I'm currently trying to figure out how to configure my rDNS to be SpamAssassin friendly.
SpamAssassin's documentation only seems to provide the following;
https://wiki.apache.org/spamassassin/Rules/CK_HELO_DYNAMIC_SPLIT_IP
"The HELO appeared to be suspicious. This is typically the result of a poorly configured email server advertising itself as XXX-XXX-XXX-XXX.hostname.tld (where XXX is an IP address)."
Currently, my rDNS is set as follows on the ISP's side;
XX.XXX.XXX.XX.static.domainname.com
domainname obviously being my domain name. Originally, it was that but without the "static" part, I tried doing this as the documentation on what is an acceptable "static" and "non-generic" rDNS would be. Didn't seem to fix the issue. I've also tried using the following service; https://www.debouncer.com/reverse-dns-check
I'm currently Postfix/Dovecot on FreeBSD, and using cloudflare for my DNS (Exclusively in DNS only mode as cloudflare itself doesn't support email traffic), I've set up an A record to point my reverse DNS towards my server's IP so that it resolves.
What should I do to mitigate this issue? My guess currently would be to remove the IP entirely from the rDNS record.
Best Answer
To pass the PTR check, you'll have to make sure the IP matches the expected hostname. If your mail server is
mail.example.com, it should look like this when doinghostordig:If your mail domain isn't
XX.XXX.XXX.XX.static.domainname.comthen you need to change it. If you control the DNS for the domain, you should be able to create a PTR record to match.