Solved

Issue with spam engine

Posted on 2013-05-25
5
356 Views
Last Modified: 2013-08-07
G'day guys/girls

I have a client who has reported that his email won't send to a particular person (company).
Now I have gone through the SPF records using the wizard provided by No-IP but he apparently still has issues.

domain name is :

http://cleandrum.com

error is the following:

This is the mail system at host mail.swartsit.com.

I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can delete your own text from the attached returned message.

                   The mail system

<name<at>industrialpackaging.com.au>: host mx4.netregistry.net[202.124.241.196]
    said: 550 118.88.20.79 is not allowed to send mail from cleandrum.com.
    Please see
 
http://www.openspf.net/Why?scope=mfrom;identity=roger@cleandrum.com;ip=118.88.20.79
    (in reply to end of DATA command)

but my spf record clearly states that IP as being able to send. Am I going nuts, or do I not understand SPF records properly??

Thanks in advance

Regards,
Steven Swarts
0
Comment
Question by:sjswarts
  • 3
  • 2
5 Comments
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 39196360
mx:cleandrum.com  
mx
Pref       Hostname       IP Address       TTL       
5       mail.cleandrum.com       118.88.20.78       30 min       Blacklist Check      SMTP Test
10       mail1.no-ip.com       8.23.224.50       30 min       Blacklist Check      SMTP Test
15       mail2.no-ip.com       69.65.5.113       30 min       Blacklist Check      SMTP Test

spf

+       mx             Pass       Match if IP is one of the MX hosts for given domain name
+       a       118.88.20.78       Pass       Match if IP has a DNS 'A' record in given domain
+       a       118.88.20.79       Pass       Match if IP has a DNS 'A' record in given domain

Which it doesn't you only have the 1 A record add another one i.e  a 118.88.20.79 mail2.cleandrum.com
0
 

Author Comment

by:sjswarts
ID: 39196698
Ok I have done that now, but I don't understand why it needs it in the first place.

Originally I had only a spf record of the following:

+       mx             Pass       Match if IP is one of the MX hosts for given domain name
+       a       118.88.20.78       Pass       Match if IP has a DNS 'A' record in given domain

figured that would be fine so why would my server try to send email using the IP 118.88.20.78??

Just for your information:

Debian server 64bit
ISPConfig 3 control panel installed
IP's: 118.88.20.78 and 118.88.20.79

Never had this issue before, now it seems to be an issue? Is that some new anti-spam thing or am I doing something wrong?
0
 

Author Comment

by:sjswarts
ID: 39196735
Ok I sent on behalf of the user an email to spf-test@openspf.net

This is what came back:


<spf-test@openspf.net>: host mailout02.controlledmail.com[72.81.252.18] said:
    550 5.7.1 <spf-test@openspf.net>: Recipient address rejected: SPF Tests:
    Mail-From Result="permerror": Mail From="name<at>cleandrum.com" HELO
    name="mail.swartsit.com" HELO Result="none" Remote IP="118.88.20.79" (in
    reply to RCPT TO command)

Again I don't know where it gets the 118.88.20.79 address from because mail.swartsit.com is set to 118.88.20.78

As part of the system I am running Postfix and Dovecot, but I have no specific bind to either IP. Is it possible that it might be binding to any? or does that not affect it? I just want it to use only one IP to send from. For me Multiple IP's are used for Apache SSL connections.
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 39196762
until you add the 'a' record you cannot send from 20.79 unless you modify your spf record.. I have no idea of what your configuration is.. but if you want to allow it to use either ip address you HAVE to add the a record that I  mentioned earlier
0
 

Author Comment

by:sjswarts
ID: 39212367
Sorry about the delay but I was away for a week.

Anyway just to clarify:

Virtual Dedicated Server, Debian system, ISPConfig control panel. 2 IP addresses - 20.78 and 20.79

I don't understand how postfix binds to the wrong IP, to my knowledge it never used to. HOw would I go about making it bind only to a singular IP?

In relation to the SPF record I don't want cleandrum.com to be listed as sending from either 20.78 or 20.79 instead I just want 20.78 to be the only IP used for email sending and receiving.

Please excuse my limited understanding, I'm trying to be as forth coming with information so that you can better help me out.

Regards,
Steve
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Full list of ransomwares to date 6 135
Is KairosPlanet a fraud? 6 50
Dual boot Ubuntu middle-budget laptop for development 11 220
awk file 6 78
As a long-time IT Professional, the most important skill I have developed and consider to be my most valuable tool is Effective Troubleshooting. Step through my problem-solving procedure in this 10-step guide adapted from The Universal Troubleshooti…
Scenario: Your operations manager has discovered an anomaly in your security system. The business will start to suffer within 15 minutes if it is a major IT incident. What should she do? We have 6 recommendations for managing major incidents (https:…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question