Some Clarification on DNS Settings

nootkan

Well-Known Member
Oct 25, 2006
134
5
168
Shouldn't every domain have the same soa settings in your dns zones? I have over 20 domains on my server with some being .ca, .net and some with a hyphen in the name.com. I've been having email issues so I thought I'd check my dns settings and found some errors.

After following some of the excellent threads in this forum, I've managed to get my errors down to 1 for all domains using MX tools with the exception of the .ca, .net and hyphen related domains.

Every domain has the same soa values:
43200-refresh
7200-retry
1800000-expire
43200-minimum ttl
Yet when I run an smtp test on .ca, .net or hyphen mixed domain names I keep seeing this:
SMTP Banner Check Reverse DNS does not match SMTP Banner More Info
SMTP TLS Warning - Does not support TLS. More Info
SMTP Server Disconnected May be an open relay. More Info
SMTP Reverse DNS Mismatch OK - 71.19.244.97 resolves to mydomain.com
SMTP Valid Hostname OK - Reverse DNS is a valid Hostname
Here are the Domain Health screenshots also to give you a better understanding of what I'm seeing:
.com domains


.ca,.net and hyphenated domains


Am I supposed to be setting the dns different for these domains somewhere else?
 
Last edited:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,203
363
Hello :)

I suggest completing these SMTP tests manually as opposed to using a third-party utility to verify if you see the same results. There's a third-party guide on using telnet to test SMTP connections at:

SMTP, testing via Telnet - Ubuntuwiki.net

In addition, you can use the "host" command to check reverse DNS entries.

Note that the "Name servers on same subnet" warning simply indicates that your name servers are on the same IP address subnet. This is not necessarily an issue, though some administrators prefer separate a separate subnet for each name server for added redundancy.

Thank you.
 

nootkan

Well-Known Member
Oct 25, 2006
134
5
168
Hello :)

I suggest completing these SMTP tests manually as opposed to using a third-party utility to verify if you see the same results. There's a third-party guide on using telnet to test SMTP connections at:

SMTP, testing via Telnet - Ubuntuwiki.net

In addition, you can use the "host" command to check reverse DNS entries.

Note that the "Name servers on same subnet" warning simply indicates that your name servers are on the same IP address subnet. This is not necessarily an issue, though some administrators prefer separate a separate subnet for each name server for added redundancy.

Thank you.
Thanks Michael, I get a command not found error when trying to telnet alt3.gmail-smtp-in.1google.com 25 from my server. I am trying to follow google's instructions on their form to see why they are blocking my ip from sending email to gmail.com email addresses when no other canned email services or isp's are doing the same.
 

nootkan

Well-Known Member
Oct 25, 2006
134
5
168
You can install the "telnet" package with a command such as:

Code:
yum install telnet
Thank you.
Thanks again Michael, it turned out to be exim rejecting the email as per this log:

2016-04-12 11:40:28 H=mail-yw0-f194.google.com [209.85.161.194]:35114
X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<[email protected]>
rejected RCPT <[email protected]>: "JunkMail rejected -
mail-yw0-f194.google.com [209.85.161.194]:35114 is in an RBL, see Blocked - see
SpamCop.net - Blocking List ( bl.spamcop.net )"
I've been told it isn't a good practice to install telnet onto a dedicated server. Is that true? I know google requires it to provide them with information when filling out their form.
 
Last edited: