1 (edited by Skankhunt_42 2022-11-26 11:23:52)

Topic: Cloudflare DNS - Mail Header Issues

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.5.2 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? Downloadable
- Linux/BSD distribution name and version: Ubuntu 22.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL (MariaDB)
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,

until now outgoing mails seemed to work fine. But i have noticed mails to one specific local mail hoster, which get rejected with Error 450 Helo command rejected: Host not found.

My PTR Record is definetley okey.
I can lookup my rDNS and it resolves just fine.

I am using cloudflare as DNS with following Records:

- A-Record: Public-IP with Proxy on to domain.com (For Website proxied by cloudflare)
- A-Record: Public-IP without Proxy to mail.domain.com (mailserver)
- MX-Record: domain.com to mail.domain.com
Also DKIM, DMARC and SPF Records set propertly.


If proxy for A-Record domain.com for Website is active the mailheader contains:

 Received: from domain.com (unknown [public-ip]) 

SpamAssassin gives me the following score:

  1.3 RDNS_NONE              Delivered to internal network by a host with no   
                            rDNS  


If proxy for A-Record domain.com for Website is deactivated the mailheader contains:

 Received: from domain.com (domain.com [public-ip])

MailAssassin doesnt show RDNS Errors anymore.

Mail delivery seems to work just fine then...!
Why?
Does anybode know how to solve this?


Thank you!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Cloudflare DNS - Mail Header Issues

The IP resolved by the A record should resolve back to the same hostname by the rDNS, which is not the case when you have the Cloudflare proxy turned on for the A record. You shouldn't use the proxy for the hostname where your MX records are pointing.

3

Re: Cloudflare DNS - Mail Header Issues

RikuS wrote:

The IP resolved by the A record should resolve back to the same hostname by the rDNS, which is not the case when you have the Cloudflare proxy turned on for the A record. You shouldn't use the proxy for the hostname where your MX records are pointing.

Thank you for your reply.
That is exacly what i didn't wanted to read. But i guess there is no way around it.