Emails getting rejected from Gmail on Virtualmin/Webmin and CentOS

Posted December 23, 2015 9.6k views

I have a CentOS 7 droplet that currently hosts 4 domains running Virtualmin/Webmin.

The dropled is named (which is one of the 4 domains). PTR record is updated correctly with the droplet IP.

BIND DNS Server module is disabled, as I am using the “Networking > Domains” panel provided by DO. Per each of my domains, I have configured DNS as follows:

A         @       *droplet ip*
A         mail    *droplet ip*
CNAME     www
CNAME     *
MX        5
TXT       @       "v=spf1 a mx ip4:*droplet ip* ?all"

Here are my /etc/hostname

And /etc/hosts

▽      server   localhost.localdomain   localhost   localhost4.localdomain4  localhost4

::1          server
::1             localhost.localdomain    localhost
::1             localhost6.localdomain6  localhost6

*droplet ip*

And /etc/resolv.conf

# Generated by NetworkManager

Finally, I have setup a forward from to my gmail account.

Here the issue comes: if I send a test email from my outlook account to I expect it to get it delivered to my gmail account. However, this is what I get back:

This is the mail system at host server.localdomain. 

I'm sorry to have to inform you that your message could not 
be delivered to one or more recipients. It's attached below. 

For further assistance, please send mail to postmaster. 

If you do so, please include this problem report. You can 
delete your own text from the attached returned message. 

The mail system 

<> (expanded from <>): host[] said: 550-5.7.1 [*droplet ip*] 
The IP address sending this message does not have a PTR 550-5.7.1 record 
setup. As a policy, Gmail does not accept messages from IPs 550-5.7.1 with 
missing PTR records. Please visit 550-5.7.1 for more 550 
5.7.1 information. r7si49844073wmg.47 - gsmtp (in reply to end of DATA 

What am I doing wrong?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

It sounds like your droplet’s name is not a FQDN (Fully Qualified Domain Name). If you rename your droplet to use a FQDN (such as, the PTR record would update for your automatically. Once that globally propagates, you would not longer get that error from gmail.

Hope it helps!
Jason Colyer
DigitalOcean Platform Support Lead

  • I ended up working that out, but thank you for the reply!

    I still have a question, though. Do I need to add a:
    TXT @ “v=spf1 a mx ip4:dro.ple.tip ?all”

    for each of the domains? Or only in the domain matching the droplet name? Or do I not need that line at all?

    Thank you

    • You would want to have an SPF record and a DKIM record for any domain you will be using in your mail setup. This helps to prevent it from being logged as spam or spam-like. The records basically do a little extra to show the email was authenticated from the source.

      There is actually a great SPF record generator available here. It can ensure your SPF record does everything you would want from it.

      Hope it helps,
      Jason Colyer
      DigitalOcean Platform Support Lead

      • That’s great, thank you.

        So using the tool you provided I got the following:  IN TXT "v=spf1 mx a ip4:dropletip/32 ?all"

        Is that correct? My only doubt is that only the website that matches the droplet name has a FQDN. Would adding that line per each domain be enough?

        • It really depends on how strict you want your checks. On a general rule, something like this would work for you:

 IN TXTv=spf1 mx a:mail.domain.;com -all`“

          I would recommend each domain you are going to use have that for it. This way, they all are able to authenticate properly. You would want the record on that domain’s DNS zone file. So if you had the domains:

          You would want each having it. If your mail server (in this example) was, the records would look like so:
          ``` IN TXT ```v=spf1 mx a:mail.domain.;com -all`
 IN TXT ```v=spf1 mx a:mail.domain.;com -all`
 IN TXT ```v=spf1 mx a:mail.domain.;com -all````
          Hope it helps,
          Jason Colyer
          DigitalOcean Platform Support Lead