I have a web site that needs to send email to customers to deliver files that they have purchased. Reliable email delivery is vital to this business. Unfortunately, most of the emails sent by my server are not delivered due to my MTA's "poor reputation." Here are some sample lines from my mail.log
:
Feb 20 02:40:41 servername postfix/smtp[14580]: 4E30B1100C7: host aspmx.l.google.com[209.85.211.78] said: 421-4.7.0 [174.143.183.26] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 10si1216690ywh.92 (in reply to end of DATA command)
Feb 20 12:49:22 servername postfix/smtp[5651]: A86CB1CC0CF: to=<[email protected]>, relay=mx3.comcast.net[76.96.58.14]:25, delay=55186, delays=55185/0.01/0.93/0, dsn=4.0.0, status=deferred (host mx3.comcast.net[76.96.58.14] refused to talk to me: 554 imta36.westchester.pa.mail.comcast.net comcast 174.143.206.168 found on one or more DNSBLs, see http://help.comcast.net/content/faq/BL000001)
Feb 16 10:50:11 servername postfix/smtp[6931]: 98B94380A1: host mx-in-2.webreus.nl[212.61.252.240] refused to talk to me: 554-mx-in-2.webreus.nl 554-Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means. 554 More information can be found on http://senderbase.org/senderbase_queries/detailhost?search_string=174.143.206.168
Feb 16 10:50:12 servername postfix/smtp[6931]: 98B94380A1: to=<[email protected]>, relay=mx-in-1.webreus.nl[212.61.10.240]:25, delay=173653, delays=173650/0.22/2.8/0, dsn=4.0.0, status=deferred (host mx-in-1.webreus.nl[212.61.10.240] refused to talk to me: 554-mx-in-1.webreus.nl 554-Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means. 554 More information can be found on http://senderbase.org/senderbase_queries/detailhost?search_string=174.143.206.168)
Steps I've taken to try to improve the situation:
- set up reverse DNS lookups to work correctly
- set up SPF records for my domain
- disallow incoming connections to my SMTP server
- format messages according to RFC 2822
- never send unsolicited messages (I never have)
My server is in Rackspace's cloud. Is it possible that the IP address's bad reputation was inherited from a previous customer? Some of the above steps have been taken in the past week--am I going to have to wait for the situation to improve? Are there other things I should be doing? Should I hire a third party to send emails for me?
Unfortunately the IP is blacklisted irrespective of the hardware that sits behind it, so there's not a lot you can do about your existing reputation except ensuring you are sending mail correctly and contacting the relevant spam lists. You may have to wait a few days or weeks for the situation to improve.
I would recommend using Google Apps for SMTP to eradicate these problems :)
Otherwise, if you keep going on your own, check:
http://status.slicehost.com/2009/11/11/email-issues-spamhaus-pbl
I have A VPS with those guys.
Apparently Rackspace preemptivly listed a bunch of their IP's, but you can request a remove of the block though spamhaus's list (at least) on a ip-by-ip basis.
I had to do this with my host once I noticed gmail was refusing delivery. 24hrs after I requested to be removed, gmail was updated and good to go.
If this IP address had a bad reputation when you received it, Rackspace should give you a different one.
Your IP has a "Poor" reputation in Senderbase, but it doesn't list your IP specifically in the list of IPs in that netblock that send mail. It looks like you may have a poor reputation here because many of your neighbors are "poor".
http://www.senderbase.org/senderbase_queries/detailip?search_string=174.143.206.168
(It's odd that Senderbase doesn't have any information on who owns this IP. Rackspace should be listed there. The "IP Whois" knows that... http://ws.arin.net/whois/?queryinput=174.143.206.168)
Hm. Your IP is listed in the spamhaus.org PBL... the PBL isn't a blacklist, but it's a listing of dynamic IP addresses used for end-customer modems. That doesn't sound like the kind of service you're expecting from Rackspace. (Unless you are a DSL/Cable modem customer running a server out of your basement. I did that for years.) If this is not a dynamic IP, contact Spamhaus and Rackspace about getting the netblock reclassified.
http://www.spamhaus.org/query/bl?ip=174.143.206.168
Your log entry from comcast says your in a DNSBL and that link says they use the Spamhaus SBL/XBL lists... but you're not in either of them. So it's possible that you were in a list and recently removed. Or that Comcast is using the PBL inappropriately.
But your IP doesn't seem to be listed in any of the actual blacklists I've checked. On the Senderbase page, click "DNS-based blocklists [Show/Hide all]" to see a list of the major ones with links to check your IP.
The webreus.nl appears to be using Senderbase's reputation... that's a pretty weak basis for outright rejection.
The one I'm most curious about is the response from Google... it's the only one that claims to have received an excessive amount of mail from your IP. It says "unsolicited", but I'm not sure how they determine whether it's solicited or not.
I suggest that you check your mail server's logs... make sure that you are sending only the mail you think you're sending.
So... that's kind of an overview of the situation, but it doesn't do much to help you fix it. Apparently Rackspace has given you an IP with a poor reputation, even though it apparently has no real history as a mail-sender (that Senderbase knows about). Asking them for an IP in a different netblock could help, especially if you can get one that is known to have a Neutral or better reputation in Senderbase to start with.
And as Andy says... (to paraphrase) keep your nose clean and follow the rules as carefully as possible. You can build up a good reputation with Senderbase if you tough it out. But if you're trying to deliver paid-for goods by email, I'd push Rackspace to get a clean IP.
As a Rackspace user, you can use SendGrid to handle all of this for you: http://blog.sendgrid.com/sendgrid-now-more-available-than-ever-to-rackspace-users/
I used to try to do it all myself, but I now use SendGrid and it's been much easier.