Configuring mailips & mailhelo With Cloudflare - Where to Create PTR?
Here is what I'm trying to achieve:
- ]
- I host my DNS on Cloudflare and to use their services my records need to be proxied.
- In order to use my VPS server to send mail A record that points to my mail server can't be proxied. So these are my records at Cloudflare:
A site.com => dedicated IP (proxied which enables me to use Cloudflare services) A mail.site.com => server IP (not proxied which enables me to host email on my server) MX site.com => mail.site.com
- Note that I deliberately used a different IP for the mail server (server's IP). Therefore I need to set custom mail IP and HELO in mailips & mailhelo cPanel configuration files:
site.com: server IP (this is a line from mailips file) site.com: mail.site.com (this is a line from mailhelo file)
- When I go to cPanel > Email Deliverability > site.com interface to check my setup, it says that the SPF and DKIM are correctly set but not the PTR, which should be:
server IP.in-addr.arpa. => mail.site.com
- My question is where do I need to set PTR? Do I need to set it in the site.com's DNS zone, which is at Cloudflare or does it needs to be on the end of my hosting provider? Currently, in the SolusVM for my VPS server, the PTR for the server's IP I wish to use for the mail server is my server's hostname:
server IP.in-addr.arpa. => host.name.com
- ]
- I can set a custom IP (in mailips file) and HELO hostname (in mailhelo file) for each domain on my server to use for outgoing mail?
- I need to set a custom PTR for each domain that uses a custom set of IP and HELO hostname?
-
Thanks, but that didn't quite answer my question. In Email Deliverability, it asks me to change the current PTR from host.name.com to mail.site.com but all other sites are using the host.name.com. If I change it just for one site, that doesn't make any sense. I get it that PTR is set once on an IP level and you can't have multiple PTRs for each domain that use that IP. So are you saying that it's OK to have a custom HELO hostname matching MX that doesn't match the PTR hostname? 0 -
This always gets extremely complicated, especially when including a proxy service. I will try to solve it step by step, so here is the first: cPanel by default uses the reverse DNS entry for the mail HELO/EHLO. This makes cPanel complain, or notify rather, in "Email Deliverability": [QUOTE]The system uses an alternate HELO of "maindomain.com" when sending mail from the addondomain.com domain.
Shouldn't the HELO hostname match the addondomain.com domain? In most places I asked they say they should match, why is it OK for cPanel for them to not match, that is, use an alternate value?0 -
Let's say that your server's public IP is 11.11.11.11, and hostname is host.domain.com If you are sending emails from that IP then: 1. host.domain.com must resolve to 11.11.11.11 and 2. reverse dns of 11.11.11.11 must be host.domain.com If you have another IP, let's say 22.22.22.22, you can create another hostname for ex. host2.domain.com if you are sending emails from that IP then: 1. host2.domain.com must resolve to 22.22.22.22 and 2, reverse dns of 22.22.22.22 must be host2.domain.com 0 -
OK, I get it, Forward DNS A and Reverse DNS PTR records should match. 0 -
My current server has two IPs, shared and dedicated. Here are the PTRs: Shared: 1.1.1.1 => hostname.main.com Dedicated: 2.2.2.2 => main.com I have a question, can I create a subdomain and use it in PTR instead of the main.com like this: Dedicated: 2.2.2.2 => ptr.main.com I need this tweak because I'm proxying the main.com through Cloudflare to use their services. If I disable the proxy on main.com, I can't use Cloudflare and if I enable it, the PTR can't resolve: main.com (proxy OFF) - Can't use Cloudflare, PTR resolves Solution: main.com (proxy ON) - Use Cloudflare ptr.main.com (proxy OFF) - PTR resolves 0 -
I still need answers on posts #4 and #7. 0 -
And a third question about Exim settings regarding mailhelo and mailips: 1. These two options will populate mailhelo and mailips files with their respective values: [LIST] - Send mail from the account"s IP address
- Use the reverse DNS entry for the mail HELO/EHLO if available 2. These two options will clean up mailhelo and mailips from all entries, except mailhelo which will keep the wildcard entry of the server's hostname: [LIST]
- Reference /etc/mailhelo for custom outgoing SMTP HELO
- Reference /etc/mailips for custom IP on outgoing SMTP connections My question is in which scenario will mailhelo and mailips retain the custom entries I put in? In the 1st, cPanel will probably delete my custom entries by running the updateuserdomains script. In the 2nd, I know the files will keep my entries, but I need to manually maintain the entries for all domains I wish to have a custom entry, meaning that all other domains will revert to the server's default entry. There should be two versions of mailhelo and mailips files. Version 1 should be maintained by cPanel via settings from the 1st scenario, and version 2 should be empty and we should put there our custom entries that will override their respective entries from version 1.
0 -
In general, I just ensure that the reverse DNS always references the hostname. No matter what other customizations are set, the hostname *will* show up in the mail headers somewhere. Either version will retain your customization - can you let me know where you are finding this text? 'These two options will clean up mailhelo and mailips from all entries, except mailhelo which will keep the wildcard entry of the server's hostname:" 0 -
Each IP address has its rDNS, which hostname should be used as HELO's value. That is my conclusion, which is the same as yours in the case when a server has only one IP. If you choose a specific IP for the domain's SMTP (sending mail), you should use the IP's rDNS hostname for HELO. For example, my cPanel account has a dedicated IP and all domains hosted on it use it for SMTP. But there is one domain where I let some people use email on it. So I chose the shared IP for it, to protect my dedicated IP from spam. This is what mailips file is for. But if you set the IP, I think you should also set the HELO as I described above. As for your question: when I select those two options, the mailhelo and mailips files get cleaned up in the way I described. 0
Please sign in to leave a comment.
Comments
10 comments