Reverse DNS does not match SMTP Banner

rogerw

Member
Feb 21, 2012
23
6
53
cPanel Access Level
Website Owner
Thanks... I've been running into the same issue. The resource being linked to does not resolve the issue, it discusses sending form cPanel accounts each with dedicated IP addresses, that's not quite what we need.

We need help with a server for example: box1.domain.com <==> 123.456.789 (with appropriate PTR created) - But... When using test tools (like mxtoolbox.com) we get the "SMTP Check Banner" error that says "Reverse DNS does not match SMTP Banner".

What this means is when a cPanel server is set up, for some reason, an incorrect banner is created (even though there's a PTR and A record for "box.domain.com").

Any help would be immensely appreciated! :)
Thanks!
 
  • Like
Reactions: eugenevdm.host

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,245
463
We need help with a server for example: box1.domain.com <==> 123.456.789 (with appropriate PTR created) - But... When using test tools (like mxtoolbox.com) we get the "SMTP Check Banner" error that says "Reverse DNS does not match SMTP Banner".
Hello :)

Could you verify if the issue persists when temporarily disabling the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" option in "WHM >> Service Configuration >> Exim Configuration Manager >> Basic Editor"? I've seen reports that this option prevents third-party utilities such as MXToolBox from completing a check of the RDNS entry.

Thank you.
 

rogerw

Member
Feb 21, 2012
23
6
53
cPanel Access Level
Website Owner
Hello :)

Could you verify if the issue persists when temporarily disabling the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" option in "WHM >> Service Configuration >> Exim Configuration Manager >> Basic Editor"? I've seen reports that this option prevents third-party utilities such as MXToolBox from completing a check of the RDNS entry.

Thank you.
Yes! That works! Also found that "Only-verify-recipient" - Click "Edit" and add (to allow mxtoolbox.com testing): pws3.mxtoolbox.com (but leaving "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" works as well. That is providing the person "trusts" mxtoolbox.com.

Thanks cPanelMichael - Muchly appreciated! :)
 
  • Like
Reactions: eugenevdm.host

luiz878

Registered
Feb 14, 2013
2
0
1
cPanel Access Level
Root Administrator
Hello :)

Could you verify if the issue persists when temporarily disabling the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" option in "WHM >> Service Configuration >> Exim Configuration Manager >> Basic Editor"? I've seen reports that this option prevents third-party utilities such as MXToolBox from completing a check of the RDNS entry.

Thank you.
Michael,

Taking advantage of this your post I've disabled this message you mentioned above and now resolved part of my issue, but I still have this 3 errors below showing in Mxtoolbox from my IP 107.173.183.51

SMTP Reverse DNS Mismatch - Reverse DNS does not contain the hostname
SMTP Banner Check - Reverse DNS does not match SMTP Banner
SMTP Transaction Time - 5.720 seconds - Warning on Transaction Time

Can you give me a orientation how to fix it?

Best Regards

Luiz Osorio
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,245
463

Secmas

Well-Known Member
Feb 18, 2005
378
20
168
I know this thread is kind of old but I want to thank you all of you.

I have just one amend for nowadays (May 19, 2022).

Before modifying in EXIM the option "only-verify-recipient" and add what it was proposed a few years ago, do the following:
- Go to your WHM and search at /var/log/exim_mainlog for any connection comming from MxToolbox.
In my server I found that the connections came from: mxtoolboxsmtpdiag.com
- Now, open EXIM CONFIGURATION in WHM and add that Domain Name to "Only-verify-recipient" and save.

Thank you all for this great Thread,
Sergio
 

eugenevdm.host

Well-Known Member
Oct 21, 2019
71
9
8
Cape Town
cPanel Access Level
DataCenter Provider
@cPanelMichael,

> Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam

Wow this is such revealing news to me!

For years I've been testing "perfectly" configured systems thinking that maybe I'm not understanding something on the system's side.

Meanwhile it goes to show one should not completely trust a mainstream service, even one as well known as MX Toolbox.

And if that setting is on they spit sometimes even spit out other bogus information, e.g.:
`Warning - Does not support TLS.` and
`15.281 seconds - Not good! on Transaction Time`

I get the second one and I guess if DNS PTR lookup timeout that's what you have to deal with.

What I do notice is there might be a fairly trivial workaround, that is to say MX Toolbox can become either a "trusted host" or a "common mail provider" as these two settings are linked the delay transaction time:

> Do not delay the SMTP connections for hosts in the Greylisting “Trusted Hosts” list
> Do not delay the SMTP connections for hosts in the Greylisting “Common Mail Providers” list

I'm not sure where to find their data on this or where to change it on WHM side.

I know the drill - if this is really important to me, and to make 1000 WHM administrators happy, add a new feature request :) Going to skip this one till I easily get the MX info.