203.30.8.0/21 is listed on the Policy Block List (PBL)
- Thread starter Kodey
- Start date
GPT5 tells me:
is there a problem receiving emails for example.com on a dynamic ip?
Yes — there can be problems.
I'm reluctant to install pmg on the vps as it already hosts a website and that would complicate maintenance and security significantly.
The best solution seems to be providing a static ip. Hopefully getting a reverse dns from my isp won't be too difficult.
is there a problem receiving emails for example.com on a dynamic ip?
Yes — there can be problems.
- Deliverability: Many MTAs and anti-spam services reject or defer mail to hosts in dynamic-IP ranges or IPs listed on PBL/RBLs, so other MTAs may refuse to deliver to your MX.
- ...
- Actual behavior depends on each sending operator’s configuration; being listed in a particular RBL/PBL or lacking PTR/DNS is what causes rejection/deferral, not an inherent property of every sender.
- For authoritative, actionable remediation: host MX on a static IP with proper PTR and publish SPF/DKIM, or place a static relay (smarthost/MX) in front of your dynamic host.
I'm reluctant to install pmg on the vps as it already hosts a website and that would complicate maintenance and security significantly.
The best solution seems to be providing a static ip. Hopefully getting a reverse dns from my isp won't be too difficult.
Of course you need a static IP (with good reputation) in order to be able to send out mails.
While that can be done in a variety of ways, I prefer to use it on a PMG that is on a PVE host at a hoster. Some types of VPS can also run PVE.
Security-wise, you can isolate each of the LXCs or VMs in separate VLANs, so you can even put separate websites. All of this is put behind an OpnSense that also has a reverse proxy in order to take only one IPv4.
While that can be done in a variety of ways, I prefer to use it on a PMG that is on a PVE host at a hoster. Some types of VPS can also run PVE.
Security-wise, you can isolate each of the LXCs or VMs in separate VLANs, so you can even put separate websites. All of this is put behind an OpnSense that also has a reverse proxy in order to take only one IPv4.
The vps has a static ip and a reverse ptr which is why I want to relay outbound mail through it. Postfix and opendkim can manage that but I'm not sure how to configure pmg to relay all outgoing mail via the vps.
I also discovered that some mta won't deliver mail to a host mx not on a static ip with a proper reverse ptr and I wouldn't know about it.
Your setup sounds fine, but I was hoping to spare the expense of another vps. I've been trying to get support for a reverse ptr and static ip with my isp, but they seem incapable of creating the ptr record for me. I even wrote to their netadmin@ and apnic.manager@ addresses but received only stony silence.
I also discovered that some mta won't deliver mail to a host mx not on a static ip with a proper reverse ptr and I wouldn't know about it.
Your setup sounds fine, but I was hoping to spare the expense of another vps. I've been trying to get support for a reverse ptr and static ip with my isp, but they seem incapable of creating the ptr record for me. I even wrote to their netadmin@ and apnic.manager@ addresses but received only stony silence.