Email Server Setup Pitfalls

So are you managing an email server? Well If yes make sure you keep the following into account:

  • Make sure you setup the MX DNS entry for the domain you are planning to setup the mail server for.

    To check MX records for a domain name, issue the following command

    dig mx domain.tld

  • Make sure your mail server has valid domain name, else many mail servers will not even accept mail from you.

    Yahoo, Hotmail will do that.

  • Make sure you have a reverse DNS entry, else many mail servers will say something like this:

    550 5.7.1 No Reverse DNS Entry for host: 192.168.100.11 - authoritative host not found

    sancharnet.in and may other do that.
    For more please refer to rfc 1921 2.1

    You can check for reverse DNS for an IP address by reversing the IP address and appending "in-arpa.net." at the end and querying for a PTR record.

    For example to check for 192.168.100.11, issue this command

    dig ptr 11.100.168.192.in-addr.arpa.

  • Make sure you have the following email addreses available and "rcpt to" to the mail server command does not reject them:

    postmaster@domain.tld
    abuse@domain.tld

    Else some mail servers can get paranoid and spew something like this

    550
    : Recipient address rejected
    550-Several RFCs state that you are required to have a postmaster
    550-mailbox for each mail domain. This host does not accept mail
    550-from domains whose servers reject the postmaster address.
    550 Sender verify failed (in reply to RCPT TO command)

    sourceforge.net does that

    Well as far as I know some RFC's just suggest that, and it is not compulsory, but anyway, if they say so, just create the damn account.

  • IMPORTANT: Make sure your mail server is not an open relay. Else you would be black listed and banned all over the Internet. Maybe you can try this to check for an open relay.
  • Make sure/ or try to make sure no windogs PC is allowed to do direct SMTP mail relay through your mail server, or atleast make sure you have proper checks for stopping the virus infected email routing from such systems. (try to persuade them to switch to something safer).
  • Make sure your MTA is GNU/ Linux based, (ok qmail is also good)
  • Make sure you have spam and antivirus check/ filtering enabled on your MTA, else it would be of no use to its users. You can try spamassin and clam Antivirus

And many more precautions that I have not mentioned here.

Hey but still you will find some extremely paranoid mail servers that will still refuse to accept your genuine emails/ or mark it as spam and in general act crazy, well if their server managers are crazy let them be, not everyone is sane. Happy emailing. Corrections/ improvements are welcome.

Submitted by Ajay Pal Singh Atwal on March 12, 2006 - 11:53pm. categories [ Communication | GNU/ Linux ] Ajay Pal Singh Atwal's blog | 907 reads

Post new comment

*
*
The content of this field is kept private and will not be shown publicly.


*

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <b>
  • Lines and paragraphs break automatically.
More information about formatting options