I am unable to email to certain domains - as the mail just bounces back. I ran a report on my domain at dnsstuff.com and found some issues. Can anybody advise on how to fix? I have a server running GFI MailEssentials sitting in front of my Exchange 2007 box - relaying mail to the Exch box after it scrubs spam.
Problem #1: WARNING: SPF record: Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).
Problem #2: FAILURE: Reverse DNS entries for MX records ERROR: The IP of one or more of your mail server(s) have no reverse DNS (PTR) entries/* (if you see "Timeout" below, it may mean that your DNS servers did not respond fast enough)*/. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. You can double-check using the 'Reverse DNS Lookup' tool at the DNSstuff site if you recently changed your reverse DNS entry (it contacts your servers in real time; the reverse DNS lookups in the DNS report use our local caching DNS server). The problem MX records are:
184.108.40.206.in-addr.arpa [No reverse DNS entry (rcode: 3 ancount: 0) (check it)]
WARNING: Mail server host name in greeting : One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
mail.oddiatlantic.com claims to be non-existent host gfi.OA.local: <br /> 220 gfi.OA.local Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Thu, 9 Aug 2007 12:14:48 -0400 <br />