Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

PHP mail() Linux server - SMTP response 550 No reverse name (PTR)

Posted on 2010-11-11
13
Medium Priority
?
1,486 Views
Last Modified: 2012-05-10
Hi all,

We have an Ubuntu server install with sendmail, apache and php running.

The server is internal to our network and is not accessible outside of our network.

The intranet sends emails to clients and does this usually without issue however for one client I am receiving a bounceback as follows:

            "The message reached the recipient's e-mail system, but delivery was refused.  Attempt to resend the message.  If it still fails, contact your system administrator.
< intranet.mycompany.local #5.2.1 SMTP; 550 5.2.1 Mailbox unavailable. No reverse name (PTR) for your sender IP ()"

I'm not sure exactly where the issue lies, is it because it cannot resolve intranet.mycompany.local to the IP in brackets or is it that the IP in brackets does not resolve to an address?

Any help with this would be greatly appreciated. If you need anymore information please don't hesitate to ask.

Thanks,

0
Comment
Question by:webhanson
  • 5
  • 4
  • 3
13 Comments
 
LVL 3

Expert Comment

by:flubbard
ID: 34114636
It would appear that there is not a proper DNS record.  If this is being sent to an internal account, you may need to set up a DNS record for the server (intranet.mycompany.local) so that the reverse DNS is present.  Otherwise, you will need to have the pointer set up by your ISP so that the reverse lookup can be performed.  Finally, make sure that your that your hostname is reporting correctly on your computer and matches what's in the DNS record.  This is especially true if the intranet server is sending messages to a server outside of the intranet (even if the user is still on the intranet).

HTH - Flub
0
 
LVL 2

Author Comment

by:webhanson
ID: 34114717
Hi flubbard

The intranet is internal to our network and not visible from outside.

Do I essentially need to open up the firewall and allow traffic to pass back through to the Sendmail server? if so do you know what ports would need to be opened?

The intranet is mailing to other domains on email servers external to our network.

What would the ISP set the pointer of the IP to be? would it be to intranet.mycompany.local? Not sure I understand how that would work? could you explain more.

0
 
LVL 3

Expert Comment

by:flubbard
ID: 34114825
You mentioned that you are getting a returned message bouce.  Is that from one of your servers too, or is that from a server outside?

  - flub
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 2

Author Comment

by:webhanson
ID: 34115147
The bounceback is from an external mail server. Our employees login to the intranet, fill out a form entering who the email is to, the message and subject and click send. The php script then sends the email.
0
 
LVL 7

Expert Comment

by:jackiechen858
ID: 34115162
from the message, it's not firewall issue; no ports need to be open. "SMTP response 550 No reverse name" means the remote smtp server can not reverse DNS your smtp server ip address. Normally this means the remote server is concerned with security and has strong anti-spam rules.

In order to get a reverse DNS, you have to contact your ISP; say you get a ip address from them as 123.11.22.33, when your mail server send out email, it will be shown as sending from 123.11.22.33 ( doesn't matter if your mail server is 192.168.44.55 internally).  You need to ask your ISP to create a reverse DNS record, to link 123.11.22.33 to yourmailserver.yourdomain.com.




 

0
 
LVL 7

Expert Comment

by:jackiechen858
ID: 34115171
0
 
LVL 7

Expert Comment

by:jackiechen858
ID: 34115340
I just realized this question only rewards 20 points, that doesn't show much appreciation.
0
 
LVL 2

Author Comment

by:webhanson
ID: 34115695
Does it matter if I get the ISP to set the domain to an address such as intranet.mycompany.local or does the host name need to be Internet visible, such as google.com?
0
 
LVL 3

Expert Comment

by:flubbard
ID: 34115844
The domain should match the name of the server - in my experience, or else you still may run into trouble.  You may try naming your server mail.mydomain.com.

 - flub
0
 
LVL 2

Author Comment

by:webhanson
ID: 34116683
Hi Jackiechen,  Apologies, I have now raised the points.

So I'm clear on this:

The remote server is trying to confirm that the domain of the sending address me@mycompany.co.uk is the reverse lookup of the sending IP 20.20.20.20 or is it trying to confirm that 20.20.20.20 resolves to intranet.mycompany.local?

When you say resolve, are you meaning that the remote server can directly speak with the sending mail server or simply that there is an A record in the DNS for "domain name (google.com)" set to 20.20.20.20?

if I get my ISP to set the reverse lookup to be "mycompany.co.uk" even though the sending mail servers FQDN is intranet.mycompany.local will this stop the issue?

Or do I need to make it so that the sending mail server has a domain name of "mycompany.co.uk"?

Thanks again
0
 
LVL 7

Accepted Solution

by:
jackiechen858 earned 2000 total points
ID: 34117740
Reverse DNS is a DNS record to point a ip to a domain ( regular DNS A record point a domain to a IP ).  

so for regular DNS,  if you own mycompany.co.uk, you can setup mail.mycompany.co.uk point to 20.20.20.20; for reverse DNS, only a company own 20.20.20.20 ip (your ISP) can set it up to point to any domain ( it should be a valid internet domain through )

If you use windows, you can do a test:

do a "ping mail.cnn.com" ,  you got mail.cnn.com's ip 157.166.236.135 by regular DNS;
do a "ping 157.166.236.135", you only see the ip address;
do a "ping -a 157.166.236.135", you got "Pinging mail.cnn.com [157.166.236.135]", this is reverse DNS.


So you need to :
1. configure your mail server to be "mail.mycompany.co.uk",
2.  ask your ISP to point 20.20.20.20 to mail.mycompany.co.uk.

after you done 1., when your mail server talk to remote server, it will introduce itself as "helo, I am mail.mycompany.co.uk", then the remote server will query your ip by reverse dns.


 



0
 
LVL 2

Author Closing Comment

by:webhanson
ID: 34128515
The answers given helped confirm my understanding of how this specific mail server security measure is working.

To resolve the issue, I altered my sendmail configuration to relay via a smarthost that was already being used to relay our corporate (MS Exchange) email from the same IP.

The appropriate DNS records were already configured for this smarthost and hence resolved the issue.

Thank you for responding so quickly!
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question