Hello. Large percentage of mail is coming back as undelivered with message - You do not have permission to send to this recipient. For assistance, contact your system administrator. <domain.ie #5.7.1 smtp;550 5.7.1 This system is configured to reject mail from IP address. > Our mail is hosted with digiweb in Ireland and the connection to the outside world is through eircom in Ireland. The Ip address listed is the external static address of the eircom router. So we have a mix of two providers. Only a percentage of mails fail. Gmail gets through ok. Some mail get sent to Spam folders. Therefore I believe it to be a Reverse DNS issue. The MX records on our domain returns the digiweb mail hosting. Reverse DNS on the ip address from eircom returns itself. Thanks in advance. PS.
Hi, basically you are right. The thing is that antispam protection sometimes uses reverse DNS lookups. If the recipient's antispam app will find out, that the forward lookup and reverse lookup do not match, they can drop the message considering it to be spam. The antispam app just "thinks" that you are sending a messages with spoofed address.
Maybe you already know but just in case :-) the following. Your reverse DNS should be applied for at your xDSL provider. Not where you host your domain name. If it;s the same company it doesn't matter.
Guys - Found out yesterday we are blacklisted by CBL. Done all the "stuff" but not appearing to removed from List. Thanks for your responses but on the plus side my ISP have set up my rDNS.
>>Guys - Found out yesterday we are blacklisted by CBL. >>Done all the "stuff" but not appearing to removed from List.
What have you tried to do? can you give me the site on wich you found you were blacklisted? Maybe we can help. >>but on the plus side my ISP have set up my rDNS. Always good to hear we're making improvements.
I was blacklisted on cbl.abuseat.org The reason given by them to me afterwards was that I was spamming through the external IP address of the broadband router. - i eventually got a e-mail address for them and was able to get in contact.
I had realised that this was the root cause and had spent time with wireShark trying to locate the offending machine but was unsuccessful ( could be my lack of knowledge of the tool rather than the tool itself ). I located the issue throught the logs on my sonicwall firewall. The rules on the firewall were a bit lapse and when I tightened - i.e. Only allow mail servers access via port 25 ( SMTP ) I could see the the errors from the IP address of the laptop trying to access port 25. There was a backdoor,trojan on this machine and once cleaned I had no issue.
Concern was that was 08:00 hours on a Wednesday , I was not removed from the Blacklist until 17:30 of the same day.
To Summarise.
Access Firewall. Allow only IP address of the Mail Server(s) access to SMTP port 25. Deny IP address of all other devices on the N/W access to SMTP port 25. Check the logs - IP address of offending machine appears in logs beside error on Port 25. Clean Machine. Contact Blacklister - This is very important because although the website had a request button to say "Remove from Blacklist" this was not done until I made contact with the via e-mail.
Note :- The offeneding machine was a laptop that was taken off site the previous week to get software loaded on it at a suppliers site. Also some "glitch" meant that this ( and once checked another 3 machines ) were not getting updated from server with latest virus definitions.
