I have created a new domain and added all the usual DNS entries like MX, A, CNAME and TXT etc. needed for my local mail server setup.
All working fine but, sending mails to Gmail or hot mail are failing saying PTR record not found.
I am new to this and unable to figure out how to create one. When reading some documents, they mentioned that I need to create DNS zones and add PTR entry there. Does that mean, I need to create a new domain with in my DeSEC account?
Could you please let me know with instructions on how to create DNS zone and PTR records. Below are example details of my setup:
It need to bee resolve to mail.abcd.dedyn.io (respectively your smtp HELO message).
You must discuss this topic with the owner of the IP address. Usually your Internet service provider (if we’re talking about a mailserver at your home) or your server provider. If it at your home: Please note that most of these IP addresses are already on various blacklists.
This is a VPS with a public IP that I self-hosted alias service (simple login) using the dedyn.io subdomain domain.
Based on a few docs I read, I need to create a PTR DNS entry for 789.567.345.123.in-addr.arpa. but not sure how to do it (is it in the same domain I have like abcd.dedyn.io or I need to create a completely new domain)
Many if not most mail servers require the reverse lookup of the sending IP to match the hostname (as communicated in the SMTP HELO/EHLO message) of the sending server for unauthenticated senders. This is an anti-spam measure. If the reverse lookup does not match, mails are either rejected out of hand, or their spam score increases which may lead to rejection as well.
The domain where you need to create this PTR record is not your mail domain. It’s is a subdomain of in-addr.arpa. (for IPv4) or ip6.arpa. (for IPv6). As @markus already explained, you need to have the owner of that subdomain create the reverse entry.
For example if your provider owns the IPv4 block 123/8 and they give your server the static IP 123.234.123.25/32 then your provider can affect changes to the subdomain 123.in-addr.arpa and thus set a PTR record on 25.123.234.123.in-addr.arpa. to point to your mail server hostname.
Note however that this will only make sense for static IPs. No sane provider will update PTR records when your dynamic IP changes. And a stale PTR record is as good as none at all.
Basically setting up a mail server on a dynamic IP does not work! (You could set up such a mail server to only relay mail via an authenticated connection to a real mail server, but that would be a special case.) And the inability to set up the reverse lookup is just one of several reasons. E.g. IP ranges used for dynamic IPs generally have a very low reputation which means that they trigger anti-spam measures at the recipient.
Also there is nothing deSEC can do to help you here. They do not own or manage the subdomain needed for the reverse lookup.