Solved

Emails from my domain are getting bounced back from certain email providers.

Posted on 2007-11-16
4
595 Views
Last Modified: 2013-11-30
I work for a small school. We were experiencing a huge spam problem and decided to implement a spam filter (Securance). An outside company set it up for us and made the appropriate changes to MX records on our firewall. The spam stopped, however, we began developing a problem with bounced back emails. Email sent to mail providers such as yahoo, earthlink and hotmail (among others) immediately gets bounced back.

Here is an error message from yahoo:

"Sorry. Your message could not be delivered to:
yahoo.com
      <greeting wait>
      Received: 553 Mail from xx.xx.xx.xx not allowed - [10]"

Here is an error message from earthlink:

"Sorry. Your message could not be delivered to:
earthlink.net
      MAIL FROM:<xxxxxx@xxxxxxx.org> SIZE=1003
      Received: 550 550 Dynamic/zombied/spam IPs blocked. Write blockedbyearthlink@abuse.earthlink.net"

It came to my attention that when doing a reverse DNS lookup, the IP for my mail server was pointing to my  Internet Service Provider. I had the ISP place a PTR record that tied the IP for my mail server to my domain. It didn't solve the problem. I then realized that for some reason yahoo was giving me an error with the IP for my firewall, not my mail server. Doing a reverse DNS lookup of my firewall IP again came up as my ISP. I then had the ISP place another PTR record that tied my IP for the firewall to my domain. This didn't work either.

Now when I do a reverse DNS lookup for the IP of our mail server, it comes up with our domain. When I do a reverse DNS lookup for the IP of our firewall it comes up with our domain, then an error message. The error message is as follows:

*ERROR* A record for mail.xxxxxxxx.org. does not point back to original IP (A record may be cached).

Also, as side note, I've already gone and checked our IP's with all of the major blacklists. Non of them indicated that our IP's were spammers.

Any help is greatly appreciated. Thanks!
0
Comment
Question by:u_c2moore
4 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 250 total points
ID: 20301578
Check the RBLs and make sure that your server is not blacklisted:

http://www.mxtoolbox.com/blacklists.aspx?AG=GBL&gclid=CIXK7_KyoYkCFS7OJAodLw7tUQ

You need to go to the sites that are blocking your email and ask to be whitelisted again.

Here is help for aol:

http://www.spamresource.com/2007/01/how-to-deliver-mail-to-aol.html

yahoo:

http://help.yahoo.com/l/us/yahoo/ysm/ts/contact/contact-92896.html

earthlink:

blockedbyearthlink@abuse.earthlink.net"
0
 
LVL 4

Assisted Solution

by:mdcsea
mdcsea earned 250 total points
ID: 20308909
Given how many changes you have made to your DNS (likely in a short period of time) that may not be a blacklist issue.  That said, be very sure you are not blacklisted, you can use the site suggested by  jesper or the blacklist lookup at dnstuff.com which will also check several sites at once.  

Since this has all happened since the change to a spam filtering service, it's much more likely that you still have something about DNS that is not correct or you have made so many changes in such a short period of time that cached records remain out on the internet.  It's been 48 hours since your original post so, depending on the TTL for your DNS, much of that cached information may now have been purged.

You haven't stated whether you have a properly configured SPF record for the domain - that is also tested by some providers, especially major providers, notably Hotmail.

If you are still having problems at this point (48 hours later), some specifics about your situation are necessary.  Provide your domain name, the IP of your mail server and the IP of the spam filter and I'll have a look at your zone file and see if it's properly configured and see if you have a proper SPF record.

Good luck!
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question