Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Issue with spam engine

Posted on 2013-05-25
5
Medium Priority
?
378 Views
Last Modified: 2013-08-07
G'day guys/girls

I have a client who has reported that his email won't send to a particular person (company).
Now I have gone through the SPF records using the wizard provided by No-IP but he apparently still has issues.

domain name is :

http://cleandrum.com

error is the following:

This is the mail system at host mail.swartsit.com.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

                   The mail system

<name<at>industrialpackaging.com.au>: host mx4.netregistry.net[202.124.241.196]
    said: 550 118.88.20.79 is not allowed to send mail from cleandrum.com.
    Please see
 
http://www.openspf.net/Why?scope=mfrom;identity=roger@cleandrum.com;ip=118.88.20.79
    (in reply to end of DATA command)

but my spf record clearly states that IP as being able to send. Am I going nuts, or do I not understand SPF records properly??

Thanks in advance

Regards,
Steven Swarts
0
Comment
Question by:sjswarts
  • 3
  • 2
5 Comments
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 39196360
mx:cleandrum.com  
mx
Pref       Hostname       IP Address       TTL       
5       mail.cleandrum.com       118.88.20.78       30 min       Blacklist Check      SMTP Test
10       mail1.no-ip.com       8.23.224.50       30 min       Blacklist Check      SMTP Test
15       mail2.no-ip.com       69.65.5.113       30 min       Blacklist Check      SMTP Test

spf

+       mx             Pass       Match if IP is one of the MX hosts for given domain name
+       a       118.88.20.78       Pass       Match if IP has a DNS 'A' record in given domain
+       a       118.88.20.79       Pass       Match if IP has a DNS 'A' record in given domain

Which it doesn't you only have the 1 A record add another one i.e  a 118.88.20.79 mail2.cleandrum.com
0
 

Author Comment

by:sjswarts
ID: 39196698
Ok I have done that now, but I don't understand why it needs it in the first place.

Originally I had only a spf record of the following:

+       mx             Pass       Match if IP is one of the MX hosts for given domain name
+       a       118.88.20.78       Pass       Match if IP has a DNS 'A' record in given domain

figured that would be fine so why would my server try to send email using the IP 118.88.20.78??

Just for your information:

Debian server 64bit
ISPConfig 3 control panel installed
IP's: 118.88.20.78 and 118.88.20.79

Never had this issue before, now it seems to be an issue? Is that some new anti-spam thing or am I doing something wrong?
0
 

Author Comment

by:sjswarts
ID: 39196735
Ok I sent on behalf of the user an email to spf-test@openspf.net

This is what came back:


<spf-test@openspf.net>: host mailout02.controlledmail.com[72.81.252.18] said:
    550 5.7.1 <spf-test@openspf.net>: Recipient address rejected: SPF Tests:
    Mail-From Result="permerror": Mail From="name<at>cleandrum.com" HELO
    name="mail.swartsit.com" HELO Result="none" Remote IP="118.88.20.79" (in
    reply to RCPT TO command)

Again I don't know where it gets the 118.88.20.79 address from because mail.swartsit.com is set to 118.88.20.78

As part of the system I am running Postfix and Dovecot, but I have no specific bind to either IP. Is it possible that it might be binding to any? or does that not affect it? I just want it to use only one IP to send from. For me Multiple IP's are used for Apache SSL connections.
0
 
LVL 84

Accepted Solution

by:
David Johnson, CD, MVP earned 1500 total points
ID: 39196762
until you add the 'a' record you cannot send from 20.79 unless you modify your spf record.. I have no idea of what your configuration is.. but if you want to allow it to use either ip address you HAVE to add the a record that I  mentioned earlier
0
 

Author Comment

by:sjswarts
ID: 39212367
Sorry about the delay but I was away for a week.

Anyway just to clarify:

Virtual Dedicated Server, Debian system, ISPConfig control panel. 2 IP addresses - 20.78 and 20.79

I don't understand how postfix binds to the wrong IP, to my knowledge it never used to. HOw would I go about making it bind only to a singular IP?

In relation to the SPF record I don't want cleandrum.com to be listed as sending from either 20.78 or 20.79 instead I just want 20.78 to be the only IP used for email sending and receiving.

Please excuse my limited understanding, I'm trying to be as forth coming with information so that you can better help me out.

Regards,
Steve
0

Featured Post

Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: Shawn
IT teams define success as solving problems quickly. To enable ITSM modernization we have to think of adopting the tools and methods that will enable resolution of ITSM issues more quickly.
While Plesk offers many potential benefits to website administrators, including compatibility with Windows Server and other leading technologies, the company has also been working to differentiate it from other control panels for content management…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question