explanation of spam prevention and blacklists
Posted on 2010-08-17
Can someone explain a few things about spam prevention, blacklists and exchange RBLs...
Basically, as I understood it, if you are running an exchange server then it is of primary importance that you keep your public IP(s) off of blacklists - otherwise when your sending email from your org, your IP will be flagged as blacklisted and the receiving server will not (in some instances) accept the transmission - thats fair enough.
However, I have come across situations on several occasions now, whereby emails are being blocked from some of the organizations my company manages (we are IT services provider) - even though we are using pop email!
For example, Company A that we look after, they are using pop email provided by BT Internet - they have BT email addresses which are aliased to say email@example.com
so outlook is set up with pop and smtp servers for bt - all mail is sent through bt smtp servers.
BUT, they are being blocked from sending to a particular address, say firstname.lastname@example.org - they are getting a message back to the effect that the mailbox doesnt exist - I know it does, because if I telnet from my location to the external addresses mx servers, I can successfully send an email to the address.
If I telnet from Company As office, I can connect, give from address, fine. But when I type in the recipients email (the contact at the external company) I get an error saying mail cannot be sent because the IP (company As public IP (which is dynamic because they're only using pop email)) is blacklisted.
I checked company As IP address on mxtoolbox.com and it is indeed blacklisted - by SORbs and all three of the UCL Protects. Message on Sorbs is:
[MU] Dynamic/Generic IP/rDNS address, use your ISPs mail server or get rDNS set to indicate static assignment.
So I read from this that the IP is blacklisted because its on a dynamic IP block - and mail shouldnt be sent from there - also fine.
So my question (after all that) is:
If we are sending email via BTs smtp servers (which we are) why is Company A's public IP being flagged as blacklisted - when the mail isnt coming directly from there??
And what can be done about this?
Just to highlight this some more, I know another very large corporation, who uses the same blacklisting techniques, and I cant send them email from my office - because we are also on dynamic IP (even though we use pop mail) - when I look my ip range up on mxtoolbox, it says its blacklisted like 28,000 ips in my subnet for whatever reason, so does that mean this company are possibly missing communications from such a large area because of spam prevention conditions...???