castris
Verified User
Hello
My client is getting that incorrect result from Postmaster Tools and MXToolbox or at least the information used to describe the issue is incorrect or deficient.
Google: Needs improvement — Set up reverse DNS records for a domain
MXToolbox - Reverse DNS is not a valid Hostname
Sending IP addresses must have a PTR record. The hostname specified in the PTR record must have a forward DNS that refers to the sending IP address.
Well the domain has two IPs, one IPv4 and one IPv6
Both:
- Are defined in the SPF.
- Have a valid PTR, which points to the hostname that is declared as the sender of the email. This is valid for IPV and IVP6 protocols.
- Of course, the sender hostname is identified as such.
However, after passing all the SPT, DKIM, DMARC controls, postmaster tools insists that there is a deficiency
Any ideas?
## Proof of Concept
Hostname: cloud500.burcode.com
I'm pretty confused because this is the first time I've had DNS warnings, and even more so when I don't see the technical answer to why these warnings.
It's clear that asking Google or MXToolbox for support is not possible, and customers see these warnings and get upset. And rightly so.
It is curious that Google itself, in the headers, indicates the absolute validity of IPV6, which is where the email came from, both in SPF, DKIM and DMARC.
My client is getting that incorrect result from Postmaster Tools and MXToolbox or at least the information used to describe the issue is incorrect or deficient.
Google: Needs improvement — Set up reverse DNS records for a domain
MXToolbox - Reverse DNS is not a valid Hostname
Sending IP addresses must have a PTR record. The hostname specified in the PTR record must have a forward DNS that refers to the sending IP address.
Well the domain has two IPs, one IPv4 and one IPv6
Both:
- Are defined in the SPF.
- Have a valid PTR, which points to the hostname that is declared as the sender of the email. This is valid for IPV and IVP6 protocols.
- Of course, the sender hostname is identified as such.
However, after passing all the SPT, DKIM, DMARC controls, postmaster tools insists that there is a deficiency
Any ideas?
## Proof of Concept
Hostname: cloud500.burcode.com
Bash:
❯ digs cloud500.burcode.com
51.91.159.179
❯ digs AAAA cloud500.burcode.com
2001:41d0:404:200::338c
❯ digs -x 51.91.159.179
cloud500.burcode.com.
❯ digs -x 2001:41d0:404:200::338c
cloud500.burcode.com.
❯ telnet cloud500.burcode.com 25
Trying 51.91.159.179...
Connected to cloud500.burcode.com.
Escape character is '^]'.
220 cloud500.burcode.com ESMTP Exim 4.98 Fri, 13 Sep 2024 08:44:43 +0200
❯ telnet cloud500.burcode.com 25
Trying 2001:41d0:404:200::338c...
Connected to cloud500.burcode.com.
Escape character is '^]'.
220 cloud500.burcode.com ESMTP Exim 4.98 Fri, 13 Sep 2024 08:45:33 +0200I'm pretty confused because this is the first time I've had DNS warnings, and even more so when I don't see the technical answer to why these warnings.
It's clear that asking Google or MXToolbox for support is not possible, and customers see these warnings and get upset. And rightly so.
It is curious that Google itself, in the headers, indicates the absolute validity of IPV6, which is where the email came from, both in SPF, DKIM and DMARC.
Bash:
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass [email protected] header.s=x header.b=YS6YujVb;
spf=pass (google.com: domain of [email protected] designates 2001:41d0:404:200::338c as permitted sender) [email protected];
dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=burcode.com
Received-SPF: pass (google.com: domain of [email protected] designates 2001:41d0:404:200::338c as permitted sender) client-ip=2001:41d0:404:200::338c;
Authentication-Results: mx.google.com;
dkim=pass [email protected] header.s=x header.b=YS6YujVb;
spf=pass (google.com: domain of [email protected] designates 2001:41d0:404:200::338c as permitted sender) [email protected];
dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=burcode.com
Last edited:
