Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 335
  • Last Modified:

spf record and rDNS not exists

Hi,
My site is
lapaz.com.tr
and is hosted at hostgator.com

When I check it with http://mxtoolbox.com/ 
I see that it does not have SPF records and  also it founds SMTP Reverse DNS Mismatch

How serious are these problems for the emails I send from info@lapaz.com.tr
How can I fix?
Thank you
0
myyis
Asked:
myyis
  • 8
  • 7
  • 3
  • +1
2 Solutions
 
Chris DentPowerShell DeveloperCommented:
The SPF record is not mandatory and no one will insist you have one for mail delivery. That's more about protecting your own domain from abuse really. I do advise you create such a record if you can, anything to reduce spam is a good thing, but people should not refuse mail from you for failing to have one.

The Reverse DNS record is critical for servers sending mail. A significant number of remote mail servers will simply refuse to talk to you (accept mail) if that's not in place.

Be a little careful with the online tools to check this. If you happen to use different sending and receiving servers the tests are invalid, they have no means of determining your configuration so they make assumptions. Typically the assumption is that whatever you have in your MX record also sends mail out.

Chris
0
 
SteveCommented:
The SPF & rDNS are not requirements and your mail system will work without them, but you will find it hard to get past some junk filtering systems without at least the rDNS. Adding a valid SPF definitely improves your chances of through but isn't a requirement.

From the wording of your question, would I be right in assuming you have a hosted website that also sends out mail?
If this is the case, adding an SPF may be possible as that's just a record added to your public DNS, but rDNS is not gonna happen.
rDNS is a link to the internet line/IP used to send the mail. if the IP belongs to the hosting company it's unlikely they would add an rDNS record for you as it's probably shared between multiple companies.
0
 
Chris DentPowerShell DeveloperCommented:
With respect, I disagree that RDNS is not mandatory. All major mail providers (including gmail, hotmail, yahoo, etc) and I would expect al major anti-spam suppliers check for RDNS when an SMTP conversion begins. No RDNS, no more conversation, it runs a bit deeper than something being flagged as spam.

If the server cannot have an RDNS records (because of the nature of the connection) another mail service must be bought.

Chris
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
myyisAuthor Commented:
My site is at shared hosting  and this is what I got from hostgator support.

"As the banner will not match due to the server uses the server hostname and not your domain. The warning should not cause issues."

What can I do?
0
 
Chris DentPowerShell DeveloperCommented:
All that needs to happen for the DNS checks is for:

1. The name used by the server resolves to the IP it's connecting from (nslookup servername)
2. The IP its connecting using to resolve back to the name of the server (nslookup IPAddress)

If you don't pass those two very simple checks you'll find your SMTP server loses it's connection immediately after sending HELO / EHLO in a large number of cases.

None of those values have to be at all related to your e-mail domain, but they must be consistently set.

Chris
0
 
myyisAuthor Commented:
Is this explanation of Hostgator is acceptable?

"As the banner will not match due to the server uses the server hostname and not your domain. " 

If it is acceptable what can I do?
0
 
Chris DentPowerShell DeveloperCommented:
It's incomplete, it doesn't really tell you very much.

What's the name of the server? Take that and run "nslookup fullname", then look at the IP address you get back from that and run "nslookup IPaddress". You might find it's already set-up reasonably well.

Chris
0
 
myyisAuthor Commented:
my site is name lapaz.com.tr
1. How can I learn the name of  server
2. And how can I do this
 " run "nslookup fullname", then look at the IP address you get back from that and run "nslookup IPaddress"
0
 
Chris DentPowerShell DeveloperCommented:
You need 1 to do 2 :) The site name is not necessarily the server name. Can you check the server name with your host? Might be the easiest way.

Chris
0
 
Chris DentPowerShell DeveloperCommented:
Oh and 2 can be done from anywhere, including your own desktop / laptop / something with a console. You might struggle with a tablet, but that's about the only limitation.

Chris
0
 
myyisAuthor Commented:
This is the mail sent from info@lapaz.con.tr
Does this tell the server name?

                                                                                                                                                                                                                                                 
Delivered-To:  XXXXXXX@gmail.com;
Received: by 10.170.212.3 with SMTP id d3csp68778ykf;
        Thu, 11 Dec 2014 08:35:56 -0800 (PST)
X-Received: by 10.182.49.231 with SMTP id x7mr7044293obn.48.1418315756068;
        Thu, 11 Dec 2014 08:35:56 -0800 (PST)
Return-Path: <info@lapaz.com.tr>
Received: from gateway12.websitewelcome.com ([69.93.157.3])
        by mx.google.com with ESMTPS id z191si1057518oia.137.2014.12.11.08.35.55
        for < XXXXXXX@gmail.com;>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Thu, 11 Dec 2014 08:35:55 -0800 (PST)
Received-SPF: none (google.com: info@lapaz.com.tr does not designate permitted sender hosts) client-ip=69.93.157.3;
Authentication-Results: mx.google.com;
       spf=none (google.com: info@lapaz.com.tr does not designate permitted sender hosts) smtp.mail=info@lapaz.com.tr
Received: by gateway12.websitewelcome.com (Postfix, from userid 5007)
      id 60C2D708CDC3; Thu, 11 Dec 2014 10:35:55 -0600 (CST)
Received: from gator4012.hostgator.com (gator4012.hostgator.com [192.185.4.23])
      by gateway12.websitewelcome.com (Postfix) with ESMTP id 52A3E708CD4E
      for < XXXXXXX@gmail.com;>; Thu, 11 Dec 2014 10:35:55 -0600 (CST)
Received: from [95.8.195.46] (port=61898 helo=erdem)
      by gator4012.hostgator.com with esmtpa (Exim 4.82)
      (envelope-from <info@lapaz.com.tr>)
      id 1Xz6iY-0006kW-Kv
      for XXXXXXX@gmail.com; Thu, 11 Dec 2014 10:35:55 -0600
0
 
Chris DentPowerShell DeveloperCommented:
Your server is quite a long way down the chain by the looks of it.

I imagine gator4012 is yours, but then it sends mail to gateway12 and because of this you no longer need to concern yourself with the RDNS record. gateway12 needs to care about all that, it's the one submitting to Google.

So all in all you look to be in good shape.

If you were to implement an SPF record you would have to check which servers hostgator use as relays. That should include gateway12 because it would need to be a permitted sender for your domain.

Chris
0
 
myyisAuthor Commented:
I have added this record
v=spf1 a mx include:websitewelcome.com ~all

And the result is:
What you say?


Delivered-To: XXXXXXX@gmail.com
Received: by 10.170.212.3 with SMTP id d3csp75061ykf;
        Thu, 11 Dec 2014 09:16:50 -0800 (PST)
X-Received: by 10.202.213.88 with SMTP id m85mr6808328oig.39.1418318210332;
        Thu, 11 Dec 2014 09:16:50 -0800 (PST)
Return-Path: <info@lapaz.com.tr>
Received: from gateway03.websitewelcome.com ([69.93.31.27])
        by mx.google.com with ESMTPS id wd10si1191878obc.20.2014.12.11.09.16.49
        for <XXXXXXX@gmail.com>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Thu, 11 Dec 2014 09:16:49 -0800 (PST)
Received-SPF: pass (google.com: domain of info@lapaz.com.tr designates 69.93.31.27 as permitted sender) client-ip=69.93.31.27;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of info@lapaz.com.tr designates 69.93.31.27 as permitted sender) smtp.mail=info@lapaz.com.tr
Received: by gateway03.websitewelcome.com (Postfix, from userid 5007)
      id 6DFAE70A54646; Thu, 11 Dec 2014 11:16:49 -0600 (CST)
Received: from gator4012.hostgator.com (gator4012.hostgator.com [192.185.4.23])
      by gateway03.websitewelcome.com (Postfix) with ESMTP id 65ECE70A545EC
      for <XXXXXXX@gmail.com>; Thu, 11 Dec 2014 11:16:49 -0600 (CST)
Received: from [95.8.195.46] (port=62526 helo=erdem)
      by gator4012.hostgator.com with esmtpa (Exim 4.82)
      (envelope-from <info@lapaz.com.tr>)
      id 1Xz7M8-0002Fd-Ne
0
 
Chris DentPowerShell DeveloperCommented:
Perfect :)

That's all you need to do. The problem or RDNS is not yours, it's your hosts. The SPF record includes the system(s) who are handling your mail for you.

Chris
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
Whoa - so much confusion...

To block SPAM, the receiving mail (SMTP) server wants to do some basic validation.

So the message header you provided says:
 - You used webmail to send your message.
 - You were at IP 95.8.195.46, and you were logged into the hostgator site on system gator4012 at IP 192.185.4.23.
 - The message says it is from info@lapaz.con.tr
 - The webmail server delivered it to your (shared) mail server (through which all of your mail should pass) at gateway12.websitewelcome.com at IP address 69.93.157.3.

OK, so here's where things get a little hinky... your DNS says that you should be sending messages for lapaz.com.tr through the host at IP 192.185.18.140 -- which says it is actually (shared name) mybasiccrm.com... But at no time did any of your mail pass through that host. Thus, you might get flagged as SPAM.

Here are a few pointers:
 1) No reason for your MX record to not show (or to obfuscate) where your mailserver really is. I don't know where the websitewelcome.com site came in (your config or hostgator's), but it doesn't appear to belong. I would ask HostGator where you're supposed to be sending your mail through (what mailserver of theirs is the right one to send your mail), and while you're at it, ask them about the appropriate SPF record.
 2) SPF is NOT just about avoiding SPAM in your own inbox -- it is also a way to help prevent others from using your email address (or your entire domain!) as a fake-source of SPAM (or phishing). SPF is an indicator in your DNS server that only specific hosts (systems) are supposed to be sending messages from you (or your users). Mail from other sites usually are then rejected (so that if someone sends out 1000000 emails from aol.com claiming to be from info@lapaz.com.tr, most won't ever be delivered).

There are plenty of alternatives, but these are the basics.

Ideally, you would identify your mail server by the same name it calls itself -- that is, your MX record in DNS would say mybasiccrm.com, instead of something like mail.lapaz.com.tr. Then, when they look at the rDNS of the server that connects, it matches the name in your MX record and you're golden. Of course, that's not always possible, so that's when SPF comes in -- to advertise where your valid mail servers really are.... and again, asking HostGator to help you created your SPF record would be the wise choice.

I hope this helps...

Dan
IT4SOHO
0
 
myyisAuthor Commented:
Hi
Thank you for this really informative comment.
I learned the mailserver of hostgator is websitewelcome.com and put the  record as:
v=spf1 a mx include:websitewelcome.com ~all

I believe it looks fine, how can we check?
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
LOL - one easy way is to send another message to your gmail account, and look at the headers as received at gmail! You'll see the SPF check result listed in the header.

You have already used mxtoolbox.com.

Those should be enough.

Dan
IT4SOHO
0
 
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
One last comment -- once you've verified the SPF is valid and what you want... change that ~ (tilde) character (which says you're in test mode), to a - (dash) character (which says you mean to deny all other mail).

Dan
IT4SOHO
0
 
myyisAuthor Commented:
Thank you very much, sorry I don't have more points left for you, hope for another question :)
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

  • 8
  • 7
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now