On Mon 04/03/2024 at 01:41, Gareth Evans <donots...@fastmail.fm> wrote: > ... > It seems FCrDNS (aka iprev) requires that > > "a given IP address has both forward (name-to-address) and reverse > (address-to-name) [DNS] entries that match each other ... the forward > and reverse lookup for the sending relay have to match ..." > > https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
The gmail approach: "[1] Your sending IP address must have a PTR record. [2] PTR records verify that the sending hostname is associated with the sending IP address. [3] Every IP address must map to a hostname in the PTR record. The hostname specified in the PTR record must have a forward DNS that refers to the sending IP address. [4] Set up valid reverse DNS records of your sending server IP addresses that point to your domain. Check for a PTR record with the Google Admin Toolbox Dig tool. [5] Important: The sending IP address must match the IP address of the hostname specified in the Pointer (PTR) record." https://support.google.com/a/answer/81126?sjid=4755382892496727686-EU&visit_id=638451153074881031-136330308&rd=1#ip&zippy=%2Crequirements-for-all-senders [2] might be considered informational. [3] and [5] seem to allow relay/PTR host mismatch as long as they share the same IP. [4] suggests the opposite, but may just be "advice". The fact that their advice is not merely "sending server hostname must have corresponding PTR record" seems to suggest flexibility, and seems ambiguous at best. It'll be interesting to see what actually happens if the issue that prompted my enquiry gets fixed. Thanks, Gareth _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
