Solved HOW TO add_domain_to_domainips=2 for rDNS in /etc/virtual/helo_data

[castris]

I really can't understand it. Honestly, I don't know if the difficulty is due to the language. But the truth is that I just can't grasp it.

I got here from a problem with a server that has both IPv6 and IPv4.

Just one user.

And suddenly, it's on the spamhaus.org list due to CSS Blocklist (CSS).

From there, I came across your manual on add_domain_to_domainips=2 for rDNS in /etc/virtual/helo_data

And that’s where I’m struggling to understand.

I understand that several concepts are mixed, like I should set the value of the variable in directadmin.conf add_domain_to_domainips to 2.

❯ da config-set add_domain_to_domainips 2
❯ systemctl restart directadmin
❯ echo 'action=rewrite&value=helo_data' >> /usr/local/directadmin/data/task.queue
❯ la /etc/virtual/helo_data
ls: cannot access '/etc/virtual/helo_data': No such file or directory

Apreciate help.

 

[Richard G]

And that’s where I’m struggling to understand.

Why would you need 2 ip's in the helo_data?

Next to that, if it's a new domain, then spamhaus automatically puts it in a list, you have to ask to get it removed.

The Spamhaus CSS list is an automatically produced dataset of IP addresses that are involved in sending low-reputation email.

New domains are automatically low reputation, we already have been there too when setting up a new server.

Even more if it's only for 1 user. If it's because you have both ipv4 and ipv6 you do not need to use any helo adjustment.
We have both ipv4 and ipv6 on all servers and no issue at all.

However, you do need a proper FQDN hostname and a rDNS/PTR record for both the ipv4 and the ipv6 and then you should be fine. No helo customisation required at all for this.

You might want to send me the domain name via pm for further checks/investigation.

 

[zEitEr]

Apreciate help.

The idea of using /etc/virtual/domainips and/or /etc/virtual/helo_data has a sense when you have several IPs (more than one IPv4 and/or more than one IPv6) on a server and some domains have a dedicated IP (in terms of DirectAdmin it will be an owned IP). If this is not your case, then you won't have any benefits from the files.

 

[castris]

Thanks @zEitEr and @Richard G

After open ticket at Smaphaus, the answer is clean.

> We do not work with prefixes smaller than /64. Please call your provider and sort this out with them.

New problem with OVH.
Best regards ans apreciate your time

 

[Richard G]

> We do not work with prefixes smaller than /64.

That's a lot of BS of Spamhaus. Another reason to stop using Spamhaus for checks.

This would not mean a problem only for OVH if they issue /56 prefixes, but for loads of people too, inclusing people using mail servers at home, also small business with mailservers on dedicated ip's with /56 prefix.
Instead of promoting ipv6 they would block it, because people would then just decide to disable ipv6 and only use ipv4 for the mail.
They probably didn't even think of these things.

Thank you for sharing this information!

 

[zEitEr]

After open ticket at Smaphaus, the answer is clean.

Do you mean they refused to delist your IP? Or what?

 

[castris]

Yes... Direct refuse.

The say taht /64 is minimal instance for block. Trillions Ip's blocked for one Ip on /64. Lol

Deactivate all Ipv6 way for my machines and SMTP.

Best regards.