I've a new VPS, and since then I haven't been able to send email notifications. At first the port 25 for outbound traffic was blocked, now it is ok. But my ip was added to a black list, with this reason:
CBL Lookup Utility
IP Address xx.xx.xx.xx is listed in the CBL. It shows signs of being
infected with a spam sending trojan, malicious link or some other form of botnet.
It was last detected at 2016-11-08 03:00 GMT (+/- 30 minutes), approximately 10
hours ago.
This IP address is HELO'ing as "localhost.localdomain"
which violates the relevant standards (specifically: RFC5321).
The CBL does not list for RFC violations per-se. This _particular_ behaviour,
however, correlates strongly to spambot infections.
In other words, out of thousands upon thousands of IP
addresses HELO'ing this way, all but a handful are infected
and spewing junk. Even if it isn't an infection, it's a misconfiguration that
should be fixed, because many spam filtering mechanisms
operate with the same rules, and it's best to fix it
regardless of whether the CBL notices it or not.
DO NOT TELNET TO YOUR SERVER TO SEE WHAT IT SAYS.
Telnet will show you the banner, not the HELO."
So in the maillog I have something like this:
(mxeue002) Nemesis ESMTP Service not available 554-No SMTP service 554-IP
address is black listed. 554 For explanation visit
When I telnet the server, I get:
Escape character is '^]'.
220 localhost.localdomain ESMTP Postfix
The provider is 1and1. I have full root control in the server.
0 Answers