We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Emails being sent from our webserver are reported as spam

welshiv
welshiv asked
on
Medium Priority
331 Views
Last Modified: 2013-12-17
We have several websites on which visitors can sign up for various things, such as newsletters, warranty registration, etc. The sites use a php sendmail script to send out those emails/confirmation emails. The issue we are having is that for some reason, our webserver IP address is being reported as a spammer with CBL. How can I prevent this from happening?

Additionally, we have two mail domains. Our main one is @acme.net, however we have recently started using @acme.com as well. Email sent to a user at either address will go to the same mailbox. We are properly setup with Reverse DNS, etc. with the @acme.net domain, but not with the @acme.com one. How do I go about setting up the @acme.com with proper reverse DNS, etc?

The mail being sent from the webserver is using a @acme.com address, so I don't know if that is a contributing factor to the issue. Your help is appreciated - thanks.
Comment
Watch Question

yes not having reverse DNS is a prime cause of a suspect SPAM, you would need a reverse PTR record in DNS for your Outgoing Mail servers name pointing to its IP, if your ISP hosts DNS for you then you will need to make a request at your ISP for this,

so if you do nslookup with your Outgoing Mail servers name ( FQDN) then it should point you to the correct IP

Author

Commented:
The outgoing mail server is setup correctly - the mail in question is being sent from the webserver, not the mail server
You don't need to set up "reverse dns" for domains, only for IP addresses, so I don't think you need any new "reverse DNS" entries when adding a domain to your e-mail server.

If you're being blacklisted because your web server is allowing anyone to "sign up" and receive an e-mail confirmation, there's not much that you can do. Perhaps someone has used your forms to subscribe people who didn't want the e-mail. You may make it harder to fill out the forms by automated means by making it multiple pages or using a CAPTCHA.

If you're being blacklisted because your form processor is able to be manipulated to send spam to anyone, or if your web server is otherwise compromised or running other vulnerable scripts that can be used to send spam, that's another story. You should look at the logs of those visiting your web forms to see if you can find anything suspicious, and also start logging outgoing traffic on port 25 from your web server to determine if you have a security problem.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Commented:
Don't use PHP's mail() function, it's horrible. Get the pear mail package:

http://pear.php.net/package/mail/

It enables you to set the delivery method to SMTP rather than using the local server's sendmail. Set it to relay to your actual mail server so your mail server is tasked with delivering the messages.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.