550 invalid DNS MX or A/AAAA resource record

Your MX record is a CNAME instead of an A or AAAA record?

Apparently that's what they dislike, based on RFC 2181 section 10.3:

http://www.iredmail.org/forum/topic8938 … d-dns.html">http://www.iredmail.org/forum/topic8938-iredmail-support-550requested-action-not-taken-mailbox-unavailable-550-invalid-dns.html

You do a "MAIL FROM xxx@yyy.zzz" as part of the SMTP transaction. "yyy.zzz" must have an MX that resolves to an A or AAAA record (depending on IP4 or IP6). If there's no MX then there must be an A or AAAA record. An MX record can not point to a CNAME, it must point to an A/AAAA record.

This is a pretty common anti-spam ruleset used on many servers and catches quite a lot of spam.

Right on target!

I'm using CNAME records as MX with prio 10 and 20. I added another M now with priority 5, and used the IP4 instead, just to make sure everything works before I change the other two.

Thanks!

Hi!

I'm still having problems with this. The other day I noticed this in the postfix log again:````
550 invalid DNS MX or A/AAAA resource record

In my DNS configuration I've got 3 MX records:````
epost    MX   5 123.123.123.123
epost    MX   10 123.123.123.123
epost    MX   20 123.123.123.123

Earlier the two with prio 10 and 20 was CNAME records pointing to a host name, but I changed them yesterday to A records with TTL 3600, which means it SHOULD work now after more than 24 hours. But when sending an email to a gmx.net address, the same error appear in the postfix log.

Can anyone point me in the right direction? I have no idea how to solve this.

Thank you!

@RFC 5321:

When a domain name associated with an MX RR is looked up and the

associated data field obtained, the data field of that response MUST

contain a domain name. That domain name, when queried, MUST return

at least one address record (e.g., A or AAAA RR) that gives the IP

address of the SMTP server to which the message should be directed.

MX records should be domain names, not IP addresses. Said domain names should resolve directly to IP addresses via A or AAAA records, not CNAMEs. Looks like you took care of the CNAME problem but you aren't supposed to use IP addresses directly.

Hmm okay.. So you mean I have to add at least one MX like this: mailx MX 5 email.mydomain.com email A 123.123.123.123

Would that make the mentioned error to go away?

Thanks!

The MX record needs to correspond to the sending email domain for it to have any impact on the error message. If you are sending/receiving mail from an address like someone@mailx.yourdomain.com, then your latest DNS records should be correct.

If you are sending/receiving mail from someone@yourdomain.com, then you would want to lose the "mailx" part of the MX entry and leave it blank MX 5 email.mydomain.com email A 123.123.123.123

Ok thanks, I'm sending e-mails from name@email.mydomain.com. Should the setup be like your sample above?

Hi!

Just to confirm, should it be like this? email MX 5 email.mydomain.com email A 123.123.123.123

My sender address is name@email.domain.tld i.e. a subdomain.

Thanks!

That should work. Actually in that case, you don't really need an MX record (if you don't, the A record will be treated as an implicit MX record), but it hurts nothing to have one.