Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
 Post subject: Citadel
PostPosted: Fri Aug 21, 2009 9:52 am 
Offline
Junior Member
User avatar

Joined: Wed Jan 16, 2008 1:23 pm
Posts: 30
ICQ: 640975757
Website: http://cybrcaf.net
Location: half-way between my ears
Any opinions and advice about running Citadel? -- server specs, disk space, RAM, security, and general experiences? Thnx.


Top
   
 Post subject: I run it.
PostPosted: Tue Aug 25, 2009 5:02 am 
Offline
Junior Member
User avatar

Joined: Thu Apr 23, 2009 2:32 am
Posts: 41
Website: http://www.linode.com/
I use a Linode 360 running Citadel to handle mail for several domains. Haven't had any problems with it.


Top
   
 Post subject: got it
PostPosted: Wed Sep 02, 2009 6:34 pm 
Offline
Junior Member
User avatar

Joined: Wed Jan 16, 2008 1:23 pm
Posts: 30
ICQ: 640975757
Website: http://cybrcaf.net
Location: half-way between my ears
up and running just fine. it was easy, and works great.


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 1:28 am 
Offline
Senior Newbie

Joined: Thu Aug 20, 2009 11:30 am
Posts: 13
Did you guys just follow the instructions on the wiki on how to get it running? I did, and citadel runs, but I can't seem to get any mail outside.. it just doesn't arrive.

Is there more things to set besides that stuff? I'm using ubuntu 9.04.


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 1:32 am 
Offline
Newbie

Joined: Thu Sep 03, 2009 11:45 pm
Posts: 4
underthesun wrote:
Did you guys just follow the instructions on the wiki on how to get it running? I did, and citadel runs, but I can't seem to get any mail outside.. it just doesn't arrive.

Is there more things to set besides that stuff? I'm using ubuntu 9.04.


You can't send mail, or can't receive it?


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 9:22 am 
Offline
Senior Newbie

Joined: Thu Aug 20, 2009 11:30 am
Posts: 13
Can't send mail.. and I get this ni the outbound smtp queue view:

XXXXXX@gmail.com
4.7.0 [67.18.XXX.XXX] Our system has detected an unusual amount of

Any ideas?


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 9:33 am 
Offline
Senior Member

Joined: Wed Feb 13, 2008 2:40 pm
Posts: 126
GMail has detected an unusual amount of. Ask them.


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 12:15 pm 
Offline
Senior Newbie

Joined: Thu Aug 20, 2009 11:30 am
Posts: 13
Actually, it seems that they're taking my mail as junk. I've set the proper mx records and smtp subdomain to point at my linode, not sure why this is happening..

anyone had this problem before?


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 1:59 pm 
Offline
Senior Member

Joined: Wed May 13, 2009 1:18 am
Posts: 681
Are your messages particularly "junk-like"? (HTML, particularly with embedded images, or using an address from a different domain than your server, etc...)?

Do you have your DNS PTR record (the "Reverse DNS" section on the network tab in Linode Manager) set up to properly translate the IP address of your Linode to its forward (A) record hostname. If that doesn't match, it might be taken as a strong indicator of spam.

Also, if you don't have it already, adding an SPF record to DNS for the domain sending the message may improve your odds - it can provide a stronger indication that your Linode is authorized to send mail for that domain.

-- David


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 2:13 pm 
Offline
Senior Newbie

Joined: Thu Aug 20, 2009 11:30 am
Posts: 13
So the reverse DNS have to match the domain? Right now, the IP is already being used for another .com.. and I'm trying to send mails using a second .com.

Do I have to set up a second linode, or should I just get an extra IP for my current linode? I wonder if Citadel supports something like this..

SPF is another matter I have to attend to I guess, but yeah.


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 2:59 pm 
Offline
Senior Member

Joined: Fri Dec 07, 2007 1:37 am
Posts: 385
Location: NC, USA
underthesun wrote:
anyone had this problem before?

Yes:
http://www.google.com/search?q=gmail+re ... +amount+of

I would check the most obvious explanation - have you been sending an unusual amount of unsolicited email to gmail users? You can check your logs, or if it is a new IP for you then you can check it against spam databases and see if it has a bad history.

Ideally, your rDNS should match up with an A record and also match the HELO name of your email server. Not everyone checks for all these to agree though, so YMMV.

You do NOT need a separate IP address for every domain you want to send mail from. The sending domain need not match the hostname of the server. In other words, you could send mail from user@example.com using a host named something.linode.com. You would want to set your SPF record appropriately, but in general this is a normal and accepted situation.


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 3:46 pm 
Offline
Newbie

Joined: Thu Sep 03, 2009 11:45 pm
Posts: 4
underthesun wrote:
Can't send mail.. and I get this ni the outbound smtp queue view:

XXXXXX@gmail.com
4.7.0 [67.18.XXX.XXX] Our system has detected an unusual amount of

Any ideas?


I use debian 5.0 and Citadel configured per the linode library instructions and a PTR record for my IP that reflects the domain Citadel is sending mail from. Gmail accepts messages from my server every time, but would not until I configured reverse DNS.


Top
   
 Post subject:
PostPosted: Tue Sep 08, 2009 5:00 pm 
Offline
Senior Member

Joined: Wed May 13, 2009 1:18 am
Posts: 681
underthesun wrote:
So the reverse DNS have to match the domain? Right now, the IP is already being used for another .com.. and I'm trying to send mails using a second .com.

"have to" is a bit strong, but yes, if they don't match you have significantly increased the odds your mail may be identified as spam, depending on the destination provider. From the receiving server's perspective, your current configuration appears identical to a random Internet host trying to originate mail on behalf of some other server/domain (which is, after all, what you are doing, albeit legitimately).

Quote:
Do I have to set up a second linode, or should I just get an extra IP for my current linode? I wonder if Citadel supports something like this..

SPF is another matter I have to attend to I guess, but yeah.

A second IP could certainly work, if you aligned its A and PTR records for the domain in question, but certainly doesn't scale very well.

An SPF entry should help alleviate the issue with the PTR record, since it's designed to say "host www" is permitted to send mail on behalf of domain "xxx.yyy". So if your forward A lookup matches your PTR for your mail host (whatever the domain), and you have an SPF indicating that mail host can send mail for the other domain in question, you're more likely to be trusted.

-- David


Top
   
 Post subject:
PostPosted: Wed Sep 09, 2009 12:10 am 
Offline
Senior Newbie

Joined: Thu Aug 20, 2009 11:30 am
Posts: 13
Awesome, thanks for the answers. I still feel a bit confused though..

What do you mean with:
"A second IP could certainly work, if you aligned its A and PTR records for the domain in question, but certainly doesn't scale very well. " ?

I have a lot of .coms and I want to do something like providing an email forwarding service eventually...

The thing is, since I only have one server (and that means one hostname), this means that all those systems trying to match the domain's .com to my hostname won't work would it? (namely, reverse DNS, and my hostname set under linux)

I'm setting my SPF record like this (based on godaddy's wizard):
v=spf1 mx mx:67.18.XXX.XXX -all
(where the above is my linode IP).

Is that enough?


Top
   
 Post subject:
PostPosted: Wed Sep 09, 2009 1:42 am 
Offline
Senior Member

Joined: Wed May 13, 2009 1:18 am
Posts: 681
underthesun wrote:
Awesome, thanks for the answers. I still feel a bit confused though..

What do you mean with:
"A second IP could certainly work, if you aligned its A and PTR records for the domain in question, but certainly doesn't scale very well. " ?

Just that each individual IP address can have it's own reverse lookup (PTR), so if you have two addresses, each could be dedicated to a different domain. But you'd need a different address per domain (you can only have one PTR for an address), so it doesn't scale to something like:

Quote:
I have a lot of .coms and I want to do something like providing an email forwarding service eventually...

This case :-)

Quote:
The thing is, since I only have one server (and that means one hostname), this means that all those systems trying to match the domain's .com to my hostname won't work would it? (namely, reverse DNS, and my hostname set under linux)

I'm setting my SPF record like this (based on godaddy's wizard):
v=spf1 mx mx:67.18.XXX.XXX -all
(where the above is my linode IP).

Is that enough?

I'm pretty sure that the "mx:" prefix is for domain names (it approves all MX servers for those domains) and not IP addresses. For that I think you want an "a:" prefix. Of course, if your Linode's 67.18.XXX.XXX address is in fact the MX for the domain in question, your earlier "mx" takes care of it already.

You might also want to start with ~all, which is a soft failure, progressing to -all (hard failure) if things are good. There's some debate about using -all (in lieu of ?all), since there's a small risk that an SPF check occurs somewhere other than at the external boundary where it's supposed to be applied (e.g., right after your server hands it off) and may incorrectly get bounced, but nowadays I think you should be fine.

You might want to take a peek at http://www.openspf.org for further resources. It can also help you create an SPF, as well as test one that you have published.

Also, with respect to GMail, if you view full headers you can find the SPF check header GMail adds, along with the determination it made.

-- David


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group