Solve Reverse DNS Lookup Error for Mail Server

postfixreverse-dns

Environment: Digital Ocean, Centos 8, Postfix/Dovecot

Background: For my droplet I used a FQDN, server.example.com. Digital Ocean configures the PTR record (reverse DNS entry) on their end based on the droplet name.

This works fine with my web server. Unfortunately I'm getting a reverse DNS lookup error for my Postfix email server. In Postfix main.cf I used mail.server.com as the value for the myhostname parameter.
Below are some relevant entries from my DNS records.

Type: A
Name: example.com
Value: 100.100.100.100

Type: A
Name: mail.example.com
Value: 100.100.100.100

Type: MX
Name: example.com
Value: mail.example.com

The error I get on MXToolbox is,

Reverse DNS does not match SMTP Banner.

I tried adding an additional DNS record to fix the problem but the error didn't go away.

Type: A
Name: server.example.com
Value: 100.100.100.100

Question: Is there a DNS record I can add to fix this problem? I'm not sure how to fix a reverse DNS lookup problem.

Addendum
The answer to this question is in the comments. The correct way to solve this is to rename the mail server server.example.com. Otherwise I would need 2 different Droplets or servers. Email always comes from user@example.com so to end users their world looks the same regardless of what the mail server is named.

Best Answer

Only Digital Ocean can control the reverse DNS, as the PTR records aren't on your zone, but on an in-addr.arpa. zone controlled by the owner of the IP address. A Digital Ocean Community question has an answer to this:

The Reverse DNS is configured automatically from our end based on the droplet’s hostname.

To rename your droplet via the control panel, do the following:

  1. Login to the Digital Ocean Control Panel

  2. Go to Droplets

  3. --> Click the droplet you want to rename

  4. Then, on the droplet detail window, click on the name of your droplet (you wouldn’t know you could)

  5. Go to the Settings Tab

  6. --> Change the name in the entry field and click the check mark

Make sure you also edit your droplet’s hostname internally as well. Update /etc/hostname and /etc/hosts and reboot.

The PTR should be automatically adjusted in few hours due to DNS cache. If this is still not working after several hours, you can contact our support team as well.

It's also possible to do the opposite i.e. alter your SMTP banner to match the current PTR record.

Related Topic