I am having issues with ptr records.
when i cloudflare push only ptr dns working if i enable its not working. Please help me to resolve this
The system sends the domain “Domain.com” in the SMTP handshake for this domain’s email. “Domain.com” resolves to “xxx.xxx.xx.x” and “xxx.xxx.xx.x”, not “xxx.xxx.xx.x”.
To fix this problem, contact your system administrator and request that they create a DNS “A” record for “domain.com” whose value is “xxx.xxx.xx.x”.
Revere DNS (PTR) records are created and maintained by the organisation holding the IP address space in question.
Since you are talking about SMTP, that part would not at all be related to Cloudflare, but to the service that you are using to send your emails from.
What you need to look for, is more likely the Forward DNS (A/AAAA records).
I understand here, that you refer to the Proxy status for your Cloudflare DNS is being set to Proxied ()?
Mail related records generally needs to be set to DNS-only / Unproxied (), which is sometimes causing issues while people migrate to Cloudflare, and turn their records into Proxied () mode.
Records related to mail, VPN, and other things that are not HTTP(S) traffic, would generally require you to set them as DNS-only / Unproxied ().
Alternative to this would be:
Have your ISP change the Reverse DNS (PTR) from
example.com to e.g.
Have your ISP (and/or mail server administator) change all other instances, such as e.g. the mail server’s HELO/EHLO name from the previous
mail.example.com as well.
mail.example.com pointing to the exact IP address in question, with the Proxy status being set to DNS-only / Unproxied ()
Once all these steps are (successfully) completed, you can now proxy (and/or unproxy) your naked domain,
example.com, without it will ever interfere with your mail related things ,as mail stuff is now on
mail.example.com. As long as you make sure to keep that
mail.example.com record as DNS-only / Unproxied ().
If you insist to use the Proxied () mode mode, then the above would be the only option you have - to move mail (and other conflicting services) that won’t work together with the Proxied () mode to a dedicated sub-domain.
Yes, your ISp have to do the PTR or the Hosting company.
It all works hand on hand with them. On there main Authoritative DNS, they should reverse the ptr back to your public ip.
also remember your mail server, should not have the orange cloud. DKIM and DMARC and BIMI should also be implemented for security.