Hi! I've followed the perfect server tutorial (debian), and everything seems to be working except for the mail, which keeps getting on the spam mailbox. After some research and reading, i've added an spf record, all the dns configurations seems to be working except for the txt record which doesn't show on query. Here's the two screenshots: one with my domain dns configuration and the other with the results of a dig command. Thanks in advance.
srv01:~# dig @localhost txt sho...s.com ; <<>> DiG 9.5.1-P3 <<>> @localhost txt sho...s.com ; (2 servers found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38094 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;sho...s.com. IN TXT ;; AUTHORITY SECTION: sho...s.com. 86400 IN SOA ns1.s...t.com. info.sh...s.com. 2009080703 28800 7200 604800 86400 ;; Query time: 2 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Aug 7 12:21:38 2009 ;; MSG SIZE rcvd: 90 I've already restarted MyDNS, and also checked on the database if the record was there. Any thoughts?
I was about to answer and show you the screenshot of it, but i've found the error, for some reason it didn't have the dot at the end of the name of the txt on the database, so i've removed and added the txt again: sho...s.com. and everything now everything's fine. Kinda weird i guess. I still have another question, even with SPF wish i guess is working, i still get my messages sended to the spam inbox. I'm not on any blacklist, and my SPF is setup what else should i check? Here's the original from gmail (if that helps). I've just changed the domains and ip's. Code: Delivered-To: [email protected] Received: by 10.239.132.69 with SMTP id 5cs882111hbq; Mon, 10 Aug 2009 01:44:59 -0700 (PDT) Received: by 10.210.39.8 with SMTP id m8mr2788107ebm.11.1249893898549; Mon, 10 Aug 2009 01:44:58 -0700 (PDT) Return-Path: <[email protected]> Received: from srv01.netvisao.pt (srv01.netvisao.pt [213.220.220.220]) by mx.google.com with ESMTP id 19si10232645ewy.70.2009.08.10.01.44.56; Mon, 10 Aug 2009 01:44:58 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates 213.220.220.220 as permitted sender) client-ip=213.220.220.220; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 213.220.220.220 as permitted sender) [email protected] Received: from localhost (localhost.localdomain [127.0.0.1]) by srv01.netvisao.pt (Postfix) with ESMTP id D9A8D38C320 for <[email protected]>; Mon, 10 Aug 2009 09:44:55 +0100 (WEST) X-Virus-Scanned: Debian amavisd-new at srv01.netvisao.pt Received: from srv01.netvisao.pt ([127.0.0.1]) by localhost (srv01.netvisao.pt [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id suK5K9RkuIf7 for <[email protected]>; Mon, 10 Aug 2009 09:44:51 +0100 (WEST) Received: from 192.168.2.200 (localhost.localdomain [127.0.0.1]) by srv01.netvisao.pt (Postfix) with ESMTP id 2AE4838C2B2 for <[email protected]>; Mon, 10 Aug 2009 09:44:51 +0100 (WEST) Received: from 192.168.2.3 (SquirrelMail authenticated user [email protected]) by 192.168.2.200 with HTTP; Mon, 10 Aug 2009 09:44:51 +0100 (WEST) Message-ID: <[email protected]> Date: Mon, 10 Aug 2009 09:44:51 +0100 (WEST) Subject: Hi Here's my portofolio From: "Info - Shops" <[email protected]> To: [email protected] Reply-To: [email protected] User-Agent: SquirrelMail/1.4.15 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Thanks a lot for your help falko. Really appreciate it.
Hi, Well Records kinda confuses me, doing nslookup type PTR on my IP i get the following result: Code: Server: 192.168.2.1 Address: 192.168.2.1#53 4[COLOR="Red"]x[/COLOR].1[COLOR="Red"]xx[/COLOR].2[COLOR="Red"]xx[/COLOR].21[COLOR="Red"]x[/COLOR].in-addr.arpa name = xxxxxx-srv01.netvisao.pt. Even though i've read some articles on it, it still don't get records that well, cause by the above it tells me I have one set that my ISP gave me right? Do i need to insert it somewhere on my server? Like on the dns records of every domain? How does that work. Sorry for all those questions. Thanks a lot.
Code: smol-srv01:~# dig -x 2[COLOR="Red"]xx[/COLOR].22[COLOR="Red"]x[/COLOR].1[COLOR="Red"]xx[/COLOR].4[COLOR="Red"]x[/COLOR] ; <<>> DiG 9.5.1-P3 <<>> -x 2[COLOR="Red"]xx.[/COLOR]22[COLOR="Red"]x[/COLOR].1[COLOR="Red"]xx[/COLOR].4[COLOR="Red"]x[/COLOR] ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61207 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;4[COLOR="Red"]x[/COLOR].1[COLOR="Red"]xx[/COLOR].22[COLOR="Red"]x[/COLOR].2[COLOR="Red"]xx[/COLOR].in-addr.arpa. IN PTR ;; ANSWER SECTION: 4[COLOR="Red"]x[/COLOR].1[COLOR="Red"]xx[/COLOR].22[COLOR="Red"]x[/COLOR].2[COLOR="Red"]xx[/COLOR].in-addr.arpa. 86400 IN PTR [COLOR="Red"]xxxxxx[/COLOR]-srv01.netvisao.pt. ;; AUTHORITY SECTION: 1[COLOR="Red"]xx[/COLOR].22[COLOR="Red"]x[/COLOR].2[COLOR="Red"]xx[/COLOR].in-addr.arpa. 86400 IN NS ns.netvisao.pt. 1[COLOR="Red"]xx[/COLOR].22[COLOR="Red"]x[/COLOR].2[COLOR="Red"]xx[/COLOR].in-addr.arpa. 86400 IN NS ns2.netvisao.pt. ;; ADDITIONAL SECTION: ns.netvisao.pt. 86400 IN A 213.228.128.5 ns2.netvisao.pt. 86400 IN A 213.228.128.6 ;; Query time: 13 msec ;; SERVER: 192.168.2.1#53(192.168.2.1) ;; WHEN: Wed Aug 12 15:15:14 2009 ;; MSG SIZE rcvd: 148 netvisao.pt is our ISP provider.
It appears from the message header you posted that you sent the message to a Gmail account. I assume that the message was delivered to the SPAM or JUNK folder in the Gmail account. I had the same issues until I installed dkimproxy. Gmail uses DKIM signatures and Yahoo uses DomainKeys signatures. Once I started signing outgoing email messages, mail has a better (although not perfect) record of being delivered to the Inbox rather than a Junk folder. My base system is a Debian 5 (Lenny) server with ISPConfig3 setup using the How To on this site. For the dkimproxy setup, I had to look to other tutorials available on the Internet. It was a lot of trial and error. Lenny does have dkimproxy in the repositories which can be installed with 'apt-get install dkimproxy', but I had problems getting it to work correctly. I eventually built a version from source using another tutorial.
I recently reconfigured my system. I no longer use dkimproxy. Instead, I configured amavis-new to perform the DKIM signatures. It was pretty easy to do and removes one hop from email processing. Some reports I read claim that server utilization is much lower using amavis-new rather than dkimproxy as well.
I have the same problem. I cannot use the TXT record. I added and removed it few times, but it just didnt show in the info: Code: root@server1:~# dig @localhost txt netlabs.bg ; <<>> DiG 9.6.1-P2 <<>> @localhost txt netlabs.bg ; (2 servers found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5344 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;netlabs.bg. IN TXT ;; AUTHORITY SECTION: netlabs.bg. 86400 IN SOA ns1.netlabs.bg. support.netlabs.bg. 2010092002 28800 7200 604800 86400 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Sep 20 11:14:10 2010 ;; MSG SIZE rcvd: 76 root@server1:~# Code: mysql> select * from dns_rr where type like 'txt'; +-----+------------+-------------+---------------+----------------+----------------+-----------+------+-----------------+------+---------------------- +-----+-------+--------+---------------------+------------+ | id | sys_userid | sys_groupid | sys_perm_user | sys_perm_group | sys_perm_other | server_id | zone | name | type | data | aux | ttl | active | stamp | serial | +-----+------------+-------------+---------------+----------------+----------------+-----------+------+-----------------+------+---------------------- +-----+-------+--------+---------------------+------------+ | 124 | 1 | 0 | riud | riud | | 1 | 1 | mail.netlabs.bg | TXT | v=spf1 a mx ptr ~all | 0 | 86400 | Y | 2010-09-20 10:59:27 | 2010092001 | | 123 | 1 | 0 | riud | riud | | 1 | 1 | netlabs.bg | TXT | v=spf1 a mx ptr ~all | 0 | 86400 | Y | 2010-09-20 10:59:02 | 2010092001 | +-----+------------+-------------+---------------+----------------+----------------+-----------+------+-----------------+------+---------------------- +-----+-------+--------+---------------------+------------+ 2 rows in set (0.00 sec) Using ISPConfig 3.0.2.2
You must use dots at the end of the hostnames, e.g. mail.netlabs.bg. netlabs.bg. Also, please put the TXT record in quotation marks, e.g. Code: "v=spf1 a mx ptr ~all"
Spf txt FALKO - quick question: When I use quotes in the ISPConfig > DNS > Zones page, my /etc/bind/pri.domain.tld file TXT entry looks like this: Code: ""v=spf1 +a +mx ~all"" (note the double quotes) When I remove them from the ISPConfig form, then it looks like: Code: "v=spf1 +a +mx ~all" Your post and the ISPConfig 3 manual (as of May 2011) both say to use quotes when defining TXT records in ISPConfig. This seems wrong no?
For example, this is my default template: Code: [ZONE] origin={DOMAIN}. ns={NS1}. mbox={EMAIL}. refresh=28800 retry=7200 expire=604800 minimum=86400 ttl=86400 [DNS_RECORDS] A|{DOMAIN}.|{IP}|0|1800 A|*|{IP}|0|1800 A|mail|{IP}|0|1800 A|www|{IP}|0|1800 CNAME|ftp|{DOMAIN}.|0|1800 CNAME|phpmyadmin|{DOMAIN}.|0|1800 CNAME|webmail|{DOMAIN}.|0|1800 NS|{DOMAIN}.|{NS1}.|0|1800 NS|{DOMAIN}.|{NS2}.|0|1800 MX|{DOMAIN}.|mail.{DOMAIN}.|10|1800 TXT|{DOMAIN}.|v=spf1 +a +mx ~all|0|1800 This returns a glowing report from http://intodns.com/domain.tld The subtle variations (e.g. using A instead of CNAME for the www and mail records).
I know this is an 1.5 years old thread, but I'm having the same problem. Double quotes. Is this correct at all?
SPF records have to be added without quotes as ispconfig adds the quots automatically. I just checked this in the sources of the manual and the manual version that gets released for ispconfig 3.0.5 in january says to add them without quotes as well.
I've updated all SPF TXT in dns_rr with the following sql Code: update dns_rr set data = replace (data,'"','') where type="TXT" and data like '"%"'; Query OK, 212 rows affected (0.01 sec) Rows matched: 212 Changed: 212 Warnings: 0 How can I tigger ispconfig to rewrite all zone files?
