[aklug] Re: Check my headers (I.P. blacklisted)

From: Kevin Miller <atftb2@alaska.net>
Date: Fri Apr 03 2015 - 20:19:53 AKDT

On 04/03/2015 11:59 AM, Tim Johnson wrote:
> I mean no offense to my ISP (MTASolutions), but they haven't figured
> this one out yet :
>
> Some listservs that I use are silently rejecting any email sent
> to them. I'm not getting any rejection notices. I'm also not getting
> email that is being sent to the lists (as of some weeks ago).
>
> I have a static I.P. - I'm finding the static I.P. has been
> blacklisted by spamrats - see
> http://www.spamrats.com/lookup.php?ip=64.4.232.191
>
> Note that it indicates that the whole network is blacklisted, but
> MTA folks say this is not true. I show no other blacklist other than
> by spamrats.
>
> I sent an email from the gmail account using google (rather than
> from my workstation). It went through to the ML and was seen by me,
> so I guess either something machine specific or ISP-specific.
>
> I'm wondering if any of you "in the know" can see any problem with
> my headers.

Send an email directly to me at my work address so it doesn't get
filtered via the mailing list: "kevin . miller@juneau.org" (slightly
munged to thwart robo-harvesting) - I'll see what our spam filters do
with it. I don't use spamrat so it should come through fine unless
there's another issue.

Be sure to send via the mail server that you're having issues with.

It looks to me that spamrat is complaining because you're a dynamic IP
(even though you aren't). There's really no way to distinguish a static
and dynamic so I presume there's a registry somewhere that an IP can
publish their ranges on. I know GCI uses certain ranges for static and
other ranges for dynamic. I don't know where the distinction is
publicized however so the RBLs can determine which is which. Not sure
about mtaonline.net.

Looking at your headers, you're saying your host is tj49.com, but the IP
resolves to "191-232-4-64.mtaonline.net" so it looks to a mail server
that you're forging your hostname. They should match.

Received: from tj49.com (191-232-4-64.mtaonline.net [64.4.232.191])
        by lib.uaa.alaska.edu (Postfix) with ESMTP id AB3B460E31
        for <aklug@aklug.org>; Fri, 3 Apr 2015 11:59:30 -0800 (AKDT)

A common practice is to name an outbound mail server something like
smtp.tj49.com. Configure postfix to identify itself as that during the
initial connection (HELO/EHLO). Then make sure you have an A record and
a PTR record in DNS for your hostname. Do not use a CNAME.

The other option is to configure your postfix to authenticate to your
ISPs mailhost, and use it as a smarthost to relay from your server to
the rest of the world.

BTW, you could reduce the number of NS lookups against your SPF record
by changing it to just:
  "v=spf1 ip4:74.220.215.66 ?all"
It's a minor nit. If 74.220.215.66 is the only server that you send
mail through, it's a bit more efficient as it only has to do one lookup.
  You're probably safe to change the ?all to a ~all or even -all if that
host is the only one sending as akwebsoft.com or tj49.com...

...Kevin

-- 
Kevin Miller - http://www.alaska.net/~atftb
Juneau, Alaska
In a recent survey, 7 out of 10 hard drives preferred Linux
Registered Linux User No: 307357, http://linuxcounter.net
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Fri Apr 3 20:20:15 2015

This archive was generated by hypermail 2.1.8 : Fri Apr 03 2015 - 20:20:16 AKDT