On 8/22/2014 7:32 AM, Lorenzo Colitti wrote:
Note that from the text it sounds like SPF / DKIM is not strictly required, but it looks like a PTR record is a hard requirement.
PTRs are a hard requirement, yes. That's not a problem. All places where you can run a legitimate MX will have working reverse DNS and nearly all will facilitate FCRDNS.
The problem is Google ignores the fact you must not hard fail on DNS. Even if the response is NXDOMAIN, the most you can do is soft bounce because you can not know why you didn't get an RR. Gmail hard bounces on such errors even though doing so accomplishes nothing you could consider an anti-spam countermeasure.
I get relay failure to gmail at least once every day. It is always the same thing: gmail's server didn't get a response to the PTR lookup and 5xx'd the mail. I've even seen mail to the same server succeed mere seconds later. Google has an internal reliability problem and a policy that pushes the cost out to those with no power to fix it.
"Please resend the email and let me know if it fails again" is not what my users want to hear, but it's the only answer that works.
<<attachment: darren.vcf>>
