Tuesday, February 24th, 2009

An question frequently seen on support forums for Linux VPS providers like Slicehost and Linode is that of e-mail deliverability. “E-mail deliverability” refers to how reliably your mail will be delivered to its intended recipients while avoiding being filtered as spam.

Note: If you’re here looking for spamming tips, keep moving.

With that out of the way, one of the simplest ways to improve the ability of your VPS to deliver mail to others is to make sure your hostnames are in order. This is one of the most often overlooked steps, yet it can be fixed in under two minutes. Executive summary: your MTA should identify itself with a fully-qualified hostname, this name should resolve to your server’s IP address, and your IP address should reverse-resolve back to this name.

Here’s how to check if you need this, and how to fix it if you do. All the following commands are run after connecting to your server via SSH. Commands that require elevated privileges are prefixed with “sudo”. These examples use Ubuntu Linux with Postfix, but this advice applies to any internet server that needs to deliver mail, even Windows (but Windows admins will have to figure out how to do it on their own).

First, let’s see what your server’s hostname actually is.

$ hostname
milan.corvidworks.net

The value of hostname should be a fully-qualified domain name (FQDN), meaning one containing both host and domain parts. In this real-life example, this server’s hostname is milan and the domain is corvidworks.net.

If your server returns a single name (“foo”) or just a second-level domain name (“example.com”), the first thing you need to do is change it, substituting your desired name. Feel free to be creative here — too many people name their servers “server1″ or similar. I name all my machines after cities, for example. Best practice is to use a name that is not related to any services you’re running, so don’t name it “www.example.com” either. This name does not need to relate to the From: address your mail is using, or to any web site you’re hosting.

$ sudo hostname foo.example.com

Depending on your OS/distro, you may now need to edit a couple files as well. Your /etc/hostname file should read:

foo.example.com

and your /etc/hosts should include the line:

127.0.0.1    foo    foo.example.com

Once that’s done, you should see results similar to the following, again with your own hostname instead of mine:

$ hostname
milan.corvidworks.net
$ hostname -s
milan

Now that the system knows its own name, let’s move on to your MTA. I’m using Postfix but the principles applies to any MTA, although the instructions will differ. In /etc/postfix/main.cf find the $myhostname line and change it to match the FQDN you set for the server, and set $myorigin to match.

myhostname = milan.corvidworks.net 
myorigin   = $myhostname

Debian and Debian-based systems, such as Ubuntu, get $myorigin from /etc/mailname by default. Feel free to update or create that file or just change the value as shown here.

If this server is not handling mail for your domain, make sure $mydestination is correct. Unless you want mail to your own domain delivered locally, your domain name alone should not appear in this line.

mydestination = $myhostname, localhost.$mydomain, localhost

Restart Posfix and make sure it’s identifying itself correctly by connecting to port 25. You should see the fully-qualified name you entered above in the SMTP banner:

$ sudo postfix reload
postfix/postfix-script: refreshing the Postfix mail system
 
$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 milan.corvidworks.net ESMTP Postfix

(type “quit” to end the SMTP session)

Still with me? Great. The work on your server is done and all that’s left is DNS. This step is going to vary greatly depending on your specific setup, so I can’t give any real instructions here other than tell you what you need. There are two records that need to be set:

• An A record pointing your fully-qualified hostname to your server’s IP address
• A PTR record (“reverse DNS“) pointing your server’s IP address back to that same FQDN

The A record will be set up where ever your DNS is managed. This may be at your VPS provider, your domain registrar, or a third-party DNS hosting company such as DNS Made Easy. The PTR record will be set up by your VPS host. They may offer a way to do this via some sort of control panel, but failing that a support ticket should take care of it. If they don’t offer this service, find a new hosting company.

And that’s it. Give the new DNS records a chance to propagate and you’ll be able to verify them using host. New records should be visible almost immediately, while changes may take up to 24 – 48 hours.

$ host milan.corvidworks.net
milan.corvidworks.net has address 65.49.60.34
 
$ host 65.49.60.34
34.60.49.65.in-addr.arpa domain name pointer milan.corvidworks.net.

And that’s it! Doing this won’t magically guarantee that your mail will be delivered but it will definitely increase your chances.