suse, sendmail, linksys router, mailman architecture is getting some mail sent to spam/junk mail folders

Posted on 2006-06-03
Last Modified: 2013-11-30
I have setup mailman on a suse box using sendmail behind a linksys router.  I have a domain and mx record setup at  The functionality is working; however, the mail sent through mailman/sendmail/linksys router is getting sent to my junk folder at my account, the mail does not make it to my account, and everything works fine with my various accounts, meaning the mail doesn't get sent to my spam folder for may accounts.  It goes to my inbox.  One thought is that yahoo and msn are somehow identifying where the mail is sent from asside from the domain name.  The from address used my mailman is the correct domain.  For example, the confirmation notice below is sent from mailman.  Notice the reference to the IP which is my linksys router.  Any insight is greatly appreciated.

Mailing list subscription confirmation notice for mailing list

We have received a request from for subscription of your
email address, "", to the
mailing list.  To confirm that you want to be added to this mailing
list, simply reply to this message, keeping the Subject: header
intact.  Or visit this web page:

Question by:jdzemke
    LVL 31

    Expert Comment

    Some clarification:
    Mail doesn't get sent to a specific folder - it is transmitted to a receiving end server, which acceps the mail or doesn't accept the mail. If it is accepted, it can be processed by internal goings-on to place it in your SPAM folder in your web access page, but that is another story. On the server, everything ends up in the inbox, so to speak.

    If  your messages aren't accepted, you must look at your credentials. Is your server/domain blacklisted (you have been discovered as an open relay or something); does your domain name stand up to a reverse DNS lookup?

    Some big outfits do block certain IP address ranges, because they are (or are suspected to be) in a dynamic IP range, which is a bit suspicious in the mail business. You may have to contact the recipients to get you off the list...
    LVL 3

    Assisted Solution


    If I understood correctly, mail coming out from your server gets marked as spam, by most well known e-mail providers, like MSN or Yahoo...

    1. If you have a fixed IP, check if this ip is black listed. I normally check it here:

    2. If your IP is dynamic, and you use some DNS updating client such as no-ip, you should consider having your setup changed to a one with a fixed IP. Other mail servers and their spam checking tools will trust you more.

    3. Consider asking your ISP to put reverse dns entry to the fixed IP you have on your linksys router to match with the MX record. i.e. if your mail server listed in mx record is, make sure your fixed IP on the router resolves to That too will help you prove that you are not a spammer.

    4. Can you post the full headers of your messages, that end-up in Junk mail folder. I.e. go to the yahoo account that recieved your mail and put it to the spam folder, and enable full header views. Some mail servers may actually put the spam checking results into the headers, that will help you locate the problem.

    5. Lastly, consider having a real-ip on your linux server, if you really need to run a proper e-mail server.

    Hope this helps.


    Author Comment

    Stats - Below is the full header view from the yahoo account I am using.  Are you able to recognize anything in the message below that would force this mail into the "bulk"/spam folder?  The Received: from linux.local is suspect.

    Bear with me on this.  Even if I get a static IP from my ISP (which would get assigned to my linksys router) and I do port forwarding through my linksys router, wouldn't I experience the same problem?  I am trying to get a clarification on the "real-ip" comment.  Maybe you are referring to my linux box being setup as a dhcp client.

    I really appreciate the insight.

    full header view from yahoo ---------------------------------------
    X-Apparently-To: via; Sat, 03 Jun 2006 11:52:02 -0700
    X-YahooFilteredBulk: 8X.4X.5X.7X
    X-Originating-IP: [8X.4X.5X.7X]
    Return-Path: <>
    Authentication-Results:; domainkeys=neutral (no sig)
    Received: from 8X.4X.5X.7X (EHLO (8X.4X.5X.7X) by with SMTP; Sat, 03 Jun 2006 11:52:02 -0700
    Received: from linux.local (localhost []) by (8.12.2/8.12.2/SuSE Linux 0.6) with ESMTP id k53Dk5f6001250 for <>; Sat, 3 Jun 2006 08:46:05 -0500
    MIME-Version: 1.0
    Content-Type: text/plain; charset="us-ascii"
    Content-Transfer-Encoding: 7bit
    From:  Add to Address Book  Add Mobile Alert  
    Subject: confirm a9701efa6def7d33c3bb4974c107b9688d1d1c9b
    Message-ID: <>
    Date: Sat, 03 Jun 2006 08:46:04 -0500
    Precedence: bulk
    X-Mailman-Version: 2.1.6
    List-Id: <>
    X-List-Administrivia: yes
    Content-Length: 563
    LVL 31

    Accepted Solution

    I still think that some domains (e.g. yahoo in this case) identifies your IP as belonging to a "suspicious" range of IP's. If your setup with your ISP gives you a dynamic IP (the router is a DHCP client on the WAN side), you may have a problem there. If you have a static, public IP (on the router WAN side), it doesn't matter what happens on the inside of that router, although I would personally prefer to have my servers on static IP on my LAN.

    Anyway, since things work OK with Gmail, I suppose you may have a good IP and that a working reverse DNS lookup can be made, so the fact that the messages end up in the "bad mail" depot may have other reasons. Yahoo and others may use some kind of adaptive filter that happens to look for some particular detail in the incoming messages, one detail that happens to be present in your outgoing mail. Perhaps the "localhost(" thing, or something else. Are you running your server on your workstation?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    I was recently sitting at a desk at work with one of my colleagues and needed some information on my home computer. He watched as I turned on my home computer, established a remote session into it, got the information I needed and then shut it down …
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now