V 4 B L . o r g
The SMTP IPv4 DNS Block List
Seven basic steps to properly setup an Internet e-mail server.
Step 1. Get an Internet domain name (if you don't already have one.)
Step 2. Get an Internet IP for email use (if you don't already have one.)
Step 3. Define a unique, and service specific, hostname for e-mail use (FQDN) from that IP (Here are some examples: [correo|mail|poczta|smtp].yourdomain.tld)
Be sure to include a specific servername (not beginning with a number) portion in the FQDN - not just "yourdomain.tld"
If you have multiple domains, you should ensure that the FQDN is from the most credible domain (i.e. from your true company domain) - not from an alias, nor a service only, domain.
A good FQDN can make troubleshooting a whole lot easier down the road while also showing your most credible/responsible side.
Step 4. Configure e-mail server EHLO/HELO to match unique hostname string (from step #3).
This step is commonly overlooked and the default internal server name is used instead when left unchanged; which may be hard to see from within your own network - others will see it when you try to send them email from a hostname that is not a proper FQDN and/or does not match the rDNS = message rejected.
Step 5. Create an MX record to accept mail at that host/IP (from step #2), for your domain (from step #1).
(Assuming your server will also recieve emails.)
Step 6. Create a TXT record for SPF that allows only authorized FQDNs & IPs to send for your domain. (Like: "v=spf1 mx -all")
SPF is a whole other subject of conversation (not covered here - see RFC4408 or OpenSPF.org) and should always be used to help protect your domain from being spoofed.
Step 7. Create a rDNS entry for IP (from step #2) that matches the EHLO/HELO string (from step #4)
This last step (#7) is CRITICAL, as it requires you to make a request to your ISP (a request which only you should be able to make from them.)
Getting a rDNS to match your EHLO basicly tries to prove that "you are who you say you are."
Please understand, this checklist is only the bare minimum setup steps for a simple setup and does not cover complex setups like multiple names/IPs/domains/etc. and should not be taken as a remedy for any ongoing email problem. Consult with a proper e-mail server administrator and/or a DNS administrator to ensure all your email/DNS systems and settings are proper.
But it can, and should, be used as a basic troubleshooting checklist to recheck and confirm that the basic steps in your email setup are still in compliance.
Some very basic troubleshooting steps for existing systems.
© V4BL.org All rights reserved.
do not ever send here: .