Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

MXToolbox: Reverse DNS does not contain the hostname

Discussion in 'E-mail Discussion' started by linux4me2, Nov 9, 2018 at 1:48 PM.

  1. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I'm not sure if there is actually something configured incorrectly, or if the tool I'm using, MXToolbox, is just giving me a false positive result.

    I've disabled "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam." in my Exim configuration and re-started Exim before testing.

    Let's say my host name is host.mydomain.com and the main IP for the server is 11.11.11.11.

    If I put a domain on a shared IP called "thedomain.com" in MXToolbox's MX lookup tool, it returns the shared IP address that the domain is set to. Let's call it 22.22.22.22.

    If I then do MX Toolbox's SMTP test on 22.22.22.22, all the tests are okay except for "SMTP Reverse DNS Mismatch" which gives the error "Reverse DNS does not contain the hostname."

    Next, I logged onto the server and checked the hostname of the server:

    Code:
    [root@host ~]# host 11.11.11.11
    11.11.11.11.in-addr.arpa domain name pointer host.mydomain.com.
    
    Then I checked to see what hostname is returned if I use the shared IP address:

    Code:
    [root@host ~]# host 22.22.22.22
    22.22.22.22.in-addr.arpa domain name pointer host.mydomain.com.
    
    So both of the main IP and shared IP appear to be pointing to the correct hostname.

    Next, I checked the A record and PTR record for the domain:

    Code:
    [root@host ~]# dig thedomain.com +short
    22.22.22.22
    [root@host ~]# dig -x 22.22.22.22 +short
    host.mydomain.com.
    
    So it looks like the hostname is returned for both the main IP and the shared IP, as I think it should be, and the A record and PTR record for the domain on the shared IP appear to be doing what they should. Does that mean that MXToolbox is giving me a false positive, or is something actually wrong with my setup?
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @linux4me2

    Nice catch on this one, this is what usually throws people off.

    So this is saying reverse DNS does not contain hostname which we know the reverse DNS is set correctly but what about the hostname of the server? If you run the following:
    Code:
    hostname
    if the return is anything but host.mydomain.com it needs to be resolved. Does the same behavior occur when testing the 11.11.11.11 IP address?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Thanks for the reply.

    I do get the correct hostname with the command hostname:
    Code:
    [root@host ~]# hostname
    host.mydomain.com
    
    And also when I test with 11.11.11.11:
    Code:
    [root@host ~]# dig -x 11.11.11.11 +short
    host.mydomain.com.
    
    I'm scratching my head...
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @linux4me2


    Do you get the "Reverse DNS does not contain the hostname." error on both IP addresses though?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    No, just on the shared IP, 22.22.22.22, and the domains on it. The main IP, 11.11.11.11 does not give me the "Reverse DNS does not contain the hostname" error on MXToolbox.

    It seems like neither IP should give me the error, since both resolve to the hostname, but I still wonder if this is really an MXToolbox issue and not something wrong with my configuration. Maybe there's a better tool to use to check?
     
    #5 linux4me2, Nov 12, 2018 at 2:29 PM
    Last edited: Nov 12, 2018 at 2:41 PM
  6. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    In that case, I wonder if the issue is that the hostname doesn't have the secondary IP address as an A record. You could add an A record to the zone file and check again. So long as they're both assigned to the same server it shouldn't actually cause any issues.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    linux4me2 likes this.
  7. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    If I look in WHM > DNS Functions > Add an A entry for your hostname, the only IP listed is my main IP. Is that the place I would add the A record for the shared IP? Or in the zone for each domain on the shared IP?
     
    #7 linux4me2, Nov 12, 2018 at 2:44 PM
    Last edited: Nov 12, 2018 at 3:02 PM
  8. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I think I answered my own question. It looks like the UI WHM > DNS Functions > Add an A entry for your hostname only allows for the main IP to be entered.

    So, since the main domain in this case is, say, "mydomain.com", you're suggesting adding an A record for the hostname in the zone for mydomain.com?

    I took a look to see what A records were already listed for mydomain.com, and I found something interesting. The main IP for my server is 11.11.11.11. The shared IP address is 22.22.22.22, but mydomain.com is on a dedicated IP; let's call it 33.33.33.33. My hostname is host.mydomain.com. In the zone editor for mydomain.com, there is a single A record for the hostname, pointing to the main IP:
    Code:
    host.mydomain.com 14400 IN A 11.11.11.11
    
    The hostname in WHM > DNS Functions > Add an A entry for your hostname is also assigned to the main IP, 11.11.11.11.

    In the zone editor for mydomain.com, I added A records for:
    Code:
    host.mydomain.com 14400 IN A 22.22.22.22
    host.mydomain.com 14400 IN A 33.33.33.33
    
    I then did SMTP tests using MXToolbox on mydomain.com (which is using 33.33.33.33) and with one of the domains on the shared IP (22.22.22.22), and both no longer gave me the SMTP Reverse DNS Mismatch error on MXToolbox. The sites are still browseable.

    Next, I tried one of the other domains I had on a dedicated IP, and as you would expect, it gave me the SMTP Reverse DNS Mismatch error until I added a hostname A record for its IP address in the zone for mydomain.com.

    As long as all these hostname A records aren't going to be causing some other problem I haven't discovered yet, it appears that this is a fix. All the tests in MXToolbox are now passed.

    I tested all three domains in leafdns.com, and they didn't show any errors, so I think you've found the solution.

    You mentioned earlier that:
    Can you give me a little reassurance about that? These domains are all on the same server, but it is a production server, and I really don't want to mess something up.
     
  9. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    HI @linux4me2


    The only thing I could think of is the DNS lookup would grab one of the other IP addresses - this shouldn't cause a problem at all though since they're all assigned to the same server, they're all going to hit the same place. Another idea now that I am thinking about it might be to use /etc/mailhelo and set it to
    Code:
    *: host.domain.tld 
    which I believe would resolve your issue without adding a bunch of A records though I can't test it locally (this definitely shouldn't have any impact on sites)

    You'd need to reference this How to Configure the Exim Outgoing IP Address - cPanel Knowledge Base - cPanel Documentation for instructions on how to make the changes as well. I'd really only set in /etc/mailips:
    Code:
    *: <mainip>
    and /etc/mailhelo
    Code:
    *: host.yourdomain.com
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    linux4me2 likes this.
  10. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    That sounds like a slicker fix. Would those changes get overwritten in an update/upgrade of cPanel?
     
  11. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    I removed all the extra hostname entries from mydomain.com's zone, confirmed that the "Reverse DNS does not contain the hostname" error was back on MXToolbox, then created /etc/mailhelo and /etc/mailips files with the appropriate entries, then set Exim's "Reference /etc/mailhelo for custom outgoing SMTP HELO" and "Reference /etc/mailips for custom IP on outgoing SMTP connections" to "On", restarted Exim, and re-tested with MXToolbox, but the "Reverse DNS does not contain the hostname" errors were back. :(

    That would have been a really nice fix.
     
  12. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @linux4me2


    Darn, I'm sorry, I would have tested it first but I'd need multiple IPs that actually resolve and I don't have that ability (nor do i have the ability to set the rDNS for my test server). Looks like we're back to multiple A records which isn't an uncommon practice! You'd need to remove the A record from the zone file if you remove the IP though, that's the only caveat.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    No problem! I appreciate the help. I'll add back the extra A records.

    Just out of curiosity, if I did remove one of the IPs from the server, what would happen if I forgot to remove the extra A record for it?
     
  14. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @linux4me2

    You'd more than likely run into a DNS error if you attempted to access the site on the IP that had been removed from the server is all.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Okay, that's survivable.

    Everything is working so far with the multiple A records, so I think I'm good. I'm going to leave the TTL for those records at 300 for a week and see if anything comes up, just in case.
     
    cPanelLauren likes this.
  16. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,517
    Likes Received:
    251
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @linux4me2


    That's a good plan, please update here if there are any issues as well!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. linux4me2

    linux4me2 Well-Known Member

    Joined:
    Aug 21, 2015
    Messages:
    219
    Likes Received:
    55
    Trophy Points:
    28
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Will do. Thanks for the help.
     
    cPanelLauren likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice