emails to hotmail being blocked
Hi,
My server ip is being blocked and our clients are unable to send mail to hotmail. I have a domain with spf and dkim record as well as a domain with no extra records, both are being rejected on hotmail as well as on gmail, it goes straight in to the spam. Strangely enough, it was only last week I placed a limit on hourly emails per domain to 80.
Any idea where I go from here to get it unblocked? The server is a dedicated server I have root access to.
**just got a message back from Microsoft:
We have completed reviewing the IP(s) you submitted. The following table contains the results of our investigation.
Our investigation has determined that the above IP(s) do not qualify for mitigation. These IP(s) have previously received mitigations from deliverability support, and have failed to maintain patterns within our guidelines, so they are ineligible for additional mitigation at this time.
Since this is the first time this has happened to us, has the service provider given us a spammy bad ip for our server?
Thanks
-
Hello :) It's possible you may need to ask your provider for a new IP address, however you should also ensure that you are following the guidelines at: How to Keep your Email out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation Thank you. 0 -
Thanks. Our data centre is going to give us an extra ip. How do I configure this through WHM? Do I just follow the two steps for changing ip globally mentioned on this page: Changing Exim's Sending IP - The cPanel Admin Sorry, I'm new to this problem. 0 -
This is the proper documentation: How to Configure Exim's Outgoing IP Address - cPanel Knowledge Base - cPanel Documentation 0 -
Hi, This documentation is slightly confusing for me. Where in WHM can I enter the new ip address for mail which will be applied to all accounts on the server? Thanks 0 -
Just to clarify, I have a new ip address. This has not been referenced in teh server anywhere and not yet been added. It has a PTR record (I did host xxx.xx....) I'm sitting here with an IP address which I'd like to add to the server so I can use it for outgoing mail. Do I need to assign it somewhere else in the server before I add it in the exim config somewhere? 0 -
Have you seen these docs? Add a New IP Address - 11.50 Documentation - cPanel Documentation 0 -
look at /etc/mailhelo and /etc/mailips. Adding my dedicated IP address and domain to /etc/mailips helped solve my problem with my rDNS and sending to hotmail/Outlook/AOL email addresses. 0 -
However, in this step, there is nowhere to say that I want the IP address I have just added in to be used for all outgoing mail.
Hello :) The process to do this starts under the "How to manually configure Exim's outgoing IP addresses" section on: How to Configure Exim's Outgoing IP Address - cPanel Knowledge Base - cPanel Documentation It involves manually editing the /etc/mailhelo and /etc/mailips files. Thank you.0 -
Thanks - I think we are nearly there. Here's what I'm planning to do: 1. Add the IP address to "Add new IP addresses" 2. Add the IP address in mailips and domain in mailhelo files. Then it will work? It just doesn't seem right :( 0 -
It worked for me. Make sure the IP you're using has a valid reverse DNS lookup and don't forget to restart Exim. 0 -
. Add the IP address to "Add new IP addresses" 2. Add the IP address in mailips and domain in mailhelo files. Then it will work? It just doesn't seem right
No, as the document states, you also have to enable the following options in WHM's Exim Configuration Manager - Basic Editor interface (Home >> Service Configuration >> Exim Configuration Manager):- ]
- Reference /etc/mailhelo for outgoing SMTP HELO
- Reference /etc/mailips for outgoing SMTP connections
0 -
Hi, We have asked our server provider to make the neccesary changes to enable all outgoing mail to send from the new ip address. They said they have made changes in the files mailips and mailhelo. I have just tested a message to hotmail and it came back as rejected again (showing the new ip I had been assigned). I also tested to gmail which is just not being received at all. Any ideas? Why would the message still be rejected by hotmail if the ip has changed? What's odd is that if I send the mail from a mail client (and the domain has a mail a record pointing to the new ip) it seems to get straight through to the hotmail inbox but sending directly from webmail just goes to junk. My server provider has advised they have put the correct records in so I'm not sure what to do! Thanks 0 -
You may need to contact Hotmail directly if you are sending email per their guidelines: Hotmail Troubleshooting Thank you. 0 -
Thank you however this is a problem for all domains on our server and our server has changed ip address for mail. This is a new ip address the emails are being sent from, why do you think it will still have errors and tell us part of our network is on their block list? Thanks 0 -
Also on Gmail, the message doesn't even get delivered. 0 -
It's difficult to know the exact reason, as Hotmail is the one that's filtering the email. You may need to contact them directly to get additional information. If Google is blocking you, review /var/log/exim_mainlog to see if it left your server successfully. Thank you. 0 -
1Zwdmz-00067B-KA SMTP error from remote mail server after end of data: 421-4.7.0 [my.ip.address 15] Our system has detected an unusual rate of\n421-4.7.0 unsolicited mail originating from your IP address. To protect our\n421-4.7.0 users from spam, mail sent from your IP address has been temporarily\n421-4.7.0 rate limited. Please visit\n421-4.7.0 Bulk Senders Guidelines - Gmail Help to review our Bulk Email\n421 4.7.0 Senders Guidelines. q194si15293201wmg.97 - gsmtp 2015-11-11 23:22:50
This is strange because this is a new ip address, why would we be immediately blocked? Thanks0 -
I followed the guide here to check for spam: Find spam script location with Exim - InMotion Hosting And here's the log: login as: root root@myip password: Last login: Thu Nov 12 00:04:34 2015 from myip root@myserver [~]# grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n 1 /home/client1/public_html 1 /home/client2/public_html/wp-admin 1 /home/client3/public_html/wp-admin 2 /home/client4/public_html 3 /home/client5/public_html 4 /home/client6/public_html 5 /root 8 /home/client7/public_html 15 / 17 /usr/local/cpanel/whostmgr/docroot 1667 /etc/csf root@myserver [~]# ls -lahtr /etc/csf total 492K drw------- 2 root root 4.0K Oct 24 2014 messenger/ drw------- 3 root root 4.0K Oct 24 2014 ui/ -rw------- 1 root root 457 Dec 21 2014 csf.uidignore -rw------- 1 root root 1.2K Dec 21 2014 csf.syslogusers -rw------- 1 root root 1.7K Dec 21 2014 csf.syslogs -rw------- 1 root root 368 Dec 21 2014 csf.suignore -rw------- 1 root root 660 Dec 21 2014 csf.smtpauth -rw------- 1 root root 510 Dec 21 2014 csf.sips -rw------- 1 root root 413 Dec 21 2014 csf.signore -rw------- 1 root root 1.6K Dec 21 2014 csf.rignore -rw------- 1 root root 2.1K Dec 21 2014 csf.resellers -rw------- 1 root root 1.2K Dec 21 2014 csf.redirect -rw------- 1 root root 408 Dec 21 2014 csf.mignore -rw------- 1 root root 657 Dec 21 2014 csf.logfiles -rw------- 1 root root 617 Dec 21 2014 csf.dirwatch -rw------- 1 root root 2.3K May 26 22:19 csf.logignore -rw------- 1 root root 936 Aug 4 18:03 csf.fignore -rw------- 1 root root 939 Aug 4 18:03 csf.dyndns lrwxrwxrwx 1 root root 18 Aug 4 18:03 alerts -> /usr/local/csf/tpl/ -rw------- 1 root root 747 Sep 10 19:20 csf.rblconf -rw------- 1 root root 3.5K Sep 30 00:15 csf.pignore -rw------- 1 root root 1.3K Oct 9 20:01 csf.allow -rw------- 1 root root 603 Oct 9 20:01 csf.ignore -rw------- 1 root root 4 Nov 8 10:22 version.txt -rw------- 1 root root 3.9K Nov 8 10:33 csf.blocklists.new -rw------- 1 root root 174K Nov 9 00:15 changelog.txt -rw------- 1 root root 2.6K Nov 9 00:15 install.txt -rw------- 1 root root 10K Nov 9 00:15 license.txt -rw------- 1 root root 56K Nov 9 00:15 readme.txt lrwxrwxrwx 1 root root 13 Nov 9 00:15 lfd.pl -> /usr/sbin/lfd* lrwxrwxrwx 1 root root 13 Nov 9 00:15 csf.pl -> /usr/sbin/csf* lrwxrwxrwx 1 root root 39 Nov 9 00:15 pt_deleted_action.pl -> /usr/local/csf/bin/pt_deleted_action.pl* lrwxrwxrwx 1 root root 27 Nov 9 00:15 csfui.pl -> /usr/local/csf/bin/csfui.pl* lrwxrwxrwx 1 root root 29 Nov 9 00:15 csftest.pl -> /usr/local/csf/bin/csftest.pl* lrwxrwxrwx 1 root root 31 Nov 9 00:15 uninstall.sh -> /usr/local/csf/bin/uninstall.sh* lrwxrwxrwx 1 root root 36 Nov 9 00:15 remove_apf_bfd.sh -> /usr/local/csf/bin/remove_apf_bfd.sh* lrwxrwxrwx 1 root root 25 Nov 9 00:15 webmin -> /usr/local/csf/lib/webmin/ lrwxrwxrwx 1 root root 34 Nov 9 00:15 regex.custom.pm -> /usr/local/csf/bin/regex.custom.pm* -rw------- 1 root root 3.9K Nov 9 00:15 csf.blocklists -rw------- 1 root root 95K Nov 9 00:15 csf.conf lrwxrwxrwx 1 root root 28 Nov 9 00:15 csfwebmin.tgz -> /usr/local/csf/csfwebmin.tgz drw------- 4 root root 4.0K Nov 9 00:15 ./ -rw------- 1 root root 29K Nov 12 09:50 csf.deny drwxr-xr-x 78 root root 12K Nov 12 11:05 ../ root@myserver[~]#0 -
This is strange because this is a new ip address, why would we be immediately blocked?
There are no new IPs. Someone else has used this one before you and got it blocked, it seems. You'll need to contact them and explain that you just got the IP.0 -
You are right, there are no new ip's and the ip must have been previously blocked. Our current provider has been more than unhelpful in assisting with this issue (even with requesting their paid help). This is the second time they have given us a dodgy IP with bad history. Hotmail and Gmail are now receiving emails (I did the delisting requests last night and Hotmail said it was conditionally mitigated and gmail said nothing but allowed emails to come through again). Both are going in to the spam folder - not what I want obviously but better than email not working at all. I have applied the usual setting to restrict email such as prevent nobody sending email, limiting e.t.c.. Is it just a case of building up an email reputation now to stop it going in to the spam folder? Thank you to all involved in this thread and sorry for posting my code without the code tag. 0 -
Also, be careful with forwarders. For example if a user has all email from an account being forwarded to gmail, it is not scanned, just forwarded. If the user has posted his email address online, chances are very good its being pounded with spam, forwarded to gmail, and gmail will rate limit or block. This thread may be of some use to you: Why didn't my email get delivered? or where did my email go? No matter how you get on a blacklist, your first priority is to contact the blacklist and find out how to get removed. some lists, you don"t need to do anything; for others, you may need to make changes and prove that you have made those changes. The procedures are as varied as the lists themselves.
sorry for posting my code without the code tag.
N/P, thanks. It's a very common issue on these forums. We'll probably have to move the bbcode button to make it easier to get to (and bright red! [:)] at some point.0 -
Just providing an update from what our host said in case it helps anyone: Hi It does look like between 16:25 and 17:20 there were alot (comparatively) of mails going out to gmail and back culminating in this closure: 2015-11-11 17:18:18 SMTP connection from mail-pa0-f71.google.com [provider ip]:36330 closed by QUIT As this IP will have been a new sending IP that also at the time was sending out from a generic helo: root@myserver [~]# cat /etc/mailhelo *: hostname.example.com (This was the time period we were contacting you regarding setting this up.) Gmail will have seen it as suspicious, and placed a block on the IP. From what I can see this does seem to be lifted now (no more bounces since this morning) and all you will want to look into improving your mail's reputation with SPF records and non generic hostnames etc .
So this to me sounds like a build up of emails when they closed the old ip address for mail and they got sent all at once when the new ip was assigned?0 -
Possibly. 0
Please sign in to leave a comment.
Comments
24 comments