Delivered to internal network by a host with no rDNS

Question

Recently our emails started going to spam for recipients at Gmail and Yahoo mail.

I ran a SpamAssassin test, and have found the following:

pts rule name description

---

0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.

0.0 HTML_MESSAGE BODY: HTML included in message

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

So it seems that the biggest problem (and 1.3 pts) is the RDNS.

However, my mail.domain.com resolves to my Exchange IP, and the Exchange IP resolves to mail.domain.com, so it should be fine...

Here's an example of an outgoing message:

Received: from mail.domain.com (unknown [222.222.222.222])
by ip-10-212-6-2 (Postfix) with SMTP id 97C9F38015E
for <p3GjWH1wbFYITg@dkimvalidator.com>; Sun, 20 Sep 2015 19:04:40 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha1; s=; d=domain.com; c=simple/simple; q=dns/txt; h=Date : From : Message-ID : Subject : To; bh=ncke3Vu4WRgoOv/Z6rF6XrCXKPg=; b=p1TsqtT3g5gwvovHyQk+xpzw0jQRMJceZ/4jR9rF5T6FgXhqDuSeNmLPQYkuo6re4oAbOpW+TMTg1c7Wk4BywUPmNmCVSc8PVZlhpEtU3fmb+L6/R+Gh1bjyx4Upwo/rRcp5ITdA9AhS7guv390WAJRzDk13peRZp3eVwtvtUZ8=;
Received: from EXCHANGE.DOMAIN.Local ([fe80::6089:4937:8119:7955]) by
 EXCHANGE.DOMAIN.Local ([fe80::6089:4937:5555:7995%12]) with mapi id 14.03.0224.002; Sun, 20 Sep 2015 15:04:39 -0400
From: John Smith <sender@domain.com>
To: "p3GjWH1wbFYITg@dkimvalidator.com" <p3GjWH1wbFYITg@dkimvalidator.com>
Subject: tsr
Thread-Topic: tsr
Thread-Index: AdDz1zKQUDx5Ne76TjSdqxtW9VzHDg==
Date: Sun, 20 Sep 2015 19:04:38 +0000
Message-ID: <32EBB6D0AED6624A909C59F3189660DFDA2F0B@EXCHANGE.DOMAIN.Local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.16.15.156]
Content-Type: multipart/alternative;
boundary="_000_32EBB6D0AED6624A909C59F3189660DFDA2F0BEXCHANGEDOMAINLocal_"
MIME-Version: 1.0

--_000_32EBB6D0AED6624A909C59F3189660DFDA2F0BEXCHANGEDOMAINLocal_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

srs

--_000_32EBB6D0AED6624A909C59F3189660DFDA2F0BEXCHANGEDOMAINLocal_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html dir=3D"ltr">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=1">
<style type=3D"text/css" id=3D"owaParaStyle"></style><style Type=3D"text/cs=s"></style>
</head>
<body fpstyle=3D"1" ocsi=3D"0">
<div style=3D"direction: ltr;font-family: Tahoma;color: #000000;font-size: =10pt;">srs</div>
</body>
</html>

--_000_32EBB6D0AED6624A909C59F3189660DFDA2F0BEXCHANGEDOMAINLocal_--

Answer 1

1) Sign up for the FBL at yahoo. https://help.yahoo.com/kb/postmaster/

2) Are you respecting NDR and Unsubscription links?

3) Do you have and maintain postmaster@ and abuse@ mailboxes?

It looks like your have good FCrDNS, SPF, DKIM, so it could be user complaints, which you will not know about unless you sign up for FBL.

You are missing an SPF for your mail host

 mail.nationaldebtrelief.com IN TXT "v=spf1 a -all"

You could also run test@allaboutspam.com and post the link.

Answer 2

The OP asks (among other things) about this issue:

-1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

This is caused by reverse lookups of 127.0.0.1 returning localhost, commonly caused by redirecting mail in-and-out-of localhost for spam/virus filtering (like through amavis). It will create headers like this with rDNS showing incorrectly for as localhost for 127.0.0.1:

Received: from smtp.example.com (**localhost** [127.0.0.1])
    by smtp.example.com (Postfix) with ESMTPA id A5F13FEF
    for <example@example.com>; Wed, 26 May 2021 17:07:02 -0700 (PDT)

Note that I added *'s around **localhost** above to highlight the issue. By updating /etc/hosts file and placing your hostname before the word localhost it will be be placed correctly in your logs:

So you want this:

~]$ cat /etc/hosts
127.0.0.1   smtp.example.com localhost localhost.localdomain 
::1         smtp.example.com localhost localhost.localdomain

not this:

~]$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain smtp.example.com
::1         localhost localhost.localdomain smtp.example.com

and definitely not this:

~]$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain
::1         localhost localhost.localdomain

... or you can configure rDNS for 127.0.0.1 but that seems silly...just what hostname should a centralized rDNS server respond with? Indeed, it can't ;)