Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Weird PRT requirement #239

Open
exander77 opened this issue Nov 6, 2024 · 3 comments
Open

Weird PRT requirement #239

exander77 opened this issue Nov 6, 2024 · 3 comments

Comments

@exander77
Copy link

exander77 commented Nov 6, 2024
edited
Loading

Reverse name(s) name.example.com for ip xxx.xxx.xxx.xxx do not match hostname mail.example.com, which will cause other mail servers to reject incoming messages from this IP.

I am getting a variant of this message.
This is not the requirement that exists.

IP address has to have PTR and PTR record has to forward resolve to IP address. But mail server hostname can be entirely different.

For example:

# host alpha.domain.com
alpha.domain.com has address 11.10.9.8
# host 11.10.9.8
8.9.10.11.in-addr.arpa domain name pointer alpha.domain.com.

With mail.domain.com mail server address is entirely valid configuration as far as I am aware.
@mjl-
Copy link
Owner

mjl- commented Nov 10, 2024

I think you're right that the IP hostname doesn't have to be the hostname configured for mox (the machine).
From memory, mox be doing this just to keep the configuration/setup straightforward.
Is there a use-case/reason to have a different hostname in mox (which uses the hostname during smtp ehlo) than in reverse dns?

@exander77
Copy link
Author

I think you're right that the IP hostname doesn't have to be the hostname configured for mox (the machine). From memory, mox be doing this just to keep the configuration/setup straightforward. Is there a use-case/reason to have a different hostname in mox (which uses the hostname during smtp ehlo) than in reverse dns?

A single IP address can generally serve multiple services, especially with virtualization and containers. RDNS usually leads to the hostname of the host system, sure you can have multiple RDNS, but almost nobody does that. The virtual machines or containers that handle services provided by the system are usually named differently. It may even be an entirely different system. Many servers may be hosted behind a single external IP.

mjl- added a commit that referenced this issue Jan 23, 2025
@mjl-
admin check: do not raise error when forward-confirmed reverse dns do…
acc1c13 
…es not match hostname

this should be relatively common with setups involving NAT.
so we do warn about it when NAT isn't active since it could highlight potential
misconfiguration.

for issue #239 by exander77
@mjl-
Copy link
Owner

mjl- commented Jan 23, 2025

The commit should address the errors you're seeing. The message is now different, and a warning instead of an error, and only if the configuration doesn't have NAT (I've assumed that containers inside a host system will have NAT configured).
Do you think (or can you test) this gets rid of the error?

https://www.xmox.nl/b/#acc1c133b022c6759686b0258cb4ff4cde7df522

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mjl- @exander77