Having outgoing e-mail rejected due to domain name system configuration issues is a common problem that Internet e-mail server administrators face. There are eight things you can check to make sure that you re DNS is configured for optimum delivery. I will be covering a different item in each day of this series.
Does the hostname that your server introduces itself as, in the HELO command, resolve?
When your outgoing e-mail server connects to the recipient's e-mail server to deliver a message, the very first thing that it does is say "Hello" and introduce itself with its name. The simple mail transport protocol, also known as SMTP, which is used to transport e-mail from server to server, uses a command appropriately named "HELO" for this introduction step in the process.
An example of a mailserver introducing itself as "smtp.example.com" is below:
The name used in the introduction should be the fully-qualified domain name of your e-mail server. This means that the hostname should be a valid hostname and resolve to an IP address via your domain's public domain name service, also known as DNS. Most e-mail server software simply uses the hostname of the e-mail server in its greeting message.
The most common problem with this is that many office e-mail servers are configured with a name like "internal.smtp.example.com", which only resolves to a private IP address locally, or it may not even be a DNS name at all, but rather a Windows directory name. To have this hostname resolve to an IP address publically, you will need to have a DNS A record for this hostname on your domain's authoritative DNS nameservers.
You can check whether your e-mail server s hostname resolves to an IP address using the host command on UNIX/Linux. Below is an example using the example hostname of "smtp.example.com".
If you have a working A record, you ll get a result similar to the following.
smtp.example.com has address 18.104.22.168
If you don t have an A record, you ll get back a result similar to the following:
Host smtp.example.com not found: 3(NXDOMAIN)
To do this search on Windows, you can use the nslookup command from a command prompt window:
If you have a working A record, you ll get back a result similar to the following:
If you don t have a working A record, you ll get back a result like this:
*** UnKnown can't find smtp.example.com: Non-existent domain
Although no Internet standard requires that this hostname resolve to an A record, section 3.6 of RFC 2821 which is on the standards track to obsolete STD 10 requires that only resolvable, fully-qualified, domain names are permitted when domains are used in SMTP. The same RFC also indicates that you can use an IP address in the HELO instead of a hostname.
Many recipient e-mail servers will reject your e-mail for policy reasons if you don't use a hostname in the HELO that resolves to an A record, and will often cite an RFC 2821 violation. Some recipients will even reject the e-mail if the hostname doesn't resolve to a public IP address or to a public IP address that has an associated PTR record. For maximum delivery, I would recommend making sure that you use a hostname that resolves to an IP address via a DNS A record, and also make sure that that IP address has an associated PTR record. You may need to make some changes in DNS or even change your e-mail server's name in order to meet this requirement.
Other articles in this series: