0

We've been having many issues with our external IP address being put on RBL's and blacklisted.

We are using a 3rd party, hosted SMTP e-mail and we have two locations using it. Our TLD is ABC.com. Our internal domain name is XYZ.com (before my time) and is an actual registered TLD that resolved to a legit company.

Our sister location seems to not have any issues and when using Watchguard's Reputation service (http://www.reputationauthority.org) and put ABC.com their are 2 IP address that shows up on the listing and belongs to our sister company and it also shows the external TLD .coms reputation.

When we put our external IP address in it shows as being a "bad" IP and are on a few RBL's. When we put XYZ.com in they have a good reputation and no IP addresses are listed.

I have asked to have an SPF record added to the hosting company's DNS and have been shot down by the admin that can manage it and he will not add the SPF record.

Here is what our header information looks like. Does our internal domain, being a TLD, have any influence on coming up as a spammer in the HELO or the fact that our external IP address does not resolve?

I am afraid if I continue to ask to be unblacklisted that we will be put on a permanent RBL. 

Return-path: 
Received: from [10.5.2.31] (helo=xmail09.myhosting.com)
by xsmtp02.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32)
(Exim 4.63)
(envelope-from )
id 1UMgdB-0005B4-Nv
for XXXXX@xxxx.com; Mon, 01 Apr 2013 11:26:46 -0400
Received: (qmail 12365 invoked from network); 1 Apr 2013 15:26:45 -0000
Received: from unknown (HELO LOCALCOMPUTER.XYZ.com) (Authenticated-user:_someuser@ABC.com@[66.xxx.xxx.xxx])
(envelope-sender )
by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA
for ; 1 Apr 2013 15:26:44 -0000
Date: Mon, 1 Apr 2013 11:26:43 -0400
From: Our User 
To: Their User 
Message-ID: 
Mime-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
X-SA-RemoteMail: Yes
X-SA-Exim-Connect-IP: 10.5.2.31
X-SA-Exim-Mail-From: SOMEUSER@ABC.COM
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on xsa10.softcom.biz
X-Spam-Level:
X-Spam-Status: No, score=0.1 required=5.0 tests=AWL,BAYES_00,
HTML_IMAGE_ONLY_12,HTML_MESSAGE,MIME_HTML_ONLY,T_REMOTE_IMAGE,URIBL_BLOCKED
autolearn=no version=3.3.1
X-Spam-DCC: : xsa10 1324; Body=1 Fuz1=1 Fuz2=1
X-Spam-Pyzor:
Subject: lead
X-SA-Exim-Version: 4.2.1 (built Mon, 13 Oct 2008 12:27:24 -0400)
X-SA-Exim-Scanned: Yes (on xsmtp02.mail2web.com)

Solution: We changed our outgoing SMTP from the 3rd party to our ISP's server. Have not had any more black listing issues since. I'm assuming going through the 3rd party as well as a host of other people probably got the 3rd party's IP address blacklisted, and had nothing to do with us particularly.

Travis
  • 870
  • 8
  • 23
  • 3
    "I have asked to have an SPF record added to the hosting company's DNS and have been shot down by the admin that can manage it and he will not add the SPF record." Time to escalate to management. If your admin won't add a necessary record, that's a problem. – ceejayoz Apr 03 '13 at 15:03
  • 2
    a missing SPF record is most certainly not the reason for being blacklisted. SPF can increase your deliverability when sending mass mails to the biggies (yahoo, gmail etc) but it is in no way required. if you want a helpful answer you should probably post the real IP, domain, helo and blacklists involved. without that information it's not possible to identify your problem. what do you mean by external IP address does not resolve? missing FcrDNS? definitely an issue. – Gryphius Apr 03 '13 at 15:19
  • I was able to contact the hosting company and got past their "verification" and had them add the SPF record. They also said they did not think it would help with the blacklist. Management is a whole other issue and won't go into details on that. I will not post our real, external IP address. What I mean by the external IP won't resolve is there is no reverse DNS for it. For example, 176.34.45.31 reverses to ec2-176-34-45-31.ap-northeast-1.compute.amazonaws.com. Ours does not reverse to a TLD. Our sister location's IP resolves to static-*.lsanca.fios.verizon.net. – Travis Apr 04 '13 at 11:56
  • As you can read in my answer, this is your problem. Configure a reverse DNS (=PTR record) for your IP, otherwise you will keep getting blacklisted. – etagenklo Apr 06 '13 at 11:49
  • Would I need to do that in our internal DNS or have the ISP do it on their DNS? I would assume the ISP because we don't allow external DNS requests. – Travis Apr 08 '13 at 12:01

2 Answers2

3

...or the fact that our external IP address does not resolve?

If this should mean your IP doesn't have a PTR record, then this is your main problem. Most bigger mail services and RBLs will blacklist your IP without a valid, non-generic PTR record.

etagenklo
  • 5,834
  • 1
  • 27
  • 32
1

Solution: We changed our outgoing SMTP from the 3rd party to our ISP's server. Have not had any more black listing issues since. I'm assuming going through the 3rd party as well as a host of other people probably got the 3rd party's IP address blacklisted, and had nothing to do with us particularly.

Since the 3rd party hosting has multiple accounts and multiple e-mail addresses, including spammy ones, this was creating the issue of being placed on RBL's. True span was originating from the 3rd party's servers and causing the entire server to be black listed. By using our local SMTP provider we were able to avoid this.

Travis
  • 870
  • 8
  • 23