I'm seeing the following in /var/log/mail.log
UPDATE :I own the mentioned public IP addresses.
The IP address sending this message does not have a PTR 550-5.7.1 record
setup. As a policy, Gmail does not accept messages from IPs 550-5.7.1 with missing PTR records.
I need to setup reverse DNS by configuring PTR records on my DNS server and I'm having a hard time figuring what I'm doing wrong.
So far I have added in /etc/bind/zones/example.com.db
$TTL 86400; 1 day
@ IN SOA a.ns.example.com. admin.example.com. (
2016090901 ; serial
60 ; refresh (1 minute)
7200 ; retry (2 hours)
3600000 ; expire (5 weeks 6 days 16 hours)
86400 ; minimum (1 day)
)
1.196.198.in-addr.arpa. IN NS a.ns.example.com
1.196.198.in-addr.arpa. IN NS b.ns.example.com
11 IN PTR mail.example.com
6 IN NS a.ns.example.com.
9 IN NS b.ns.example.com.
MX 5 mail.example.com.
mail A 198.196.1.11
mx A 198.196.1.11
smtp A 198.196.1.11
www 60 IN A 198.196.1.22
example.com. 60 IN A 198.196.1.22
and in /etc/bind/named.conf
GNU nano 2.2.4 File: named.conf
options {
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
listen-on { 198.196.1.6; };
listen-on-v6 { "none"; };
recursion no;
allow-transfer { 198.196.1.9; };
also-notify { 198.196.1.9; };
};
controls {
inet 127.0.0.1 allow { localhost; };
};
zone "example.com" {
type master;
file "/etc/bind/zones/example2.com.db";
};
zone "example.com" {
type master;
file "/etc/bind/zones/example.com.db";
};
zone "1.196.198.in-addr.arpa" IN {
type master;
file "1.196.198.in-addr.arpa";
allow-update { none; };
};
and still when I do a PTR lookup I'm getting
dns2.xxxx.xy x.x.x.x AUTH 140 ms Received 1 Referrals , rcode=NAME_ERROR 1.196.198.in-addr.arpa. 14400 IN SOA mname=dns1.xxxx.xy rname=hostmaster.xxxx.xy serial=xxxxxx,
Best Answer
There is no delegation of neither 1.196.198.in-addr.arpa nor 196.198.in-addr.arpa zone on the DNS servers authoritative for 198.in-addr.arpa zone.
This is either your task to properly set it up or whoever sold/rented you the address space. Sole PTR record on your nameserver is not enough, the whole delegation chain must be also in place for this to work.