How to setup a PTR record?

February 2, 2017 13k views
DNS Ubuntu 16.04
smeehan
By:
smeehan

Hi,

I have a contact form on my website (hosted with Digital Ocean). The contact form sends form submissions to my Google G-Suite email address. Unfortunately emails are being marked as spam.

My setup

  1. I'm managing my DNS with hover.com.
  2. I've added SPF and a DKIM txt records but emails from the form still end up in my spam folder.
  3. I'm using serverpilot.io to manage my Digital Ocean server

Where I'm up to

  1. After a bit of digging around the Digital Ocean forum I found out about the PTR record
  2. I also discovered mxtoolbox.com, this highlighted another issue that is most likely causing problems with spam
  3. mxtoolbox.com, shows I'm also missing a dmarc record.
  4. I'll create a separate post about setting up a dmarc record.

Have I correctly setup my PTR record? This is what I've done:

  1. My Droplet was called my-company-website
  2. I found this ServerPilot guide How to Set PTR Records and Reverse DNS
  3. According to the guide:

DigitalOcean will set a PTR record for your server as long as you use a fully qualified domain name (FQDN) like pluto.example.com rather than a single-label hostname like pluto.

  1. For this example my domain is mywebsite.co.uk
  2. I used digitalocean.mywebsite.co.uk to name my Droplet
  3. I logged into Terminal and ran host xx.xxx.xx.xx
  4. It shows the domain name pointer is now the same as my droplet name
  5. xx.xx.xxx.xx.in-addr.arpa domain name pointer digitalocean.mywebsite.co.uk.
  6. The changes appear to be almost instant on the Digital Ocean droplet
  7. Testing this in mxtoolbox.com still shows errors, but from reading other posts I need to wait at least 24 hours for these changes to propagate.
  8. Have I done this right?
  9. Are there any other steps I should take related to PTR record setup?

Kind regards
Stephen Meehan

UPDATE

I've not waited 24 hours for the changes to take affect, but it looks like they have partly worked...

I've ran a test submission from my contact form on my website, emails are still going to spam. But I thought I'd take a look at the email header to see if I can spot any mention to the updated domain name pointer

It looks like Google Mail can see the update, digitalocean.mywebsite.co.uk. is in the header...

This bit looks like it could be wrong:

Received: from my-company-website.localdomain.example.com (digitalocean.mywebsite.co.uk. [xx.xxx.xx.xx])

It still says Received: from my-company-website. That was the original name of my Droplet

Is that supposed to still say that?

Here's the full header, I've redacted any IP addresses.

Delivered-To: s.meehan@mywebsite.co.uk
Received: by 10.79.31.67 with SMTP id f64csp2990959ivf;
        Thu, 2 Feb 2017 03:50:54 -0800 (PST)
X-Received: by 10.28.45.197 with SMTP id t188mr7968770wmt.15.1486036253973;
        Thu, 02 Feb 2017 03:50:53 -0800 (PST)
Return-Path: <s.meehan@mywebsite.co.uk>
Received: from my-company-website.localdomain.example.com (digitalocean.mywebsite.co.uk. [xx.xxx.xx.xx])
        by mx.google.com with ESMTP id xxxxxxxxxxxxxxxxxxxxxxxx
        for <s.meehan@mywebsite.co.uk>;
        Thu, 02 Feb 2017 03:50:53 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning s.meehan@mywebsite.co.uk does not designate xx.xxx.xx.xx as permitted sender) client-ip=xx.xxx.xx.xx;
Authentication-Results: mx.google.com;
       spf=softfail (google.com: domain of transitioning s.meehan@mywebsite.co.uk does not designate xx.xxx.xx.xx as permitted sender) smtp.mailfrom=s.meehan@mywebsite.co.uk
Received: by my-company-website.localdomain (Postfix, from userid 1000) id 0CD8E40899; Thu,
  2 Feb 2017 11:50:53 +0000 (UTC)
To: s.meehan@mywebsite.co.uk
Subject: Paul - Enquiry
Date: Thu, 2 Feb 2017 11:50:52 +0000
From: Company Name <s.meehan@mywebsite.co.uk>
Reply-To: demoemail@gmail.com
Message-ID: <75aca06ac1bd0890ff9a106e41baca4b@mywebsite.co.uk>
X-Mailer: PHPMailer 5.2.21 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8

Name:                         Paul Test
Email:                        demoemail@gmail.com
Message:                      
This is a test
Log In to Comment
5 Answers
Woet February 2, 2017

The hostname in the headers are the one in your mail server config. Just do a grep for it in /etc/

Reply
smeehan February 2, 2017

Hi

Thanks for the reply. I'm pretty new to this.

  • My Droplet was called my-company-website
  • I changed this in the Digital Ocean control panel to digitalocean.mywebsite.co.uk

Hostname and hosts files

In my hostname file located at /etc/hostname it shows the new Droplet name digitalocean.mywebsite.co.uk

The hosts file located at etc/hosts shows the original Droplet name my-company-website

Email header
The email header still shows the old Droplet name my-company-website:

Received: from my-company-website.localdomain.example.com (digitalocean.mywebsite.co.uk. [xx.xxx.xx.xx])
        by mx.google.com with ESMTP id xxxxxxxxxxxxxxxxxxxxxxxx

A couple of questions about this header:

  1. Why does it mention example.com?
  2. Is the Received part of the email header getting my-company-website from the etc/hosts file? Looks like it is...

What next?
The etc/hosts file displays the old Droplet name my-company-website:

127.0.1.1 my-company-website.localdomain my-company-website

I'm not sure what I need to change this to?

Do I need to update it to use the new droplet name digitalocean.mywebsite.co.uk

127.0.1.1 digitalocean.mywebsite.co.uk.localdomain digitalocean.mywebsite.co.uk

Or do I use just the domain name?

127.0.1.1 mywebsite.co.uk.localdomain mywebsite.co.uk

Bit confused?

Reply
SunSparc February 4, 2017

From what I have read, the only thing you need to change is the Droplet name to a fully qualified domain name (fqdn). Which you have done, so you should be good to go.

For clarification:

  • top level domain: co.uk
  • domain name: mywebsite.co.uk
  • hostname: digitalocean.mywebsite.co.uk

A hostname is a fully qualified domain name.

You should not need to change anything on your server/droplet in order for the PTR to take effect.

The example.com could be in the /etc/hosts file (or other file in /etc). You should be able to remove it or comment it out.

Reply
smeehan February 6, 2017

Hi

Thanks for the replies.

  • I couldn't get etc/hosts to keep the edits I made after a sever reboot
  • So I effectively couldn't rename the host
  • It was quicker to just create a new Dropletwith a FQDN from the start
  • To be honest I think the PTR record was the only part of the puzzle
  • After setting up the Droplet with a FQDN, I noticed emails did appear in my inbox
  • Looking at the Email Header I could see they had an spf softfail
  • After some more digging around I was able to edit my spf record
  • Emails from my website contact form now go to my inbox (great) and are marked with a spf pass (brilliant).
  • Phew :)
Reply
tomased6ceb20e1807e74a2a21 July 27, 2018

This sort of issues are easier to tackle using the right set of tools in my humble opinion.

Google offers Postmaster tools to check email issues/quality on their end.

And I've been using dmarcanalyzer.com/ to verify both SPF and DMARC records.
This service will show all the passes and fails for every mail from every sender origin.

To mitigate this kind of issues we stopped sending mails from our webservers all together and started using Postmark
Mails never went to spam and the most convenient thing is to have clear feedback on every send email so we know if it bounced / got rejected / read / unread.

I hope this is of any help to future readers :)

Reply
Have another answer? Share your knowledge.

Related Questions