Jump to content

[Solved] Email blacklist issue


uwalcs

Recommended Posts

Hi all,

So I mainly wanted to use my domain for email and after setting everything up I'm dissapointed to learn that ricky's ip is on a few blacklists for phishing/spam. Tradgedy of the commons I guess. The other issue seens to be that using my own domain as the mail server SMTP a lot of mail servers reject incoming mail from me because there isn't a valid PTR entry matching the domain on the DNS.

 

So, If I buy(rent) an IP for my domain, can I use that to fix both these issues?

Link to comment
Share on other sites

Yes it would fix this issue.

 

If you buy a dedicated IP, please be sure to specify that you would like email to originate from it and that you need reverse DNS set up for it. There are extra steps needed if email needs to originate from it, and Krydos has to manually create the reverse DNS records for you too.

Link to comment
Share on other sites

As an extension to my previous question (old account, should be deleted now), why doesn't ricky.heliohost.org have a PTR record?

Also, I've checked exactly why my mail was being rejected and it looks like the IP is reported on SORBS. I think I can get away with no rDNS with most mail servers since SPF DKIM and DMARC are all working.

Do admins here make an effort to de-list helio IPs or is it a Sisyphean activity, is de-listing something I can do myself?

post-36117-0-79319500-1561083348_thumb.png

 

 

 

Link to comment
Share on other sites

Dedicated IP granted, and reverse DNS has been set up.

# dig +noall +answer -x 64.62.214.6
6.214.62.64.in-addr.arpa. 86400 IN      CNAME   6.subnet0.214.62.64.in-addr.arpa.
6.subnet0.214.62.64.in-addr.arpa. 14400 IN PTR  baskovich.com.
Thanks for the donation. We really appreciate it. Let us know if you need help with anything else.
Link to comment
Share on other sites

Hi, thanks for that. Website works fine but emails seem to have deliverability issues.
Mxtoolbox reports authentication errors with dmarc, although the dkim and spf records are correct. Is this the issue of emails still being delivered from ricky? 
I'm having a bit of trouble diagnosing where the actual issue is. Gmail accepts incoming mail but I think that might be becuase I trained it on my last attempt. 

Link to comment
Share on other sites

Send an email to https://www.mail-tester.com/ and post the url to the report. We can go through the list and get your emails to 10/10. Techincally DMARC records aren't required. They are simply instructions to the email servers on what to do with emails that fail DKIM or SPF or both. For instance, if someone was setting up a phishing scam by trying to spoof your emails you could have your DMARC take all of those emails that would obviously fail SPF and DKIM and send them to an email address that you could use for abuse reports. The DMARC value or lack thereof shouldn't affect whether email services consider your mail spam.

Link to comment
Share on other sites

The main problem seems to be that Ricky's exim wasn't configured properly to send emails from your dedicated IP. That should be fixed now. The rest of your points you lost because you didn't send a real message. Emails like "test5" will get flagged as spam. Try again now that emails should be originating from your dedicated ip, and be sure to send something that looks like a real email that you would actually send to someone.

Link to comment
Share on other sites

OK, nearly there.
https://www.mail-tester.com/test-lo1sg

10/10 with some notes on List-Unsubscribe header, which I'll ignore since I'm not doing any mass emailing.

I've got my IP removed from dnsbl.spfbl.net blacklist.

The only relevant issues I can see reported on https://dnschecker.org/domain-health-checker.php for baskovich.com are:

 

No TLS support.

Reverse DNS does not match SMTP Banner.
SOA Serial Number Format is Invalid.

 

Is there anything I can do about these?

 

Also, would I be right in assuming that the email header (in incoming and outgoing) should no longer make mention of ricky.heliohost.org?

 

Thanks for the help so far.

Edited by pete20r2
Link to comment
Share on other sites

According to https://forums.cpanel.net/threads/a-package-with-dedicated-ip-and-ssl-tls-settings.630563/ SMTP TLS should work on your dedicated IP domain if you have a valid SSL certificate installed on your domain, which you do. I wonder if it would work with autossl which is the cpanel issued free SSL certificate instead of setting up your own Let's Encrypt certificate. The other advantage to using autossl is it will automatically renew the certificate for you when it gets close to expiring so you don't have to remember to install a new Let's Encrypt one.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...