As promised I'm back to share my experiences running SME mailserver with a static IP (which does not match anylonger the topic, maybe it should be changed).
The server location is in Germany, ISP is German Telekom and domain hoster is STRATO. If anyone intends to run on the same path I highly recommend to start the whole process on a weekend. This is because the DNS-servers needs time to sync everything properly.
First get a static IP. The IP I got from the Telekom was blacklistet first. I don't know why or how, but some time later it was not anymore on any blacklist. Which is still a miracle to me. This should be checked carefully, otherwise your email might not reach your receipients. Next step would be to point the static IP on your server. This has to be done in the Telekom settings. Go to the reverse DNS. It has to be your servername.foobar.com. The Telekom allows up to 30 reverse DNS entries. I made the mistake to enter also the mail.foobar.com as reverse DNS. That did not work. There can be only one reverse DNS and this has to be the servername.foobar.com.
Now go to your domain hoster which is in my case STRATO. If you don't have already subdomains you need to create at least mail.foobar.com, servername.foobar.com and if you have letsencrypt installed, you should also create the subdomain
www.foobar.com.
In the domain settings of the domain you have to point the A-record and the AAAA-record to the static IP (IP4 and IP6) of your SME mailserver. The MX-record has to be your own mailserver and named to mail.foobar.com. You'll do this for your main domain and the two subdomains servername.foobar.com and mail.foobar.com.
In the main domain you add as TXT-records your spf and DKIM settings/values. For the DKIM is a prefix needed: default._domainkey. The spf needs no prefix, just the TXT between the quotes. Don't use the quotes if you grep from the command line qpsmtpd-print-dns. For STRATO it's not working with the quotes. Unfortunatley STRATO does not support DMARC in their DNS servers. You may enter the DMARC TXT-record anyway, it does not harm.
If all this is done, be patient. Better 48 than 24 hours.
If you used fetchmail in your email configuration of your SME server don't forget to change this now. Same for the SMTP settings. If you fetched the email from a catchall account you might want to set this account temporarily inactive. Now you're ready to test your SME mailserver with a static IP.
You may test your email with
https://www.mail-tester.com/. In my case the result is a score of 8.9/10. There's still an issue with the DNS and DKIM (I'm told to do the test again in 12 hours, in fact the DKIM hasn't been changed in the last 48 hours, so I don't know why, maybe it's still taking time to sync all DNS servers.) There's shown the old and the new key, which is pretty much the same except of removing the "t=y" at the end of the key. This gives me a -1 of the overall score.
And of course, DMARC is missing simply because STRATO does not support it.
This works for me, maybe it can help others to save time.
Regards,
stefan