On 2014-11-02 09:53, Darren Pilgrim wrote:
On 8/22/2014 7:32 AM, Lorenzo Colitti wrote:
Note that from the text it sounds like SPF / DKIM is not strictly
required, but it looks like a PTR record is a hard requirement.
PTRs are a hard requirement, yes. That's not a problem. All places
where you can run a legitimate MX will have working reverse DNS and
nearly all will facilitate FCRDNS.
The problem is Google ignores the fact you must not hard fail on DNS.
Even if the response is NXDOMAIN, the most you can do is soft bounce
because you can not know why you didn't get an RR. Gmail hard bounces
on such errors even though doing so accomplishes nothing you could
consider an anti-spam countermeasure.
I get relay failure to gmail at least once every day. It is always
the same thing: gmail's server didn't get a response to the PTR lookup
and 5xx'd the mail. I've even seen mail to the same server succeed
mere seconds later. Google has an internal reliability problem and a
policy that pushes the cost out to those with no power to fix it.
"Please resend the email and let me know if it fails again" is not
what my users want to hear, but it's the only answer that works.
At least that's an observation one can work with. If you have server
logs that show this problem I take them in private mail. Of course, if
the problem is actually on your DNS servers side it's not really a
reliability problem internal to Google.
Kind regards
Philipp Kern
