Hi guys, i guess my subject is not very informative, but i couldn't figure how I should phrase it...

anyway, I realise emails from some of my servers are getting dropped, especially when they are sent to users' email accounts with their ISP. I tried sending to my own domain and there wasn't any problem.

I sent using php script... using a simple mail() function.

Checking /var/log/maillog, I realise the mail that was affected has a DSN Data format error. Checking it up, I found that its related to email server rejecting such mails because the hostname of the server (sending the mail) is not a FQDN.

A check with my servers (those that couldn't sent) hostname shows that they were all not valid domainnames. I named them web1.domainname.com, web2.domainname.com etc...

playing around, I edited one of the /etc/hosts and removed the 'web1' from the file. Emails got sent properly, using the same php methods.

The reason why I used web1, web2 etc... is because they are all private servers, behind a load balancer. All of them are going through a Virtual IP, which is a public one.

Questions:
1) Am I doing the correct thing by just editing the hosts file manually? Or is there a proper way to set a masquerading domain name, to let the out-going email carry a different FQDN, or something like that?

I understand, from my reading up, that this is to cut down on spam. So I would like to configure it properly such that I can avoid mails to users being dropped.


2) My colleague was suggesting to me to just enter the 3rd level domain used in the web servers (web1, web2 etc) in our DNS server and propagate that as proper address. But I thought that is not such a good idea, though I can't explain why.

Or is it?

3) My own email server was able to receive the mail from the servers I did the php testing with. How can I configure my email server to be as selective too, to not receive emails from servers with no FQDN so as to cut down spam.

My email server is running qmail via PLESK control panel.

My web servers are all running RHEL 4.


Many thanks!

You should set your hostname in /etc/sysconfig/network:
Your colleague is correct. You should have both an A record for these hosts, so that the hostname resolves to an IP, and a PTR record, so that the IP address resolves back to the same hostname. You can set up the A record if you manage the zone for the domain, but your ISP, hosting provider, or datacenter will probably have to set up the PTR record as they likely control the reverse lookup zone.

Well, first of all, I am not sure that Plesk's version of qmail supports that out of the box. I know that many versions of Plesk do not, but I have not checked on versions 8 or better.

Secondly, I'm not sure that you really want to do that. There are many legitimate SMTP servers with misconfigured DNS (look at your own situation), that lack either a proper A record or a PTR record. Conversely, there are many spamming hosts that have both A records and PTR records, although many of them do not. The result is that this measure will cut down on spam to some extent, but also prevent delivery of legitimate email from SMTP servers such as your own with incomplete DNS records.

You might want to look into alternatives, such as greylisting, for spam control.

hi there

so is there anyway to 'spoof' my outgoing mails sent using php-scripts to have a different hostname? Reason I don use authentic domain name for my servers are because they seat behind a loadbalancer, thus its on a private network (192.168.x.x)

so it doesn't make sense if I enter every hostname in my servers respectively to the DNS server.. i think.

Anyway? Am using qmail

It doesn't matter that they are behind a load balancer. If they are engaged in SMTP sessions with hosts on the public internet, then they have a publicly-accessible IP address. Thus, they need valid hostnames, and you should not spoof them even were it possible.

My private web servers connects out via the load balancer, which is holding the virtual ip (public).

So should I have 'A' records for my private servers' hostname to that load balancer's VIP?

Most likely. I'll tell you what, if you could send me an email from your script, or make up a new one to send me an email, I will check my mail logs and see what is showing up in the logs now. I have sent you my email address.

hi zaichik

sorry for the delay. I have sent you the email.

Many thanks for your assistance on the matter

What we found was that the script was going out with a From address that was not a valid mail domain. The suggested resolution was to set up the hostname of the delivering server in DNS and ensure it has a reverse DNS entry pointing the IP back to that hostname; and to make sure that the From address can actually receive mail, which meant setting up an MX record not just for domain.com, but for hostname.domain.com, as the scripts set the From header to domain@hostname.domain.com.

thanks zaichik for the help!

so what you guys reckon...?

currently my webservers (that needs to do the web serving, and emailing via php scripts) - some are standalone with their own public IP (no problem for those).
Some are in behind a load balancer.

Meaning, for example, load balancer holds the public IP as a Virtual IP for the farms of related web servers (which are based on private IPs).

should I have each of the servers' hostname be registered in the DNS zone file as one entry using the Virtual IP? Or is there better ways to do it?

Once again, thanks zaichik

hi guys just to update

recently I just tested with zaichik and my mail went through. Basically what I did was to add the my server hostname (which is not legitimate addresses for web) to my dns zone file for that domain.

I have 3 web servers serving webpages/scripts and they have their own public IP addresses. They are named web1.domain.com, web2.domain.com etc

So I just added those hostname as entries for the zone file and the mail went through zaichik's spam filter.

So that's how I resolve it.

But another question is if my web servers are load-balanced behind a load-balancer, with the loadbalancer having a private IP address and the public IP address on the loadbalancer as a VIP, does it mean I need to enter all the hostnames (for the servers in the farm) in my dns zone file as an A record? Using the VIP?