Solved

mail blacklist

Posted on 2011-09-19
10
450 Views
Last Modified: 2012-05-12
Hello
I have a problem in the mail server it got blacklist, the reason is when I send e-mail appears send from IP no the mail. Domain .com so got blacklist, so any idea how to resolve.

0
Comment
Question by:bugs-it
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 8

Accepted Solution

by:
psychogr earned 500 total points
ID: 36565165
Navigate to http://mxtoolbox.com/ , lookup your domain and then hit blacklist check. If any request delisting.


Finaly navigate to : http://www.linuxmagic.com/best_practices/check_ip_reverse_dns.html and make sure you follow all best practices. Reverse dns is very important and many spam filters requires proper reverse dns lookup.

Im here for further assistance.
Cheers

0
 
LVL 26

Expert Comment

by:Tony Johncock
ID: 36565595
Actually you can do the reverse lookup tests on mxtoolbox.com too

In the box for your domain, put in ptr:xxx.xxx.xxx.xxx where xxx.xxx.xxx.xxx is your domain's external mail IP address.

If you're not sure what that is, from a command prompt type:

nslookup <enter>
set type=mx
mail_domain_name.com

Also do an smtp test there - it'll tell you vital information such as whether you are an open relay.

If you are blacklisted, it may be easier to request a new IP address after following best practices remediation, as getting off of a blacklist can be a nightmware once on.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36565661
I have a problem in the mail server it got blacklist, the reason is when I send e-mail appears send from IP no the mail. Domain .com so got blacklist

Do you mean that mail you send shows the from address to be something like bob@1.2.3.4 instead of bob@domain.com ?
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 

Author Comment

by:bugs-it
ID: 36565755
The issue is i receive message from Hotmail and from Microsoft .com when i sent them e-mail that this could be the reason why i am a blacklist, actully i feel it is from the configure of my domain Registrar at domain .com might be the A record and mx record issue but I am not sure
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36565826
MX record is not going to affect mail delivery to a remote recipient.

If you have an A record missing for your sending server however, that will definitely be a problem.  You can check this at network-tools.com

Good example:
IP address: 20x.12x.16x.21x
Host name: ns1.domain.com

Open in new window

Bad example:
IP address:
Error: Host not found
Host name: ns1.domain.com

Open in new window

If you get an IP back from the A record test, then take it back to the main network-tools.com page and put that into the search box.

Good example:
IP address: 20x.12x.16x.21x
Host name: ns1.domain.com

Open in new window

Bad example:
IP address: 20x.12x.16x.21x
No host name is associated with this IP address or no reverse lookup is configured.
Error:Host not found

Open in new window

As Tony1044 mentioned, not having matching forward and reverse DNS records for your sending servers is going to cause all sorts of problems.

For future reference - pasting error logs is a huge help, and just as important is getting headers of the problem mails.  Just because it's being rejected at hotmail.com doesn't mean it will be rejected at mymailserver.com, and you may be able to get headers from there.


After you get all of this resolved, you should ask some new questions about DKIM and SPF, and how they can improve mail deliverability.
0
 

Author Comment

by:bugs-it
ID: 36565955
i check on the network-tools lookup give me
 IP address: 80.89.191.231
Host name: mail.bugs-it.com
80.89.191.231 is from Lebanon(LB) in region Middle East
and DNS record give me this
Retrieving DNS records for mail.bugs-it.com...

DNS servers
ns3.domain.com
ns1.domain.com
ns2.domain.com



Answer records
mail.bugs-it.com  A 80.89.191.231 3600s

Authority records
bugs-it.com  NS ns3.domain.com 3600s
bugs-it.com  NS ns1.domain.com 3600s
bugs-it.com  NS ns2.domain.com 3600s

Additional records
ns1.domain.com  A 72.5.54.12 3600s
ns2.domain.com  A 72.5.54.13 3600s
ns3.domain.com  A 64.94.31.85 3600s




anything i have to cdo you think or it is correct setting



0
 
LVL 26

Expert Comment

by:Tony Johncock
ID: 36565971
Nothing looks out of the ordinary there, but can you post some results for an SMTP test at www.mxtoolbox.com? 

Hint: if you browse to www.mxtoolbox.com and in the domain lookup box, type smtp:mail.bugs-it.com it'll do the SMTP tests.
0
 
LVL 26

Expert Comment

by:Tony Johncock
ID: 36565996
http://www.mxtoolbox.com/SuperTool.aspx?action=smtp%3amail.bugs-it.com

Click on the link for help getting off the blacklists.

There don't appear to be any major issues other than being blacklisted.

Can you send an email to another account (not on your email server) and look at the details? Who it is from, etc?

I think if you can get off the blacklists and then implement SPF as a starting point, you should be ok.
0
 
LVL 8

Expert Comment

by:psychogr
ID: 36567826
As tony1044 said, there's nothing wrong with your dns records but your server is listed on spam lists.
That means only one thing: Something 'inappropriate' was sent from your server and/or the network your server is attached. You should definitely address this issue and pinpoint the source of the spam.

Two common scenarios:
A.) Stolen passwords.
B.) Infected server and/or workstation.

For Scenario A is quite easy to find if its true. Just take a look at your servers ques . Then take a look at your servers logs to find out which account password is stolen. Lock down the account and change password asap.
Scenario b is more complicated due to the work hours required. You could easily disable access to the port 25 during your 'investigation' for all workstations except mail server. Find infected machine and remove it from network till is cleaned.

Good luck mate.
0
 

Author Closing Comment

by:bugs-it
ID: 36912559
solve part of the problem
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
how to add IIS SMTP to handle application/Scanner relays into office 365.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question