Jump to content


Photo

[Solved] Email blacklist issue


  • This topic is locked This topic is locked
15 replies to this topic

#1 uwalcs

uwalcs

    Newbie

  • Members
  • 4 posts

Posted 20 June 2019 - 03:43 PM

Hi all,
So I mainly wanted to use my domain for email and after setting everything up I'm dissapointed to learn that ricky's ip is on a few blacklists for phishing/spam. Tradgedy of the commons I guess. The other issue seens to be that using my own domain as the mail server SMTP a lot of mail servers reject incoming mail from me because there isn't a valid PTR entry matching the domain on the DNS.

So, If I buy(rent) an IP for my domain, can I use that to fix both these issues?

#2 flazepe

flazepe

    Rank V Member

  • Moderators
  • 338 posts
  • Gender:Male

Posted 20 June 2019 - 04:12 PM

It would fix the first issue but I'm not sure about the latter.

#3 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 10,413 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 20 June 2019 - 05:07 PM

Yes it would fix this issue.

 

If you buy a dedicated IP, please be sure to specify that you would like email to originate from it and that you need reverse DNS set up for it. There are extra steps needed if email needs to originate from it, and Krydos has to manually create the reverse DNS records for you too.


Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#4 pete20r2

pete20r2

    Rank I Member

  • Members
  • Pip
  • 32 posts

Posted 21 June 2019 - 02:15 AM

As an extension to my previous question (old account, should be deleted now), why doesn't ricky.heliohost.org have a PTR record?

Also, I've checked exactly why my mail was being rejected and it looks like the IP is reported on SORBS. I think I can get away with no rDNS with most mail servers since SPF DKIM and DMARC are all working.

Do admins here make an effort to de-list helio IPs or is it a Sisyphean activity, is de-listing something I can do myself?

Attached File  sorbs.PNG   43.66K   3 downloads

 

 

 



#5 pete20r2

pete20r2

    Rank I Member

  • Members
  • Pip
  • 32 posts

Posted 21 June 2019 - 01:24 PM

Ok, I went ahead and did it.
Paypal trans: 4PS255026J284072D
Account: basko
Domain: baskovich.com

I'd appreciate the dns setup including the PTR since that's why I'm doing this.

Thanks

#6 wolstech

wolstech

    Rank X Member

  • Root Admin
  • 10,413 posts
  • Gender:Male
  • Location:Pennsylvania

Posted 21 June 2019 - 02:04 PM

Let's get Krydos to set this up you.

As for Ricky missing a PTR record, I have no idea what that's missing.

Please do not PM me for support. Posting on our forums lets all of us learn.
Do you play Minecraft? | Server Monitors | And the Dumbass of the Decade award goes to...


#7 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 18,094 posts
  • Gender:Male

Posted 23 June 2019 - 05:39 PM

Dedicated IP granted, and reverse DNS has been set up.
# dig +noall +answer -x 64.62.214.6
6.214.62.64.in-addr.arpa. 86400 IN      CNAME   6.subnet0.214.62.64.in-addr.arpa.
6.subnet0.214.62.64.in-addr.arpa. 14400 IN PTR  baskovich.com.
Thanks for the donation. We really appreciate it. Let us know if you need help with anything else.

#8 uwalcs

uwalcs

    Newbie

  • Members
  • 4 posts

Posted 23 June 2019 - 11:37 PM

[removed, wrong account]

#9 pete20r2

pete20r2

    Rank I Member

  • Members
  • Pip
  • 32 posts

Posted 24 June 2019 - 02:02 AM

Hi, thanks for that. Website works fine but emails seem to have deliverability issues.
Mxtoolbox reports authentication errors with dmarc, although the dkim and spf records are correct. Is this the issue of emails still being delivered from ricky? 
I'm having a bit of trouble diagnosing where the actual issue is. Gmail accepts incoming mail but I think that might be becuase I trained it on my last attempt. 



#10 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 18,094 posts
  • Gender:Male

Posted 24 June 2019 - 03:26 AM

Send an email to https://www.mail-tester.com/ and post the url to the report. We can go through the list and get your emails to 10/10. Techincally DMARC records aren't required. They are simply instructions to the email servers on what to do with emails that fail DKIM or SPF or both. For instance, if someone was setting up a phishing scam by trying to spoof your emails you could have your DMARC take all of those emails that would obviously fail SPF and DKIM and send them to an email address that you could use for abuse reports. The DMARC value or lack thereof shouldn't affect whether email services consider your mail spam.

#11 uwalcs

uwalcs

    Newbie

  • Members
  • 4 posts

Posted 24 June 2019 - 05:32 AM

[removed, sorry, keep being logged in on phone]

#12 pete20r2

pete20r2

    Rank I Member

  • Members
  • Pip
  • 32 posts

Posted 24 June 2019 - 05:36 AM

Hi Krydos,
Here is the mail-tester link:
https://www.mail-tester.com/test-2vwb5
I've tried a few different settings, I've added ricky's ip as well as my own to the spf but I think the mail is still originating from the wrong IP.

Thanks again

#13 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 18,094 posts
  • Gender:Male

Posted 24 June 2019 - 06:10 AM

The main problem seems to be that Ricky's exim wasn't configured properly to send emails from your dedicated IP. That should be fixed now. The rest of your points you lost because you didn't send a real message. Emails like "test5" will get flagged as spam. Try again now that emails should be originating from your dedicated ip, and be sure to send something that looks like a real email that you would actually send to someone.

#14 pete20r2

pete20r2

    Rank I Member

  • Members
  • Pip
  • 32 posts

Posted 24 June 2019 - 08:27 AM

OK, nearly there.
https://www.mail-tester.com/test-lo1sg

10/10 with some notes on List-Unsubscribe header, which I'll ignore since I'm not doing any mass emailing.

I've got my IP removed from dnsbl.spfbl.net blacklist.

The only relevant issues I can see reported on https://dnschecker.o...lth-checker.php for baskovich.com are:

 

No TLS support.

Reverse DNS does not match SMTP Banner.
SOA Serial Number Format is Invalid.

 

Is there anything I can do about these?

 

Also, would I be right in assuming that the email header (in incoming and outgoing) should no longer make mention of ricky.heliohost.org?

 

Thanks for the help so far.


Edited by pete20r2, 24 June 2019 - 08:55 AM.


#15 Krydos

Krydos

    Rank X Member

  • Root Admin
  • 18,094 posts
  • Gender:Male

Posted 25 June 2019 - 02:07 AM

According to https://forums.cpane...ettings.630563/ SMTP TLS should work on your dedicated IP domain if you have a valid SSL certificate installed on your domain, which you do. I wonder if it would work with autossl which is the cpanel issued free SSL certificate instead of setting up your own Let's Encrypt certificate. The other advantage to using autossl is it will automatically renew the certificate for you when it gets close to expiring so you don't have to remember to install a new Let's Encrypt one.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users