1/4/2007 1:31:09 AM
WebTech
Ryan Yzquierdo

What would you like the PTR records changed to?

AndrewM
EV1Servers
Webhosting Technical Support

1/4/2007 12:19:29 PM
WebTech
Dear Ryan Yzquierdo

Please supply us with a domain that resolves to the IP address of each server you provided that you want the reverse entry to be. The domain must resolve to the specific IP. You may wish to use the hostname of the server as your reverse entry. This will cover all domains hosted on that specific server. We await your response.

Thank You
KevinS
EV1 Servers
Webhosting Technical Support

1/4/2007 4:18:55 PM
WebTech
Dear Ryan Yzquierdo,
Your reverse DNS / PTR changes have been made. Please allow sufficient time (6-12 hours) for our DNS servers to reload and for the changes to be reflected. Thank you.

RandallK
EV1Servers
Webhosting Technical Support

I would like to have reverse DNS setup for my server with EV1 (67.15.221.15). I am trying to resolve some issues with various email clients like Hotmail blocking emails from my priAccount Management website, SEIBERTRON.com.

Have you filled out a ticket to support yet?

Also, if you're running WHM, you might want to take a look at this: http://knowledge.phirefast.com/?q=node/13

I'm trying to get to the bottom of why Hotmail is refusing emails from my server. Users are not able to receive emails from my website if they try to register with a Hotmail account. I'm sure there are some other email clients that have the same issue. Gmail works, Yahoo works ... it's Hotmail that's my biggest concern at this time.  

I ran some reports on DNSstuff.com to see if it can help me find areas of concern. I'm not sure what a couple of these messages mean or how to resolve them. I hope that someone will be able to point me in the right direction. I have contact EV1 regarding issue #3 because I could not add the SPF record for the domain's zone. Any suggesions for 1 and 2 would be greatly appreciated.  


ISSUE #1: WARN Single Point of Failure WARNING: Although you have at least 2 NS records, and they appear to point to different physical servers, it appears that they block the ICMP packets used as part of our test, which means that they may share the same firewall. If they share the same firewall, this results in a single point of failure, which could cause all your DNS servers to be unreachable.  

ISSUE #2: WARN Mail server host name in greeting WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

mail.mywebsite.com claims to be non-existent host plesk.ev1servers.net:  
220 plesk.ev1servers.net ESMTP  

ISSUE #3: WARN SPF record Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).

ISSUE #2: WARN Mail server host name in greeting WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

2. You reporting the incorrect name due to a bad hostname on the server, change your servers hostname also make sure you set your hostname correct in httpd.conf, i see your running RHEL, your hostname will not change by running the hostname command alone, you also need to edit /etc/sysconfig/network file to change it permanately.

ERROR: PleskFatalException Create shortcutCreate shortcutUp LevelUp Level  

 
Unable to make action: Unable to manage service by dnsmng: dnsmng: Service named failed to start

--------------------------------------------------------------------------------

0: /usr/local/psa/admin/plib/common_func.php3:172
psaerror(string 'Unable to make action: Unable to manage service by dnsmng: dnsmng: Service named failed to start')
1: /usr/local/psa/admin/htdocs/server/restart_services.php:30

I sent several messages to my brother's Hotmail account over the past five months. For some of those messages, I also sent them to his Gmail account.  

Surprisingly, only the messages that were sent to Gmail at the same time managed to be delivered to his Hotmail inbox.  

If you send a message to a Hotmail user only (no other recipients), don't expect to find it. If you want it to be delivered, CC the message to at least one other account with another mail provider, and voila -- it's magic.  

Maybe the competition with Gmail is keeping Hotmail honest.

You need to chk your mail log and find the reason it was rejected by hotmail.

I can see that you have basic connectivity to hotmail, so that's not the problem either:

[root@plesk named]# telnet mx1.hotmail.com 25
Trying 65.54.245.8...
Connected to mx1.hotmail.com (65.54.245..
Escape character is '^]'.
220 bay0-mc9-f16.bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.msn.com/Anti-spam/. Violations will result in use of equipment located in California and other states. Tue, 9 Jan 2007 11:53:56 -0800
Connection closed by foreign host.

So, I check the logs:

Jan 9 05:02:51 plesk qmail: 1168340571.869903 starting delivery 5475: msg 575626 to remote joshuaj57@hotmail.com

Ok, email going to hotmail. 'Delivery 5475' is the queue id of sorts, so we look for that again:

Jan 9 05:02:55 plesk qmail: 1168340575.804281 delivery 5475: success: 65.54.245.40_accepted_message./Remote_host_said:_250__< 23cb5b948dc973eba8a4adf9d677bdb3@www.seibertron.com> _Queued_mail_for_delivery/

And it was accepted by the remote host.

So hotmail is getting the email, but doing something else with it. Perhaps it is ending up in the spam folder or being filtered for different reasons? I can't tell from this information, but I don't think its anything on your server's side anymore, its Hotmail dropping your email. Normally if you email is getting filtered for spam, it would just outright reject you if you are blocked, so I suspect it is some sort of filtering on their side.

Yes, without a bounce msg as to why they are nuking them, you really have no idea what the issue is, i highly doubt its anything to do with the spf/ptr/banner as i dont use either for one server and never have changed the banner for exim as its a cpanel server.

Unless hotjunkmail is willing to help you, you may not solve it anytime soon.

---------- Forwarded message ----------
From: MSN Hotmail Support
Date: Jan 11, 2007 12:39 AM
Subject: RE: SRX1027336083ID - MSN Hotmail:Cannot Send Mail:Cannot send mail to speci
To: myemailisthecoolestintheworld123456@gmail.com

Hello Ryan,  

Thank you for writing to MSN Hotmail Technical Support. My name is Margarett and I gather that Hotmail accounts are unable to receive messages from your website, http://www.seibertron.com. I realize the importance of having your concern addressed immediately.  

Ryan, in order to help you with your issue, please advise the e-mail provider of your website to visit our Postmaster site at http://postmaster.hotmail.com/Troubleshooting.aspx. This site provides troubleshooting information to those who are having issues sending e-mail messages to Hotmail.  If your e-mail provider needs further assistance with their e-mail delivery issues, they will have to click on the second "here" link under "Sender services, tools, and issue submission" or submit the necessary information at:  

http://support.msn.com/eform.aspx?productK...mail&ct=eformts  
 
You are valuable at MSN and we look forward to providing you with consistent and effective service. Thank you for using MSN Hotmail.  

Sincerely,
 
Margarett S.  
MSN Hotmail Technical Support

---------- Forwarded message ----------
From: EV1Servers Support
Date: Jan 11, 2007 5:23 PM
Subject: EV1Servers.net Trouble Ticket  - 1389607 - CustomerID: RS-63874-3 - Date: 1/11/2007 5:23:46 PM
To: myemail123456@gmail.com

The Trouble Ticket you entered into Server Command of EV1Servers.net has been modified.  The following notes have been made to your ticket.
------------------------
Description of the Resolution:


1/11/2007 5:23:46 PM
WebTech
Dear Ryan Yzquierdo,

To send emails to hotmail.com, you will need to have a reverse pointer on your IP address that matches your server''s hostname, as most of the larger email providers (yahoo, hotmail, etc.) require that the reverse pointer of the IP match the server''s hostname as an anti-spam measure. You can make this change by sshing to the server as root and running the command hostname follwed by what you would like the server''s hostname to be (ex: srv.seibertron.com, server.seibertron.com). Once the hostname is set, you will need to edit the files /etc/hosts and /etc/sysconfig/network to reflect these changes. The server''s hostname will need to have it''s own A record in DNS so that the hostname can resolve properly. Once the hostname is fully set, you will need to edit the reverse pointer on the IP to match that of the server''s hostname. One the DNS has had time to propagate, you should be able to send email messages to hotmail without issue. If you have any problems sending emails to hotmail once the DNS has been given sufficient time, please contact us again regarding the issue. The domain http://www.openspf.org/ should help you with setting up the SPF record.

RussellK
EV1Servers
Webhosting Technical Support

Seibertron  
 
Your SPF record is set incorrect.
You have the TXT record set using mail.Seibertron.com like this:

mail.Seibertron.com. TXT "v=spf1 a mx ~all"

but for it to be recognized as valid by hotmail and gmail it should read:

Seibertron.com. TXT "v=spf1 a mx ~all"

Without the mail.
Also don't forget the "." AFTER the "com" as in "com."

Once you do that all your troubles will go away.

For a better wizard for SPF records go to microsoft's SPF wizard.

Also if you have the IP address of the server then ad it as an authorized outgoing mail server in your SPF record using the SPF wizard from Microsoft and they will stop bouncing the e-mails because the server will be an authorized mail sender for your domain as per your SPF record's instructions.

Augusto.

I can see that today dnsreport.com reports you having now an SPF record so you now did it correctly.

I myself leave both records because I suspect some ISPs might actually check that one instead. Just make sure they both contain the same information.

Here's the latest message I received from Ev1servers (just to share it with everyone in case others are having the same problem). Before I do this, does anyone have any recommendations now? Should I make the changes? This message from Ev1 is in response to the Hotmail message that I added to my trouble ticket.

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.

mail.seibertron.com claims to be the host at IP mail.seibertron.com [but that IP is not the one we connected to, 67.15.221.15].  

You still haven't added the hostname server and its IP to the SPF record so you still fail this test:



If you have an IP-based site for seibertron.com whose IP is different from the server's ip and your e-mail's headers identify the host server as the one sending the e-mails then you still fail the test.

You need to add the server's hostname to it. For instance lets say your server's hostname name is server.seibertron.com and it's ip is 111.111.111.111 then the SPF record that adds the server and its ip to the authorized servers that can mail from your domain is:

v=spf1 a mx mx:mail.seibertron.com ip4:111.111.111.111 a:server.seibertron.com ~all

Also make sure that the hostname has an A entry in the DNS.

>From: John Smith <*********@seibertron.com>
>Reply-To: John Smith
>To: Ryan Yzquierdo
>Subject: Test message sent at 12:51 PM
>Date: 13 Jan 2007 12:51:48 -0600
>Received: from mail.seibertron.com ([67.15.221.15]) by bay0-mc12-f10.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); Sat, 13 Jan 2007 10:51:49 -0800
>Received: (qmail 23207 invoked by uid 48); 13 Jan 2007 12:51:48 -0600
>X-Message-Info: txF49lGdW41nBjKq1Q8nEOnw4ypsg8m4XKJfpxokLPU=
>X-Mailer: PHP/4.3.9
>Return-Path: *********@gmail.com
>X-OriginalArrivalTime: 13 Jan 2007 18:51:49.0311 (UTC) FILETIME=[E1BF84F0:01C73743]
>
>This is a test message that was sent from http://seibertron.com
>
>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aliquam ipsum. Sed pharetra ipsum tempor velit. Nulla pretium varius urna. Nam luctus venenatis nulla. Etiam ac libero. Sed et nunc. Aenean congue odio viverra magna. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Nullam auctor dui. Nam interdum imperdiet sem. Integer dui nunc, molestie nec, nonummy id, lobortis aliquet, lorem.

>From: John Smith
>Reply-To: John Smith
>To: Ryan Yzquierdo
>Subject: Test message sent at 12:51 PM
>Date: 13 Jan 2007 12:51:48 -0600
>Received: from mail.seibertron.com ([67.15.221.15]) by bay0-mc12-f10.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2444); Sat, 13 Jan 2007 10:51:49 -0800
>Received: (qmail 23207 invoked by uid 48); 13 Jan 2007 12:51:48 -0600
>X-Message-Info: txF49lGdW41nBjKq1Q8nEOnw4ypsg8m4XKJfpxokLPU=
>X-Mailer: PHP/4.3.9
>Return-Path: *********@gmail.com
>X-OriginalArrivalTime: 13 Jan 2007 18:51:49.0311 (UTC) FILETIME=[E1BF84F0:01C73743]
>
>This is a test message that was sent from http://seibertron.com
>
>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aliquam ipsum. Sed pharetra ipsum tempor velit. Nulla pretium varius urna. Nam luctus venenatis nulla. Etiam ac libero. Sed et nunc. Aenean congue odio viverra magna. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos hymenaeos. Nullam auctor dui. Nam interdum imperdiet sem. Integer dui nunc, molestie nec, nonummy id, lobortis aliquet, lorem.

We recently added fairly strict anti-SPAM measures to all our shared servers. This was necessary in order that we could properly manage out going e-mail, to be certain who's code was sending e-mail, and to avoid excessive bounces and/or loops. The changes also close up an exploit in use widely with formmail.cgi  

The rules that any script or code sending out e-mail from a shared server are as follows:-  

1) e-mail addresses in BOTH the To: and the From: headers must contain valid e-mail domains, ie. with valid DNS MX Records.  

2) One of EITHER the To: OR the From: e-mail addresses must be using a domain name known to the shared server. This in most cases will be the domain name you use with your web site.  

In some cases point 2) may be a problem if your domain e-mail is not handled by us but by a third party and we have no known domain on our server. In this case we can add a particular domain to be allowed, please ask.  

Point 2) may also require that some scripts which need to send e-mail from an unknown user to an unknown user (something which effectively provides an Open mail relay and is fairly bad practise anyway, but is often used with e-postcard type scripts) to be altered so that the From: header contains your own domain related e-mail address but the Reply-To: header contains the address you wish replies to go to.  

Please note that prior to us making these changes an unqualified address (ie, one with no @ sign or domain name) would have been automatically qualified with the full server name (@proton.positive-internet.com for example). These addresses will no longer work, all e-mail addresses in the From: and the To: header must be fully qualified (ie. have an @ sign and a domain)  

We appreciate that this is by no means a perfect solution and could still potentially allow 3rd party abuse to continue, however it does reduce the likelyhood of abuse and also ensures that we can identify and correct any source of outgoing e-mail from PHP or CGI scripts. An alternative to this would have meant a complete audit of all PHP and CGI code on our servers and then enforced control and vetting of all scripts prior to their use in the future. We felt the methods we have chose provide the maximum flexibility and at the same time protect all shared users from the serious issue of total e-mail blacklisting affecting all outgoing and incoming e-mail.  

If you would like us to examine any particular form or script to advise on where changes could be made or why you are now getting a particular error we will be happy to do so. Please provide us with the full URL and path to both the form and the code in question.  


 
Suggestions and hints  



Ideally your code should have within it "hard coded" e-mail addresses. If you know that the script will always be sending an e-mail to your info@mydomain.com address for example, then rather than reading this address from any hidden HTML form variables this address should be put within a script configuration file or within the actual mail sending code itself.  

Likewise where the From: field is known and is not likely to change, this should not be passed to a script via hidden HTML directives but again hard coded within the code or the codes configuration files.  

If you are using PHP's mail functions, it does not by default add a valid From: header to outgoing e-mail. This is important since otherwise all PHP scripts run on the server in Apache module mode would generate the same From: headers and tracking down the source of any particular e-mail would be extremely difficult.  

When using PHP's mail function therefore you need to manually code in the From: header using the functions extra header parameters.  

Since our server is very forthcoming and loud about the SPAM protection error, sending the output of the error with a Content MIME header, to standard out and standard error, it's very likely that your site visitors will see it's output if they provide an incorrect e-mail address or their service provider is having DNS/MX record problems.  

We suggest that you choose a form script or code which does it's own e-mail address error checking and can intercept the problem before calling our sendmail program in order to provide users with a more friendly and perhaps understandable output either explaining that they may have mistyped their e-mail address or that their service provider may be experiencing DNS problems and to try a different e-mail address or try again later.  

You or your developers may also be able to simply add extra checking to existing code.
In Perl the best module to use for this kind of checking is called Email::Valid (type perldoc Email::Valid from the command line for detailed instructions. With PHP you can make use of the getmxrr() function to check the DNS MX records for the domain part of an e-mail address, (explode the address variable using the @ sign to get the domain part or use substr). Search the PHP manual at http://www.php.net/ for getmxrr to get more details.
If you are using Java, dnsjava may be of interest for checking MX records, see http://www.xbill.org/dnsjava/