Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

mail blacklist

Posted on 2011-09-19
10
Medium Priority
?
488 Views
Last Modified: 2012-05-12
Hello
I have a problem in the mail server it got blacklist, the reason is when I send e-mail appears send from IP no the mail. Domain .com so got blacklist, so any idea how to resolve.

0
Comment
Question by:bugs-it
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 8

Accepted Solution

by:
psychogr earned 1500 total points
ID: 36565165
Navigate to http://mxtoolbox.com/ , lookup your domain and then hit blacklist check. If any request delisting.


Finaly navigate to : http://www.linuxmagic.com/best_practices/check_ip_reverse_dns.html and make sure you follow all best practices. Reverse dns is very important and many spam filters requires proper reverse dns lookup.

Im here for further assistance.
Cheers

0
 
LVL 26

Expert Comment

by:Tony J
ID: 36565595
Actually you can do the reverse lookup tests on mxtoolbox.com too

In the box for your domain, put in ptr:xxx.xxx.xxx.xxx where xxx.xxx.xxx.xxx is your domain's external mail IP address.

If you're not sure what that is, from a command prompt type:

nslookup <enter>
set type=mx
mail_domain_name.com

Also do an smtp test there - it'll tell you vital information such as whether you are an open relay.

If you are blacklisted, it may be easier to request a new IP address after following best practices remediation, as getting off of a blacklist can be a nightmware once on.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36565661
I have a problem in the mail server it got blacklist, the reason is when I send e-mail appears send from IP no the mail. Domain .com so got blacklist

Do you mean that mail you send shows the from address to be something like bob@1.2.3.4 instead of bob@domain.com ?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:bugs-it
ID: 36565755
The issue is i receive message from Hotmail and from Microsoft .com when i sent them e-mail that this could be the reason why i am a blacklist, actully i feel it is from the configure of my domain Registrar at domain .com might be the A record and mx record issue but I am not sure
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36565826
MX record is not going to affect mail delivery to a remote recipient.

If you have an A record missing for your sending server however, that will definitely be a problem.  You can check this at network-tools.com

Good example:
IP address: 20x.12x.16x.21x
Host name: ns1.domain.com

Open in new window

Bad example:
IP address:
Error: Host not found
Host name: ns1.domain.com

Open in new window

If you get an IP back from the A record test, then take it back to the main network-tools.com page and put that into the search box.

Good example:
IP address: 20x.12x.16x.21x
Host name: ns1.domain.com

Open in new window

Bad example:
IP address: 20x.12x.16x.21x
No host name is associated with this IP address or no reverse lookup is configured.
Error:Host not found

Open in new window

As Tony1044 mentioned, not having matching forward and reverse DNS records for your sending servers is going to cause all sorts of problems.

For future reference - pasting error logs is a huge help, and just as important is getting headers of the problem mails.  Just because it's being rejected at hotmail.com doesn't mean it will be rejected at mymailserver.com, and you may be able to get headers from there.


After you get all of this resolved, you should ask some new questions about DKIM and SPF, and how they can improve mail deliverability.
0
 

Author Comment

by:bugs-it
ID: 36565955
i check on the network-tools lookup give me
 IP address: 80.89.191.231
Host name: mail.bugs-it.com
80.89.191.231 is from Lebanon(LB) in region Middle East
and DNS record give me this
Retrieving DNS records for mail.bugs-it.com...

DNS servers
ns3.domain.com
ns1.domain.com
ns2.domain.com



Answer records
mail.bugs-it.com  A 80.89.191.231 3600s

Authority records
bugs-it.com  NS ns3.domain.com 3600s
bugs-it.com  NS ns1.domain.com 3600s
bugs-it.com  NS ns2.domain.com 3600s

Additional records
ns1.domain.com  A 72.5.54.12 3600s
ns2.domain.com  A 72.5.54.13 3600s
ns3.domain.com  A 64.94.31.85 3600s




anything i have to cdo you think or it is correct setting



0
 
LVL 26

Expert Comment

by:Tony J
ID: 36565971
Nothing looks out of the ordinary there, but can you post some results for an SMTP test at www.mxtoolbox.com? 

Hint: if you browse to www.mxtoolbox.com and in the domain lookup box, type smtp:mail.bugs-it.com it'll do the SMTP tests.
0
 
LVL 26

Expert Comment

by:Tony J
ID: 36565996
http://www.mxtoolbox.com/SuperTool.aspx?action=smtp%3amail.bugs-it.com

Click on the link for help getting off the blacklists.

There don't appear to be any major issues other than being blacklisted.

Can you send an email to another account (not on your email server) and look at the details? Who it is from, etc?

I think if you can get off the blacklists and then implement SPF as a starting point, you should be ok.
0
 
LVL 8

Expert Comment

by:psychogr
ID: 36567826
As tony1044 said, there's nothing wrong with your dns records but your server is listed on spam lists.
That means only one thing: Something 'inappropriate' was sent from your server and/or the network your server is attached. You should definitely address this issue and pinpoint the source of the spam.

Two common scenarios:
A.) Stolen passwords.
B.) Infected server and/or workstation.

For Scenario A is quite easy to find if its true. Just take a look at your servers ques . Then take a look at your servers logs to find out which account password is stolen. Lock down the account and change password asap.
Scenario b is more complicated due to the work hours required. You could easily disable access to the port 25 during your 'investigation' for all workstations except mail server. Find infected machine and remove it from network till is cleaned.

Good luck mate.
0
 

Author Closing Comment

by:bugs-it
ID: 36912559
solve part of the problem
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question