Solved

Issue with spam engine

Posted on 2013-05-25
5
363 Views
Last Modified: 2013-08-07
G'day guys/girls

I have a client who has reported that his email won't send to a particular person (company).
Now I have gone through the SPF records using the wizard provided by No-IP but he apparently still has issues.

domain name is :

http://cleandrum.com

error is the following:

This is the mail system at host mail.swartsit.com.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

                   The mail system

<name<at>industrialpackaging.com.au>: host mx4.netregistry.net[202.124.241.196]
    said: 550 118.88.20.79 is not allowed to send mail from cleandrum.com.
    Please see
 
http://www.openspf.net/Why?scope=mfrom;identity=roger@cleandrum.com;ip=118.88.20.79
    (in reply to end of DATA command)

but my spf record clearly states that IP as being able to send. Am I going nuts, or do I not understand SPF records properly??

Thanks in advance

Regards,
Steven Swarts
0
Comment
Question by:sjswarts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39196360
mx:cleandrum.com  
mx
Pref       Hostname       IP Address       TTL       
5       mail.cleandrum.com       118.88.20.78       30 min       Blacklist Check      SMTP Test
10       mail1.no-ip.com       8.23.224.50       30 min       Blacklist Check      SMTP Test
15       mail2.no-ip.com       69.65.5.113       30 min       Blacklist Check      SMTP Test

spf

+       mx             Pass       Match if IP is one of the MX hosts for given domain name
+       a       118.88.20.78       Pass       Match if IP has a DNS 'A' record in given domain
+       a       118.88.20.79       Pass       Match if IP has a DNS 'A' record in given domain

Which it doesn't you only have the 1 A record add another one i.e  a 118.88.20.79 mail2.cleandrum.com
0
 

Author Comment

by:sjswarts
ID: 39196698
Ok I have done that now, but I don't understand why it needs it in the first place.

Originally I had only a spf record of the following:

+       mx             Pass       Match if IP is one of the MX hosts for given domain name
+       a       118.88.20.78       Pass       Match if IP has a DNS 'A' record in given domain

figured that would be fine so why would my server try to send email using the IP 118.88.20.78??

Just for your information:

Debian server 64bit
ISPConfig 3 control panel installed
IP's: 118.88.20.78 and 118.88.20.79

Never had this issue before, now it seems to be an issue? Is that some new anti-spam thing or am I doing something wrong?
0
 

Author Comment

by:sjswarts
ID: 39196735
Ok I sent on behalf of the user an email to spf-test@openspf.net

This is what came back:


<spf-test@openspf.net>: host mailout02.controlledmail.com[72.81.252.18] said:
    550 5.7.1 <spf-test@openspf.net>: Recipient address rejected: SPF Tests:
    Mail-From Result="permerror": Mail From="name<at>cleandrum.com" HELO
    name="mail.swartsit.com" HELO Result="none" Remote IP="118.88.20.79" (in
    reply to RCPT TO command)

Again I don't know where it gets the 118.88.20.79 address from because mail.swartsit.com is set to 118.88.20.78

As part of the system I am running Postfix and Dovecot, but I have no specific bind to either IP. Is it possible that it might be binding to any? or does that not affect it? I just want it to use only one IP to send from. For me Multiple IP's are used for Apache SSL connections.
0
 
LVL 81

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 39196762
until you add the 'a' record you cannot send from 20.79 unless you modify your spf record.. I have no idea of what your configuration is.. but if you want to allow it to use either ip address you HAVE to add the a record that I  mentioned earlier
0
 

Author Comment

by:sjswarts
ID: 39212367
Sorry about the delay but I was away for a week.

Anyway just to clarify:

Virtual Dedicated Server, Debian system, ISPConfig control panel. 2 IP addresses - 20.78 and 20.79

I don't understand how postfix binds to the wrong IP, to my knowledge it never used to. HOw would I go about making it bind only to a singular IP?

In relation to the SPF record I don't want cleandrum.com to be listed as sending from either 20.78 or 20.79 instead I just want 20.78 to be the only IP used for email sending and receiving.

Please excuse my limited understanding, I'm trying to be as forth coming with information so that you can better help me out.

Regards,
Steve
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Group policy not applying 5 107
How to remove audio ad 4 87
Assess most serious Linux privilege escalation bug 17 204
Antivirus - Webroot vs Symantec? 6 271
One of the most frustrating experiences a help desk technician will ever encounter is when a customer comes to them with a solution of their own invention and expects the tech to implement it. This often happens when people with a little bit of tech…
Note: This is the second blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   Every month t…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question