?
Solved

Rejected IPs have generic or unresolvable PTR records.

Posted on 2010-01-12
12
Medium Priority
?
927 Views
Last Modified: 2012-06-21
RoadRunner has a policy limiting the number of emails sent per hour to its members from a specific IP: http://security.rr.com/spam.htm#ratelimit. That link provides a mechanism to permit legitimate emails, "If you're finding that your server is being rate limited (and the reason is not due to too many recipients per message), the most likely solution available to you will be to have the party responsible for your server apply for enrollment in our feedback loop."

I have registered for this enrolled with 2 IP addresses, one was accepted, the other was rejected with, "Rejected IPs have generic or unresolvable PTR records." The problem is that the emails in question originate on the rejected host.

I NEED TO FIX SOMETHING SOON!

Here is our setup: this is a retirement system. We send pension checks every month to participants. Starting this month, we are emailing the check stub info.

We have a Windows Small Business Server 2003 which is the main mail server. It serves all incoming mail and most outgoing mail. This IP was approved.

We also have a Linux webserver on both the internal lan and with a separate IP. Although this was originally just a webserver, the cron/batch facilities on Linux made it easy to do automated jobs, including emailing pension check and general announcement info.  outgoing smtp mail goes directly from this machine without first being routed through the Windows server. This is the IP being rejected.

How do I "resolve" or otherwise "ungenerify" this hosts PTR record? What can I do to fix this problem?
0
Comment
Question by:jmarkfoley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 5

Accepted Solution

by:
millscl earned 1000 total points
ID: 26296902
Whomever is providing your IP's (public IP's that is) probably does the DNS.  They'd need to add a proper PTR record for you.
0
 
LVL 11

Expert Comment

by:Patmac951
ID: 26296943
Verify you have a reverse PTR record setup for the rejected IP.

You can check it here: http://www.emailtalk.org/PTR.aspx
0
 
LVL 3

Assisted Solution

by:darkchild173
darkchild173 earned 1000 total points
ID: 26297010
Depending on who's hosting the DNS records for you, you need to ask them to register that address in the reverse lookup zone for you so that it will point back to your domain. Many mail server won't receive messages unless there's a valid PTR record for the IP address.

Here's an article that might help:
http://support.microsoft.com/kb/300171


Regards
0
Cloud Training Guides

FREE GUIDES: In-depth and hand-crafted Linux, AWS, OpenStack, DevOps, Azure, and Cloud training guides created by Linux Academy instructors and the community.

 
LVL 1

Author Comment

by:jmarkfoley
ID: 26298115
the emailtalk.org site gave me:

PTR Check Results:
12.345.67.89 PTR points to 12-345-67-89.static.twtelecom.net.
(not the real IP)

does that look right?

Time-Warner has the IP address space. The building subnet is managed by a company called Bresco Broadband. The Windows Office Server and linux host use the Bresco name servers: 66.193.88.2, 66.193.88.3 (the linux host is also using the Windows Office Server as a name server). The domain is registered with Network Solutions which also has name servers for this domain: NS51.WORLDNIC.COM NS52.WORLDNIC.COM

Where would I start?
0
 
LVL 3

Expert Comment

by:darkchild173
ID: 26301227
You need to talk to the Bresco people and tell them what you wrote here. They will know how to help you.

Good luck.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 26337980
I think the problem is that incoming all mail comes through mail.mydomain.org and outgoing from the web host goes from the webhost: webserver.mydomain.org, not routed through the mail.mydomain.org mailserver. When the RR servers look up the the IP of the message, it is different than the MX record of the mailserver. I've tried adding an MX for the webserver.mydomain.org subdomain, but that just screwed things up. E.g. mail sent from other workstations on the mydomain.org LAN to users on webserver.mydomain.org stopped getting delivered.

I think I need to route outgoing mail from webserver.mydomain.org through mail.mydomain.org. Is there a way to do that? Is that more of a sendmail questions?
0
 
LVL 3

Expert Comment

by:darkchild173
ID: 26338683
No, your outgoing mailserver does not have to be on the IP address pointed to by the MX record. Have you talked to your ISP?
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 26383641
The ISP didn't seem to think it was their problem, but I'll check again and get back.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 26475604
I am trying two things: 1) getting the ISP to create a reverse DNS and 2) routing mail through the mail server for that domain. I will get back with results.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 26550465
I have contacted roadrunner and time-warner as I give up on all solutions at this point. Roadrunner says: Rejected IPs have generic or unresolvable PTR records., yet their security.rr.com block analysis site says the PTR records are OK.

So, I have fired off an email with all this info to blockinfo@postmaster.rr.com. I will await their response.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 27631225
I received a response from RoadRunner that seems to address this problem. I will post the response in its entirety here:

Subject: [postmaster.rr.com #87955] IP 64.129.23.80 Question
From: "Todd Herr via RT" <escalations@postmaster.rr.com>
To: mfoley@novatec-inc.com
Cc: mfoley@ohprs.org
Date: Tue, 16 Feb 2010 14:11:02 +0000

Hello.

My name is Todd Herr, and I'm the Postmaster for Road Runner; I
own our anti-spam policies, and I'll be handling your case to its
conclusion.

I'm the one who processes FBL enrollment requests, and I'm the one who's
been rejecting them.

The rejection message states:

> Message from roadrunner:
> Rejected IPs have generic or unresolvable PTR records.
>
> $ host 64.129.23.80
> 80.23.129.64.in-addr.arpa domain name pointer
> 64-129-23-80.static.twtelecom.net.
>
> $ host 64.129.23.95
> 95.23.129.64.in-addr.arpa domain name pointer
> 64-129-23-95.static.twtelecom.net.

"generic or unresolvable"

While it's true that you do have PTR records for these IPs, they're what we
call "generic", meaning two things:

1. They have no reference to your domain (ohprs.org) but instead reference
   your provider (twtelecom.net)
2. They merely restate the IP address.

If you want to enroll these IPs in our FBL, get your provider, twtelecom.net
(which has no association with Time Warner Cable, meaning that we here at
Road
Runner can't help you) to change the PTR records to something like the
following:

80.23.129.64.in-addr.arpa. IN PTR ohprs.org.
95.23.129.64.in-addr.arpa. IN PTR webserver.ohprs.org.

Those hostnames seem to be the best choices, given this:

# host ohprs.org
ohprs.org has address 64.129.23.80

# host webserver.ohprs.org
webserver.ohprs.org has address 64.129.23.95

Once you've done that, then you'll be able to enroll in our FBL without
issue.

On Mon Feb 15 04:58:20 2010, mfoley@novatec-inc.com wrote:
> Thanks for your reply.  Unfortunately, this response simply restates the
> problem, but does not address a fix.  As I said in my original message,
> we have attempted the http://feedback.postmaster.rr.com/ route, as
> suggested again in this message, numerous times and wd continue to be
> rejected.  Telling us to try this again is not a viable solution and
> appears to be an automated response rather than a considered one.  I
> have re-attached our latest rejection message immediately below.
>
> I also included additional detail in my original message regarding
> security.rr.com results showing no block and dnsreport showing
> acceptable PTR records.  Unless you can describe some other steps I need
> to take I believe your rejection of our IP addresses based on PTR
> records is invalid and should be corrected on your end.
>
> My original message was attached to your ticket response email:
>
> Subject: [postmaster.rr.com #87955] AutoReply: IP 64.129.23.80 Question
> From: "Road Runner Email Deliverability Support via RT"
> To: mfoley@novatec-inc.com
> Date: Thu, 11 Feb 2010 22:43:04 +0000
>
> Please review that email again and let me know what can actually be done
> to resolve this problem. Please feel free to call me at the number below
> if these questions cannot be easily resolved via email.
>
> Regards, Mark Foley
> 614.205.3321
>
>
> -----Feedback Loop Request Rejection Message-----
> To: mfoley@ohprs.org <mfoley@ohprs.org>
> Subject: roadrunner Feedback Loop request has been processed
> From: Roadrunner Feedback Loop <feedback@feedback.postmaster.rr.com>
> Date: Tue,  9 Feb 2010 14:22:10 -0700 (MST)
>
> The request to modify your feedback loop with roadrunner has been
processed.
> --------------------------------------------------------
>
> Feedback Loop Email: rrfeedback@ohprs.org
>
> IPs approved:
> none
>
> IPs declined:
> 64.129.23.80
> 64.129.23.95
>
> Message from roadrunner:
> Rejected IPs have generic or unresolvable PTR records.
>
> $ host 64.129.23.80
> 80.23.129.64.in-addr.arpa domain name pointer
> 64-129-23-80.static.twtelecom.net.
>
> $ host 64.129.23.95
> 95.23.129.64.in-addr.arpa domain name pointer
> 64-129-23-95.static.twtelecom.net.
>
> Thank you,
> roadrunner
>
> -------------------------------------------
> Learn more about how you can reduce complaint rates and other factors
> affecting the success of your email program here:
http://www.returnpath.net/
>
>
>
>
>
> -----Original Message-----
> Subject: [postmaster.rr.com #87955] IP 64.129.23.80 Question
> From: "BP via RT" <email-support@postmaster.rr.com>
> To: mfoley@novatec-inc.com
> Cc: mfoley@ohprs.org
> Date: Sun, 14 Feb 2010 21:16:58 +0000
>
> Hello.
>
> Road Runner imposes several rate limits on inbound mail from any
> given IP address.  These limits include:
>
> - Number of simultaneous connections allowed
> - Number of recipients allowed per message
> - Number of recipients allowed per connection
> - Number of recipients allowed per hour
>
> All but the number of recipients allowed per message will vary
> depending on the IP's Return Path Sender Score Reputation Rank
> (http://www.senderscore.org/) and on whether the IP passes a
> Full Circle reverse DNS (FCrDNS) check.  This policy is documented
> in more detail here - http://security.rr.com/spam.htm#ratelimit
>
> If you're finding that your server is being rate limited (and the
> reason is not due to too many recipients per message), the most
> likely solution available to you will be to have the party
> responsible for your server apply for enrollment in our feedback
> loop:
>
>   http://feedback.postmaster.rr.com/
>
> Enrollment in our feedback loop costs nothing, and IPs accepted
> into our feedback loop will typically enjoy rate limits that are
> generous enough to meet most mailers' expectations.
>
> Two things to note here:
>
> 1. Our feedback loop is not a whitelist; this is made clear in the
>    Terms of Service to which enrolling parties must agree when
>    applying for enrollment.  This means that servers enrolled in
>    our whitelist are still subject to being blocked and/or having
>    their mail routed to our customers' Junkmail folders.
>
> 2. The limitation on number of recipients per *message* is imposed
>    system-wide, is independent of the sending server, and cannot
>    be overridden by enrollment in our feedback loop or any other
>    means.  If your problem is that you're attempting to send mail
>    addressed to more recipients than we allow for a given message,
>    structure your mailings so that there are more messages, each
>    with fewer recipients.
>
> Please let us know if you have any questions.
>


--
Todd Herr
Principal Engineer and Postmaster              V: 703.345.2447
Road Runner Email Operations                   M: 571.287.0366
therr@postmaster.rr.com                      AIM: RRMailToddHerr

0
 
LVL 1

Author Closing Comment

by:jmarkfoley
ID: 31676316
Although the solution was not straightforward, ultimately it was the ISP responsibility to get the correct PTR records configured, as you pointed out. Thanks
0

Featured Post

Quick Cloud Training

Looking for some quick training on the cloud in 2 hours or less? Check out these how-to guides in AWS, Linux, OpenStack, Azure, and more!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question