• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Problem with reverse DNS (SMTP Banner)

It's most relevant theme, I think, so I will add my additional info here.

I have Plesk on panel.host.com with one Shared IP (let's say 51.58.33.40 with PTR panel.host.com, this IP used by Plesk and most domains is hosted on this IP)
Also I have few dedicated IPs on this server (let's say 62.21.13.1, 62.21.13.2, 62.21.13.3, 62.21.13.4)
Plesk is configured to send mail from domain IP (as spamhaus wanted The Spamhaus Project - Frequently Asked Questions (FAQ))

Every dedicated IP attached to some client and they points (PTR) to, for example:
62.21.13.1 - > mail.somedomain1.com
62.21.13.2 - > mail.anotherdomain2.com
62.21.13.3 - > onemoredomain3.com
62.21.13.4 - > lastdomain4.com

Plesk is used by somedomain1.com and anotherdomain2.com ONLY for mail service (websites somedomain1.com and anotherdomain2.com located on additional server, so PTR for 62.21.13.1 and 62.21.13.2 can only point to mail.somedomain1.com or mail.anotherdomain2.com, this two hosts is used as MX)

My dedicated IPs were listed by Spamhaus CSS list. Why? Because SMTP Banner (panel.host.com) is not equal to IPs PTR
So I discussed this with Spamhaus support and we decided to try another option - "Send from domain IP addresses and use domain names in SMTP greeting"
Also the said:
1699016706920.png


But after some time my Shared IP were listed by Spamhaus XBL or similar. Why? Because they saw a lot of connection from ONE ip with different HELO
For now I'm trying to use next scenario:
- Plesk is configured to send mail from domain IP (as spamhaus wanted The Spamhaus Project - Frequently Asked Questions (FAQ))
- postfix config is changed to use custom HELO for Dedicated IPs
IMHO, the only thing I need in Plesk if this scenario is correct (but looks like it's the best one to match Spamhaus and similar blacklists requirements) - the option on domain level to override HELO.
p.s. One more thing I want so much too :) is to host multiple sites under one subscription with "no hosting", this is needed to sell mail only service
 
...
So I discussed this with Spamhaus support and we decided to try another option - "Send from domain IP addresses and use domain names in SMTP greeting"
No way this will work. I wonder why they told you that. It will create exactly the problem that you are trying to solve, because now you'll have different domain names in the HELO greeting with the same IP address.

But after some time my Shared IP were listed by Spamhaus XBL or similar. Why? Because they saw a lot of connection from ONE ip with different HELO
Yes, that's exactly the problem.

For now I'm trying to use next scenario:
- Plesk is configured to send mail from domain IP (as spamhaus wanted The Spamhaus Project - Frequently Asked Questions (FAQ))
- postfix config is changed to use custom HELO for Dedicated IPs
IMHO, the only thing I need in Plesk if this scenario is correct (but looks like it's the best one to match Spamhaus and similar blacklists requirements) - the option on domain level to override HELO.
Sounds like a good idea.
 
No way this will work. I wonder why they told you that. It will create exactly the problem that you are trying to solve, because now you'll have different domain names in the HELO greeting with the same IP address.
As I mentioned, they have CSS list (https://www.spamhaus.org/css/) and I was listed because my HELO is not equal with PTR, but in current state you can make HELO the same as PTR only using this "bad" option
 
Back
Top