Link to home
Start Free TrialLog in
Avatar of bugs-it
bugs-it

asked on

mail blacklist

Hello
I have a problem in the mail server it got blacklist, the reason is when I send e-mail appears send from IP no the mail. Domain .com so got blacklist, so any idea how to resolve.

ASKER CERTIFIED SOLUTION
Avatar of psychogr
psychogr

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Tony J
Actually you can do the reverse lookup tests on mxtoolbox.com too

In the box for your domain, put in ptr:xxx.xxx.xxx.xxx where xxx.xxx.xxx.xxx is your domain's external mail IP address.

If you're not sure what that is, from a command prompt type:

nslookup <enter>
set type=mx
mail_domain_name.com

Also do an smtp test there - it'll tell you vital information such as whether you are an open relay.

If you are blacklisted, it may be easier to request a new IP address after following best practices remediation, as getting off of a blacklist can be a nightmware once on.
I have a problem in the mail server it got blacklist, the reason is when I send e-mail appears send from IP no the mail. Domain .com so got blacklist

Do you mean that mail you send shows the from address to be something like bob@1.2.3.4 instead of bob@domain.com ?
Avatar of bugs-it
bugs-it

ASKER

The issue is i receive message from Hotmail and from Microsoft .com when i sent them e-mail that this could be the reason why i am a blacklist, actully i feel it is from the configure of my domain Registrar at domain .com might be the A record and mx record issue but I am not sure
MX record is not going to affect mail delivery to a remote recipient.

If you have an A record missing for your sending server however, that will definitely be a problem.  You can check this at network-tools.com

Good example:
IP address: 20x.12x.16x.21x
Host name: ns1.domain.com

Open in new window

Bad example:
IP address:
Error: Host not found
Host name: ns1.domain.com

Open in new window

If you get an IP back from the A record test, then take it back to the main network-tools.com page and put that into the search box.

Good example:
IP address: 20x.12x.16x.21x
Host name: ns1.domain.com

Open in new window

Bad example:
IP address: 20x.12x.16x.21x
No host name is associated with this IP address or no reverse lookup is configured.
Error:Host not found

Open in new window

As Tony1044 mentioned, not having matching forward and reverse DNS records for your sending servers is going to cause all sorts of problems.

For future reference - pasting error logs is a huge help, and just as important is getting headers of the problem mails.  Just because it's being rejected at hotmail.com doesn't mean it will be rejected at mymailserver.com, and you may be able to get headers from there.


After you get all of this resolved, you should ask some new questions about DKIM and SPF, and how they can improve mail deliverability.
Avatar of bugs-it

ASKER

i check on the network-tools lookup give me
 IP address: 80.89.191.231
Host name: mail.bugs-it.com
80.89.191.231 is from Lebanon(LB) in region Middle East
and DNS record give me this
Retrieving DNS records for mail.bugs-it.com...

DNS servers
ns3.domain.com
ns1.domain.com
ns2.domain.com



Answer records
mail.bugs-it.com  A 80.89.191.231 3600s

Authority records
bugs-it.com  NS ns3.domain.com 3600s
bugs-it.com  NS ns1.domain.com 3600s
bugs-it.com  NS ns2.domain.com 3600s

Additional records
ns1.domain.com  A 72.5.54.12 3600s
ns2.domain.com  A 72.5.54.13 3600s
ns3.domain.com  A 64.94.31.85 3600s




anything i have to cdo you think or it is correct setting



Nothing looks out of the ordinary there, but can you post some results for an SMTP test at www.mxtoolbox.com? 

Hint: if you browse to www.mxtoolbox.com and in the domain lookup box, type smtp:mail.bugs-it.com it'll do the SMTP tests.
http://www.mxtoolbox.com/SuperTool.aspx?action=smtp%3amail.bugs-it.com

Click on the link for help getting off the blacklists.

There don't appear to be any major issues other than being blacklisted.

Can you send an email to another account (not on your email server) and look at the details? Who it is from, etc?

I think if you can get off the blacklists and then implement SPF as a starting point, you should be ok.
As tony1044 said, there's nothing wrong with your dns records but your server is listed on spam lists.
That means only one thing: Something 'inappropriate' was sent from your server and/or the network your server is attached. You should definitely address this issue and pinpoint the source of the spam.

Two common scenarios:
A.) Stolen passwords.
B.) Infected server and/or workstation.

For Scenario A is quite easy to find if its true. Just take a look at your servers ques . Then take a look at your servers logs to find out which account password is stolen. Lock down the account and change password asap.
Scenario b is more complicated due to the work hours required. You could easily disable access to the port 25 during your 'investigation' for all workstations except mail server. Find infected machine and remove it from network till is cleaned.

Good luck mate.
Avatar of bugs-it

ASKER

solve part of the problem