania.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_caldav._tcp.cyrania.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
_carddavs._tcp.cyrania.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_carddav._tcp.cyrania.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
;; TXT Records
_caldavs._tcp.cyrania.com. 1 IN TXT "path=/"
_caldav._tcp.cyrania.com. 1 IN TXT "path=/"
_carddavs._tcp.cyrania.com. 1 IN TXT "path=/"
_carddav._tcp.cyrania.com. 1 IN TXT "path=/"
cyrania.com. 1 IN TXT "v=spf1 +ip4:162.213.253.79
+include:spf.web-hosting.com +ip4:198.54.120.203 ~all"
-------END
and for polynamaude.com (the domain name I use for this email. I also
have some email on cyrania.com domain too, both hosted by the same server).
-------START
;;
;; Domain: polynamaude.com.
;; Exported: 2021-02-05 22:27:48
;;
;; This file is intended for use for informational and archival
;; purposes ONLY and MUST be edited before use on a production
;; DNS server. In particular, you must:
;; -- update the SOA record with the correct authoritative name server
;; -- update the SOA record with the contact e-mail address information
;; -- update the NS record(s) with the authoritative name servers for
this domain.
;;
;; For further information, please consult the BIND documentation
;; located on the following website:
;;
;; http://www.isc.org/
;;
;; And RFC 1035:
;;
;; http://www.ietf.org/rfc/rfc1035.txt
;;
;; Please note that we do NOT offer technical support for any use
;; of this zone data, the BIND name server, or any other third-party
;; DNS software.
;;
;; Use at your own risk.
;; SOA Record
polynamaude.com. 3600 IN SOA polynamaude.com. root.polynamaude.com.
2036423066 7200 3600 86400 3600
;; A Records
api.polynamaude.com. 1 IN A 162.213.253.79
autoconfig.polynamaude.com. 1 IN A 162.213.253.79
autodiscover.polynamaude.com. 1 IN A 162.213.253.79
cpanel.polynamaude.com. 1 IN A 162.213.253.79
cpcalendars.polynamaude.com. 1 IN A 162.213.253.79
cpcontacts.polynamaude.com. 1 IN A 162.213.253.79
ftp.polynamaude.com. 1 IN A 162.213.253.79
mail.polynamaude.com. 1 IN A 162.213.253.79
polynamaude.com. 1 IN A 162.213.253.79
webdisk.polynamaude.com. 1 IN A 162.213.253.79
webmail.polynamaude.com. 1 IN A 162.213.253.79
whm.polynamaude.com. 1 IN A 162.213.253.79
www.polynamaude.com. 1 IN A 162.213.253.79
;; MX Records
polynamaude.com. 1 IN MX 0 premium58.web-hosting.com.
;; SRV Records
_autodiscover._tcp.polynamaude.com. 1 IN SRV 0 0 443
cpanelemaildiscovery.cpanel.net.
_caldavs._tcp.polynamaude.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_caldav._tcp.polynamaude.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
_carddavs._tcp.polynamaude.com. 1 IN SRV 0 0 2080 premium58.web-hosting.com.
_carddav._tcp.polynamaude.com. 1 IN SRV 0 0 2079 premium58.web-hosting.com.
;; TXT Records
_caldavs._tcp.polynamaude.com. 1 IN TXT "path=/"
_caldav._tcp.polynamaude.com. 1 IN TXT "path=/"
_carddavs._tcp.polynamaude.com. 1 IN TXT "path=/"
_carddav._tcp.polynamaude.com. 1 IN TXT "path=/"
default._domainkey.polynamaude.com. 1 IN TXT
---------END
Vincent Lefevre
Jul 5, 2021, 10:50:04 AM7/5/21
to
On 2021-07-05 10:06:24 -0400, Greg Wooledge wrote:
> On Mon, Jul 05, 2021 at 03:48:47PM +0200, Vincent Lefevre wrote:
> > On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
> > [...]
> > > Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> > > to say, none of the "A" results from cyrania.com. match the original
> > > IP address of 162.213.253.79.
> > >
> > > Some SMTP receivers may care about that.
> > [...]
> >
> > Yes, the reason is that the owner of the IP address can technically
> > put anything for the reverse, in particular a domain he doesn't own.
> > Thus he can put a domain with a good reputation to send spam. That's
> > why antispam software should check that the reverse resolves back to
> > the IP address.
>
> It's a philosophical argument. The value stored in the "reverse" is
> only important if you think it's important. Antispam software may
> choose to consider it irrelevant, or somewhat important, or vitally
> important.
Perhaps I wasn't clear. I mean that antispam software that considers
> On Mon, Jul 05, 2021 at 03:48:47PM +0200, Vincent Lefevre wrote:
> > On 2021-07-05 09:35:22 -0400, Greg Wooledge wrote:
> > [...]
> > > Your "reverse" (PTR record for 162.213.253.79) doesn't match. Which is
> > > to say, none of the "A" results from cyrania.com. match the original
> > > IP address of 162.213.253.79.
> > >
> > > Some SMTP receivers may care about that.
> > [...]
> >
> > Yes, the reason is that the owner of the IP address can technically
> > put anything for the reverse, in particular a domain he doesn't own.
> > Thus he can put a domain with a good reputation to send spam. That's
> > why antispam software should check that the reverse resolves back to
> > the IP address.
>
> It's a philosophical argument. The value stored in the "reverse" is
> only important if you think it's important. Antispam software may
> choose to consider it irrelevant, or somewhat important, or vitally
> important.
the reverse in its rules *also* needs to check that the obtained
reverse resolves back to the IP address. It must not blindly trust
the reverse.
> If I'm sending email from 162.213.253.79 but I use bi...@microsoft.com as
> my envelope sender address, does it *really* matter whether 162.213.253.79
> has a mismatched reverse lookup? It's more important to check whether
> microsoft.com considers 162.213.253.79 to be a valid sender. (And that
> uses SPF or other optional mail-specific information sources.)
And it is not reliable in practice (possibly except in scoring).
> Strict reverse-match checking really hurts people who send email
> from home computers, where controlling the reverse is not always easy.
almost all mail with no reverse (or an invalid one) is spam. So
I can understand people who reject such mail.
> Any impact on commercial spammers is negligible, unless the real goal is
> to block bot nets by assuming that anyone with a mismatched reverse is a
> home computer user and is therefore a compromised spam bot, because how
> could anyone on a home computer network ever be a legitimate email sender?
control the reverse on their home computer network use a submission
server (their ISP's, a dedicated VM, services like gmail, etc.).
> A more sensible antispam filter might consider a mismatched reverse to
> be one potential factor in deciding whether a given message is "spam".
> In the absence of any other factors, it shouldn't be enough to reject
> a message. But if the same message has other risk factors, then together
> they might be enough to justify that judgment.
reject_unknown_client_hostname, but otherwise doesn't allow
the user to control how the information is obtained and used).
Vincent Lefevre
Jul 5, 2021, 11:10:05 AM7/5/21
to
On 2021-07-05 10:22:26 -0400, Polyna-Maude Racicot-Summerside wrote:
> What annoy my is that I am paying for a dedicated IP for my server (in
> shared hosting) and I believe it must be a mis-configuration I've done,
Yes, a mis-configuration in your case (see my other mail message).
> What annoy my is that I am paying for a dedicated IP for my server (in
> shared hosting) and I believe it must be a mis-configuration I've done,
> I agree with you, people who SPAM do have the infrastructure to make
> their domain resolution match, both forward, reverse and possibly
> side-way if there's a need. They have huge amount of resources to do so,
> they may even locate their server farm (physical) in some jurisdiction
> who give them free play and doesn't enforce (or simple doesn't have) law
> regarding the unsolicited mail.
(I blacklist the corresponding IP blocks completely, and check the logs
from time to time. But this is always 100% spam.)
But some spammers also use compromised machines, which normally never
send mail directly, so that some of them are not configured with a
valid reverse. That's why rejecting such suspicious mail may be
useful (I would rather do that combined with countries, e.g. China,
if possible).
Vincent Lefevre
Jul 5, 2021, 11:10:05 AM7/5/21
to
On 2021-07-05 10:32:27 -0400, Polyna-Maude Racicot-Summerside wrote:
> > What is this 162.213.253.79 IP address?
>
> The IP address 162.213.253.79 is the dedicated IP I rent from Namecheap.
OK.
> > What is this 162.213.253.79 IP address?
>
> The IP address 162.213.253.79 is the dedicated IP I rent from Namecheap.
> Can you control its reverse?
> >
> Good question, I'll need to go back read a bit on networking and DNS
> management.
> > Is cyrania.com a domain that you own?
> Yes, I own cyrania.com and polynamaude.com (the domain name used for the
> email I am sending). I know the SMTP server respond to the name
> CYRANIA.COM (HELO) but is relaying mail for polynamaude.com too.
it is cyrania.com (your domain).
You may want to add 162.213.253.79 to the cyrania.com IP addresses,
but if cyrania.com is used as a www host and 162.213.253.79 shoud
not be used for this purpose, this is not OK.
In general, it is better to have a specific FQDN for each IP address.
For instance, 162.213.253.79 would have nodename.cyrania.com as the
reverse and nodename.cyrania.com would resolve to 162.213.253.79,
where nodename is the name obtained with the "uname -n" command.
John Hasler
Jul 5, 2021, 11:20:04 AM7/5/21
to
Polyna-Maude Racicot-Summerside writes:
> I agree with you, people who SPAM do have the infrastructure to make
> their domain resolution match, both forward, reverse and possibly
> side-way if there's a need. They have huge amount of resources to do
> so, they may even locate their server farm (physical) in some
> jurisdiction who give them free play and doesn't enforce (or simple
> doesn't have) law regarding the unsolicited mail.
Much of the spam I see comes from hijacked servers and uses a valid
> I agree with you, people who SPAM do have the infrastructure to make
> their domain resolution match, both forward, reverse and possibly
> side-way if there's a need. They have huge amount of resources to do
> so, they may even locate their server farm (physical) in some
> jurisdiction who give them free play and doesn't enforce (or simple
> doesn't have) law regarding the unsolicited mail.
"From:" address that points to that server. All the headers are valid.
I think that they have realized that the people they target see nothing
odd about
From: Newsguy <spam...@hijackeddomain.com>
Subject: Account suspended
Your account has been temporarily suspended. Click
<credentialstheft.com> to have it reinstated.
No reverse-match checking can catch that.
--
John Hasler
jo...@sugarbit.com
Elmwood, WI USA
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 11:50:04 AM7/5/21
to
Hi,
On 2021-07-05 10:55 a.m., Vincent Lefevre wrote:
> On 2021-07-05 10:32:27 -0400, Polyna-Maude Racicot-Summerside wrote:
>>> What is this 162.213.253.79 IP address?
>>
>> The IP address 162.213.253.79 is the dedicated IP I rent from Namecheap.
>
> OK.
>
>> Can you control its reverse?
>>>
>> Good question, I'll need to go back read a bit on networking and DNS
>> management.
>>> Is cyrania.com a domain that you own?
>> Yes, I own cyrania.com and polynamaude.com (the domain name used for the
>> email I am sending). I know the SMTP server respond to the name
>> CYRANIA.COM (HELO) but is relaying mail for polynamaude.com too.
>
> It seems that you already set up the reverse for 162.213.253.79 since
> it is cyrania.com (your domain).
>
> You may want to add 162.213.253.79 to the cyrania.com IP addresses,
> but if cyrania.com is used as a www host and 162.213.253.79 shoud
> not be used for this purpose, this is not OK.
>
162.213.253.79 can be used for my web server, it's even the goal.
But Cloudflare proxy service require me to use their own IP (so they can
optimize and cache, plus offer DDOS).
I'll simply disable cloudflare for those domain that I use for email.
I don't host a web server (now a parking page) on the domain I use for
emails.
> In general, it is better to have a specific FQDN for each IP address.
> For instance, 162.213.253.79 would have nodename.cyrania.com as the
> reverse and nodename.cyrania.com would resolve to 162.213.253.79,
> where nodename is the name obtained with the "uname -n" command.
>
For now it's shared hosting for both email and web server...
I'll give it a try with removing CloudFlare later on today.
On 2021-07-05 10:55 a.m., Vincent Lefevre wrote:
> On 2021-07-05 10:32:27 -0400, Polyna-Maude Racicot-Summerside wrote:
>>> What is this 162.213.253.79 IP address?
>>
>> The IP address 162.213.253.79 is the dedicated IP I rent from Namecheap.
>
> OK.
>
>> Can you control its reverse?
>>>
>> Good question, I'll need to go back read a bit on networking and DNS
>> management.
>>> Is cyrania.com a domain that you own?
>> Yes, I own cyrania.com and polynamaude.com (the domain name used for the
>> email I am sending). I know the SMTP server respond to the name
>> CYRANIA.COM (HELO) but is relaying mail for polynamaude.com too.
>
> It seems that you already set up the reverse for 162.213.253.79 since
> it is cyrania.com (your domain).
>
> You may want to add 162.213.253.79 to the cyrania.com IP addresses,
> but if cyrania.com is used as a www host and 162.213.253.79 shoud
> not be used for this purpose, this is not OK.
>
But Cloudflare proxy service require me to use their own IP (so they can
optimize and cache, plus offer DDOS).
I'll simply disable cloudflare for those domain that I use for email.
I don't host a web server (now a parking page) on the domain I use for
emails.
> In general, it is better to have a specific FQDN for each IP address.
> For instance, 162.213.253.79 would have nodename.cyrania.com as the
> reverse and nodename.cyrania.com would resolve to 162.213.253.79,
> where nodename is the name obtained with the "uname -n" command.
>
I'll give it a try with removing CloudFlare later on today.
Greg Wooledge
Jul 5, 2021, 12:50:05 PM7/5/21
to
On Mon, Jul 05, 2021 at 10:32:27AM -0400, Polyna-Maude Racicot-Summerside wrote:
> This is a copy of the dump of my domain name config for CYRANIA.COM
>
> -------START
>
[snip]
> This is a copy of the dump of my domain name config for CYRANIA.COM
>
> -------START
>
> cyrania.com. 1 IN TXT "v=spf1 +ip4:162.213.253.79
> +include:spf.web-hosting.com +ip4:198.54.120.203 ~all"
These are not the publically visible DNS records for your domain.
> +include:spf.web-hosting.com +ip4:198.54.120.203 ~all"
unicorn:~$ host cyrania.com.
cyrania.com has address 104.21.59.235
cyrania.com has address 172.67.185.109
cyrania.com has IPv6 address 2606:4700:3031::6815:3beb
cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
unicorn:~$ host -t mx cyrania.com.
cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d
cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com.
unicorn:~$ host -t txt cyrania.com.
cyrania.com descriptive text "v=spf1 +ip4:162.213.253.79 +include:spf.web-hosting.com +include:premium58.web-hosting.com +ip4:198.54.120.203 ~all"
The SPF record is pretty close, but the others are nowhere near.
It's also particularly disturbing that your MX record contains an
underscore. I've been led to believe that's disallowed in hostnames.
Attempting to resolve it gives me this error:
unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
_dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
Whether that's because of the underscore is unclear to me.
In any case, you're going to want to find out why your publically visible
DNS records don't match what you thought they should be.
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 1:10:03 PM7/5/21
to
Hi
The file I published here was a dump done by Cloudflare some time ago.
Maybe I've modified the records since but I doubt it.
> unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
> _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
> Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
>
What you wrote (dc-mx) is not a underscore.
Also, I don't think I have such record in my domain (dc-mx) sounds to me
like a Microsoft thing (DC = Domain Controler, MX = Mail Exchange). I
only have a mail. and a MX record.
> Whether that's because of the underscore is unclear to me.
>
> In any case, you're going to want to find out why your publically visible
> DNS records don't match what you thought they should be.
>
Thanks, yes there's some part that may be different because some of them
are "proxied" by Cloudflare. So if a request is made to Cloudflare DNS
server, they'll give their own server DNS and this will be followed to
my server.
Cloudlfare offer in their free tier a service that will cache your web
pages and offer a fast service because they own many server closer to
the user (edge type service).
The problem is that the free tier is limited and seems to have
limitation that prevent some type of use. This is one of the reason that
pushes me to disable the Cloudflare on my mail domain name. Anyway, I
don't have a website on those domain and Namecheap is responsible of
their own security so no need for acceleration or DDOS on my side.
I'll let know when I did finish changing from Cloudflare to the standard
name management (DNS) offered by Namecheap. I'll see if this fix part of
my problem (like getting 5 DMARC email for every email I respond on the
list).
Thanks,
Sincerely,
Maybe I've modified the records since but I doubt it.
> unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
> _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
> Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
>
Also, I don't think I have such record in my domain (dc-mx) sounds to me
like a Microsoft thing (DC = Domain Controler, MX = Mail Exchange). I
only have a mail. and a MX record.
> Whether that's because of the underscore is unclear to me.
>
> In any case, you're going to want to find out why your publically visible
> DNS records don't match what you thought they should be.
>
are "proxied" by Cloudflare. So if a request is made to Cloudflare DNS
server, they'll give their own server DNS and this will be followed to
my server.
Cloudlfare offer in their free tier a service that will cache your web
pages and offer a fast service because they own many server closer to
the user (edge type service).
The problem is that the free tier is limited and seems to have
limitation that prevent some type of use. This is one of the reason that
pushes me to disable the Cloudflare on my mail domain name. Anyway, I
don't have a website on those domain and Namecheap is responsible of
their own security so no need for acceleration or DDOS on my side.
I'll let know when I did finish changing from Cloudflare to the standard
name management (DNS) offered by Namecheap. I'll see if this fix part of
my problem (like getting 5 DMARC email for every email I respond on the
list).
Thanks,
Sincerely,
Greg Wooledge
Jul 5, 2021, 1:10:03 PM7/5/21
to
On Mon, Jul 05, 2021 at 01:00:07PM -0400, Polyna-Maude Racicot-Summerside wrote:
> On 2021-07-05 12:46 p.m., Greg Wooledge wrote:
> > unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
> > _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
> > Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
> What you wrote (dc-mx) is not a underscore.
Is your mail user agent doing some sort of markdown processing, by
> On 2021-07-05 12:46 p.m., Greg Wooledge wrote:
> > unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
> > _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
> > Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
> What you wrote (dc-mx) is not a underscore.
chance? Maybe you aren't seeing what's actually being written. If
that's the case, it's only adding to your problems.
The output of "host -t mx cyrania.com." on my machine includes a hostname
that begins with an underscore. underscore dee cee hyphen em ex.
This hostname (including its leading underscore) appears on each of the
three lines in the quoted text above.
If you aren't seeing it, then something's wrong.
If you doubt my output, go ahead and run your own tests, on a machine
under your own control.
Polyna-Maude Racicot-Summerside
Jul 5, 2021, 1:20:05 PM7/5/21
to
Hi,
Oh ! Sorry, my mistake.
You get those domain when you run host on your computer but didn't see
them on the dump I've copied here ?
I got it now by simply doing the same operation you did.
I notice something that sound strange...
When I configured my domain, I've said the mail exchange (MX) is
mail.cyrania.com and when I run host -t mx this give me something
different. And the answer start with a underscore like you have noticed.
I'll switch back to using the "plain" DNS offered by my hosting provider
and see what it give out.
I really don't have real need for Cloudflare, except some expectation it
would give a bit more speed to my server thru the work on automatic caching.
I'll send you a message when it's done.
I got a bit of work to do now, will do so later today.
You get those domain when you run host on your computer but didn't see
them on the dump I've copied here ?
I got it now by simply doing the same operation you did.
I notice something that sound strange...
When I configured my domain, I've said the mail exchange (MX) is
mail.cyrania.com and when I run host -t mx this give me something
different. And the answer start with a underscore like you have noticed.
I'll switch back to using the "plain" DNS offered by my hosting provider
and see what it give out.
I really don't have real need for Cloudflare, except some expectation it
would give a bit more speed to my server thru the work on automatic caching.
I'll send you a message when it's done.
I got a bit of work to do now, will do so later today.
Joe
Jul 5, 2021, 4:10:04 PM7/5/21
to
spam defence (after accepting mail only for named users). Not so good
now that many ISPs are providing some kind of PTR record. But I haven't
deleted the check from my mail server...
--
Joe
Joe
Jul 5, 2021, 4:20:04 PM7/5/21
to
On Mon, 5 Jul 2021 16:55:44 +0200
Vincent Lefevre <vin...@vinc17.net> wrote:
> On 2021-07-05 10:32:27 -0400, Polyna-Maude Racicot-Summerside wrote:
> > > What is this 162.213.253.79 IP address?
> >
> > The IP address 162.213.253.79 is the dedicated IP I rent from
> > Namecheap.
>
> OK.
>
> > Can you control its reverse?
> > >
> > Good question, I'll need to go back read a bit on networking and DNS
> > management.
> > > Is cyrania.com a domain that you own?
> > Yes, I own cyrania.com and polynamaude.com (the domain name used
> > for the email I am sending). I know the SMTP server respond to the
> > name CYRANIA.COM (HELO) but is relaying mail for polynamaude.com
> > too.
>
> It seems that you already set up the reverse for 162.213.253.79 since
> it is cyrania.com (your domain).
>
> You may want to add 162.213.253.79 to the cyrania.com IP addresses,
> but if cyrania.com is used as a www host and 162.213.253.79 shoud
> not be used for this purpose, this is not OK.
>
> In general, it is better to have a specific FQDN for each IP address.
> For instance, 162.213.253.79 would have nodename.cyrania.com as the
> reverse and nodename.cyrania.com would resolve to 162.213.253.79,
> where nodename is the name obtained with the "uname -n" command.
>
It's not a big issue. My public FQDN and PTR have no relationship at
Vincent Lefevre <vin...@vinc17.net> wrote:
> On 2021-07-05 10:32:27 -0400, Polyna-Maude Racicot-Summerside wrote:
> > > What is this 162.213.253.79 IP address?
> >
> > The IP address 162.213.253.79 is the dedicated IP I rent from
> > Namecheap.
>
> OK.
>
> > Can you control its reverse?
> > >
> > Good question, I'll need to go back read a bit on networking and DNS
> > management.
> > > Is cyrania.com a domain that you own?
> > Yes, I own cyrania.com and polynamaude.com (the domain name used
> > for the email I am sending). I know the SMTP server respond to the
> > name CYRANIA.COM (HELO) but is relaying mail for polynamaude.com
> > too.
>
> It seems that you already set up the reverse for 162.213.253.79 since
> it is cyrania.com (your domain).
>
> You may want to add 162.213.253.79 to the cyrania.com IP addresses,
> but if cyrania.com is used as a www host and 162.213.253.79 shoud
> not be used for this purpose, this is not OK.
>
> In general, it is better to have a specific FQDN for each IP address.
> For instance, 162.213.253.79 would have nodename.cyrania.com as the
> reverse and nodename.cyrania.com would resolve to 162.213.253.79,
> where nodename is the name obtained with the "uname -n" command.
>
all with any email domain I use, and I've never had mail refused for
that reason, over more than fifteen years. I also use a single HELO, and
that only matches one domain. Again, no problem with the other domains.
My mail server doesn't check for matching anywhere, only that a sending
IP address has complementary PTR and FQDN, and that the FQDN and HELO
are resolvable in public DNS, and I think that's a common setup.
--
Joe
Joe
Jul 5, 2021, 4:30:04 PM7/5/21
to
On Mon, 5 Jul 2021 09:23:03 -0400
Polyna-Maude Racicot-Summerside <deb...@polynamaude.com> wrote:
>
> I was thinking that maybe I should start thinking about hosting my own
> email server. But I wasn't sure if I felt like I had the nerve to do
> so. Some people say it's a lot of maintenance work.
>
No, it's not a big deal. The only maintenance I do is to try to improve
Polyna-Maude Racicot-Summerside <deb...@polynamaude.com> wrote:
>
> I was thinking that maybe I should start thinking about hosting my own
> email server. But I wasn't sure if I felt like I had the nerve to do
> so. Some people say it's a lot of maintenance work.
>
my anti-spam measures, and that's probably less than half an hour per
year. *After* the mail server was set up and running properly, of
course, and even that doesn't take much work.
*If* you have a static IP address and your ISP is willing to keep the
CIDR block containing it off of blacklists (some ISPs don't care). It
can allegedly be done with a dynamic address, but you not only have to
keep the MX->A record updated, but also the PTR. You may not even have
control of the PTR on a dynamic address. It's more to go wrong, and
there is a chance of delayed mail whenever the address changes. Also,
some mail servers try to identify dynamic addresses and reject SMTP
connections from them.
If you have a dynamic address, the only safe way is to send through a
smarthost with a good reputation, and many ISPs do not provide them
now. Also, you lose logging of sent mail, which is one of the reasons
for doing it yourself.
--
Joe
Joe
Jul 5, 2021, 4:40:04 PM7/5/21
to
be told to look for.
Having said that, I gave up on SA after a couple of months. That really
*was* high-maintenance. I also prefer not to filter on content, as it's
difficult to avoid false positives.
--
Joe
Vincent Lefevre
Jul 6, 2021, 6:00:05 AM7/6/21
to
On 2021-07-05 21:12:01 +0100, Joe wrote:
> It's not a big issue. My public FQDN and PTR have no relationship at
> all with any email domain I use, and I've never had mail refused for
> that reason, over more than fifteen years. I also use a single HELO, and
> that only matches one domain. Again, no problem with the other domains.
The OP got a mail rejected because of that.
> It's not a big issue. My public FQDN and PTR have no relationship at
> all with any email domain I use, and I've never had mail refused for
> that reason, over more than fifteen years. I also use a single HELO, and
> that only matches one domain. Again, no problem with the other domains.
Polyna-Maude Racicot-Summerside
Jul 9, 2021, 4:20:05 PM7/9/21
to
Hi,
On 2021-07-05 1:16 p.m., Polyna-Maude Racicot-Summerside wrote:
> Hi,
>
> On 2021-07-05 1:07 p.m., Greg Wooledge wrote:
>> On Mon, Jul 05, 2021 at 01:00:07PM -0400, Polyna-Maude Racicot-Summerside wrote:
>>> On 2021-07-05 12:46 p.m., Greg Wooledge wrote:
>>>> unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
>>>> _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
>>>> Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
>>
>>> What you wrote (dc-mx) is not a underscore.
>>
>> Is your mail user agent doing some sort of markdown processing, by
>> chance? Maybe you aren't seeing what's actually being written. If
>> that's the case, it's only adding to your problems.
>>
>> The output of "host -t mx cyrania.com." on my machine includes a hostname
>> that begins with an underscore. underscore dee cee hyphen em ex.
>> This hostname (including its leading underscore) appears on each of the
>> three lines in the quoted text above.
>>
>> If you aren't seeing it, then something's wrong.
>>
>> If you doubt my output, go ahead and run your own tests, on a machine
>> under your own control.
>>
>
I think it shall now have been corrected.
On 2021-07-05 1:16 p.m., Polyna-Maude Racicot-Summerside wrote:
> Hi,
>
> On 2021-07-05 1:07 p.m., Greg Wooledge wrote:
>> On Mon, Jul 05, 2021 at 01:00:07PM -0400, Polyna-Maude Racicot-Summerside wrote:
>>> On 2021-07-05 12:46 p.m., Greg Wooledge wrote:
>>>> unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com.
>>>> _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79
>>>> Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN)
>>
>>> What you wrote (dc-mx) is not a underscore.
>>
>> Is your mail user agent doing some sort of markdown processing, by
>> chance? Maybe you aren't seeing what's actually being written. If
>> that's the case, it's only adding to your problems.
>>
>> The output of "host -t mx cyrania.com." on my machine includes a hostname
>> that begins with an underscore. underscore dee cee hyphen em ex.
>> This hostname (including its leading underscore) appears on each of the
>> three lines in the quoted text above.
>>
>> If you aren't seeing it, then something's wrong.
>>
>> If you doubt my output, go ahead and run your own tests, on a machine
>> under your own control.
>>
>
0 new messages