Total newb, need help reverse DNS :)

Hi all,

New beginner here, currently trying to setup a working website with mail service.

My details:

  1. My domain is registered at GoDaddy
  2. I use Cloudflare NS and manage my DNS in Cloudflare
  3. I use a Vultr VPS for running Plesk
  4. On Plesk I installed Wordpress > which is working (the website part works)
  5. On Plesk I installed webmail, this kinda works…

The problem is, when I send an e-mail from Plesk webmail, some recipients say that it went to junk/spam folder.

When using the “email health” checker from mxtoolbox, some problems become clear.

I think my reverse DNS is not setup correctly.

Things I already did:

  • I created a reverse DNS record in Vultr
  • Create A record for reverse DNS

What am i doing wrong?

You have a :grey: ‘mail’ hostname for mail. That’s great. But your MX record points to the root domain. MX should be Name: example.com, Content: mail.example.com

Those SRV records are generally unnecessary, and point to a hostname (example.com) that won’t handle email because it’s set to :orange:.

Give mail-tester.com a try. It’s pretty good at explaining the problem.

Good idea. That’s what I do.

Different browser on a different network, like a mobile hotspot/VPN. Or wait 24 hours.

The message that the sender cannot be associated with the domain is now gone (great!). But this message still is there

Translation: Delivered to internal network by a host with no rDNS, This could mean that you did not configure a rDNS for your host name or that the rDNS does not match with the sender IP.

Current configuration

It could be that rDNS hasn’t yet propagated. Sender IP should have nothing to do with Cloudflare, as that’s an outbound connection.

I will try mail-tester.com again tomorrow, Vultr did mention that changing the reverse dns value could take 6-12h to propagate. I will respond tomorrow if the problem is fixed, many thanks anyway!

1 Like

I think there is something wrong with configuration.

You have 3 SRV records pointing to the novali.nl

You have CNAME www and @ novali.nl using CloudFlare proxy as being “orange cloud”.

So, imaps, pop3, smtps over TCP for stated ports 993, 995 and 465 goes to novali.nl which is the CloudFlare’s IP address and not the servers 45.63.43.185, if I am right? - or maybe wrong in this case.

Your TXT record for SPF includes “+a:novali.nl”. Should not be like that, because again, goes to the CloudFlare’s IP address and not the servers one, if I am right? - or maybe wrong in this case.

rDNS of the IP or mail sub-domain could not even be configured to PTR or reverse due to “shared hosting” with multiple Websites.
Most hosting providers do not do this as far as I maintained Websites on shared hosting. Do not no the reason why, but … yes, even basic “HELO” can fail just because the name of sending domain is not added (main servers domain of hosting provider, not the client’s domain/website).

Try also with:
https://www.mail-tester.com/
https://ssl-tools.net/mailservers
https://ssl-tools.net/mails
https://www.checktls.com/TestReceiver

1 Like

It’s three different services, and I already mentioned the issue with pointing to root domain.

That won’t break anything. And there’s already enough broken stuff to fix in Round 1.

This isn’t shared hosting. It’s a VPS. Same that I use, so I know it handles rDNS quite well.

1 Like

Hi guys,

Give it some hours to propagate, but the same error is thrown by mail-tester as yesterday. I also ran some test on the websites provides by @fritex and they indicate a certificate error.

I made a screenshot of all relevant settings, and also included the SSL certifcate (cloudflare).

Inside Plesk the advisor also mentiones that there is no certificate. Is the because the certificate is setup in cloudflare, and the error can be ignored ?

Your server certificate is not set up in Cloudflare. That’s most likely a valid warning that needs to be looked into. It shows you have a Let’s Encrypt extension, so poke around a bit and see if that extension is managing a valid cert for your site.

I managed to solve the certificate error inside Plesk, after this I ran https://www.checktls.com/TestReceiver on CertDetail.

What to do next?

I took the time to completely reinstall the SSL certificate on my Plesk server, to do this I followed

Starting from 8:08

For some reason I’m getting mixed signals from Plesk, on one hand it’s telling me all is secured, and on the other hand it’s telling me that there is something wrong with the certificate.

After getting help from Plesk Forum, all configurations are now in order.
I contacted Microsoft Deliverability Support and they told me that my IP was block on an internal blacklist due to suspicious activities, this block has now been lifted.

Thanks guys

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.