[nSLUG] Sendmail configuration

Jon Watson me at jonwatson.ca
Wed Mar 19 21:54:20 ADT 2008


> > We only own a public IP.  we dont really have a domain name, is it
> > possible to use IP ?
> I suspect that this is going to cause you the most grief. While there are
a ton of spam checks that various hosts use to check incoming email, two of
the more common are sender callouts and rDNS domain verification.

When sender callouts are enabled on a mail server, the process is something
like this:

1. Sending mail server connects and says it has email for some local user
and it is from foo at bar.com
2. Receiving mail server stalls the receipt, opens up a new socket, connects
to the MX server for bar.com and says it has mail for foo.
3. If bar.com says that is does indeed have a foo user account and asks for
the email, the server disconnects and accepts the original email

A second common check involves verifying the bar.com in different ways. It
typically involves a reverse DNS lookup in that the receiving mail server
checks to see if the ip of bar.com matches the IP of the server that has
connected to it. I think there are generally also different checks involving
SPF records which can 'authorize' another various other servers to deliver
mail for bar.com. Some domain verifications only check to see if
bar.comexists and don't concern themselves with what server is
connected to them.
Various configurations for this one and varying degrees of effectiveness.

In any case, though, the assumption is that there is some sort of domain
name involved and if you're attempting to deliver mail from a server that
has no DNS records, then that is likely where the problem lies. There's
nothing technically wrong with sending email from a server with no name, but
over the years that sort of behaviour has been linked to spammers and will
undoubtedly trigger a lot of alarms on receiving servers.

As Mike has stated, you can use the PHP mail() function to put together a
proper email, but if you're sending from a server without the expected DNS
records to the Internet at large, you will likely continue to have problems.

Posting the full headers of some bounced email should shed light on it. Most
mail servers are set to be somewhat verbose when refusing mail and there
should be reasons following the 550 (or whatever) error.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/mailman/private/nslug/attachments/20080319/5aa35859/attachment.html>

More information about the nSLUG mailing list