Static IP address blocked by anti spam lists

3 views
Skip to first unread message

Oswaldo

unread,
Feb 9, 2006, 10:20:29 AM2/9/06
to
Hi,
I have SBS 2003 hosting our website and email using Exchange, I have a DSL
line with a static IP address that my ISP provided and everything was working
fine until I started getting rejected emails because our IP address is listed
as spam or as a dynamic address. I contact one of these lists asking them to
remove us and they told me this:

Unfortunately, the IP address XXX.XX.XX.XX is not eligible for unblocking.
This IP address comes from a cable/dsl/dialup pool, or other dynamic IP pool.
Connections coming from a pool are nearly impossible to trace back to the
originating computer. It is for that very reason that cable/dsl/dialup pools
are very commonly used by spammers and virus writers.

If you are an end-user in a cable/dsl/dialup pool, then you should configure
your mail software to send outgoing mail through your ISP's dedicated
outgoing mail server. The server is usually named 'smtp.example.com' or
'mail.example.com'. The ISP's support line will be able to give you more
details. We have whitelisted the mail server of most major ISPs, so the mail
will get through if sent through these systems.

If you are the server admin, you can create a reverse DNS PTR record for the
IP address involved and map it back to the name given in the MX record. If
there are multiple MX entries, the rDNS PTR record will need to be done for
each. We can not assist with the creation of these records. Once created and
propagated you can submit a request again so we can review the IP in question
and determine if it is available for unblocking.

I don't have much experience with Exchange and I don't know how to configure
Exchange to send outgoing mail through my ISP's dedicated outgoing mail
server or how to set up the PTR record but I think that the PTR has to be set
by my ISP right? I have the MX pointing to my IP and I can send and receive
mail to almost everybody (just not to the people using these lists).
Could anyone guide me to the best solution, the PTR or use my ISPs dedicated
outgoing mail and how to do it?

Thank you very much for your help

--
Oswaldo Cortes

Frank McCallister SBS MVP

unread,
Feb 9, 2006, 10:56:16 AM2/9/06
to
Contact your ISP to setup a PTR record for you. If they won't then you will
have to use their smarthost to send or use a 3rd party smarthost like
dyndns.org mailhop outbound

--
Frank McCallister SBS MVP
COMPUMAC
"Oswaldo" <Osw...@discussions.microsoft.com> wrote in message
news:5E75D9A1-C6CC-4BC3...@microsoft.com...

Gregg Hill

unread,
Feb 9, 2006, 11:00:31 AM2/9/06
to
Oswaldo,

Since you did not provide the precise error you received, I am guessing that
the intended recipients' mail servers are using antivirus software or SMTP
connection filtering that uses RBL lookups to determine if your IP is a
spammer or not. If that is the case, and if you have a decent business
relationship with the people you are trying to reach, ask to have their
admin put you on their own whitelist.

That would be the quick fix so you can send mail to them while you dig into
why your IP is listed as a spam site.

I am on Road Runner Business Class cable modem and a dynamic IP address, but
they have an RDNS entry for me. A friend of mine just moved and changed
providers. He got a static IP address, but he had no RDNS, so he got listed.
He called his ISP and had to go through FOUR people before he found one who
even knew the meaning of RDNS. He finally got hem to give him the RDNS
listing and he is back in business.

Call your ISP. Having an RDNS entry should be automatic when they give out
static IP addresses.

Gregg Hill


"Oswaldo" <Osw...@discussions.microsoft.com> wrote in message
news:5E75D9A1-C6CC-4BC3...@microsoft.com...

Lanwench [MVP - Exchange]

unread,
Feb 9, 2006, 11:02:01 AM2/9/06
to

In news:5E75D9A1-C6CC-4BC3...@microsoft.com,
Oswaldo <Osw...@discussions.microsoft.com> typed:


What blacklist was this? There are a lot out there, and some are better than
others. Many are run by well-meaning but overzealous people. You might talk
to the recipient (on the phone) and see if you can get more info from their
admin.

First, I'd talk to your ISP to find out what *they* are doing about this -
it's their IP block, and they're probably running into this with others. See
whether there are any options - new public IP in a different subnet?

If you can't get help that way, find out your ISP's SMTP server name, and
whether it requires authentication ....then you can specify that for this
domain only, mail is to go out through that SMTP server (not directly from
your server). You can do that in the built in SMTP connector - just specify
recipientdomain.com instead of * .

1. In Exchange System manager - find the built-in SMTP connector properties
2. Select 'forward all messages to the following smart host '- put in your
ISP's smtp server there (e.g., smtp.myISP.com)
3. Under local bridgeheads, select your server.
4. In the Address Space tab, add recipientdomain.com, SMTP - remove the *
which is a wildcard. You can also add other domains you want to specify,
too.
5. If your ISP requires that you authenticate, I think you put the
credentials in the Advanced button.

NB: Do not select "Allow messages to be relayed to those domains" or you'll
open yourself up to relay spam.

CO-DBA-SC-EL

unread,
Feb 9, 2006, 12:27:18 PM2/9/06
to
Most responsible mail administrators know that most blacklists are polluted
with false positives. Some blacklists are so poorly managed by people with a
chip on their shoulder that you can never get off. The better blacklists
have prominent warnings that you should not rely on them blindly, but rather
use them in conjunction with a rating system like spamassassin to flag
suspect mail for further scrutiny.

Here are a few resources you might find useful:
- Blacklist test at www.dnsstuff.com
This will show you which list your address is on
- http://www.spamcop.net/bl.shtml
- http://www.spamhaus.org/
- http://www.us.sorbs.net/
For some information about blocking lists.

You should also have your cable ISP set up a reverse PTR that matches the
name of your sending domain, e.g. if your domain is mydomain.com you should
have a reverse PTR so that when people look up your IP address they will
find something that ends in mydomain.com, e.g. mailsend.mydomain.com

In addition, it does not hurt to create a SPF record that specifies that
your IP is authorized to send email for your domain. That record goes
wherever you DNS zone file is -- maybe your web hosting service. See
http://www.openspf.org/ for more detail.

Note that one of the easiest ways to get blacklisted by spamcop and some
others is to "blow back". Since spammers send a lot of mail to random
addresses at a domain, but with a forged return address, once the mail has
been processed and there is no recipient one is tempted to reply with a NDR
to the forged return address. If this happens during the original SMTP
transaction, there is no problem. But if this is done after the transaction
is completed, for example when processing mail downloaded via the POP3
Connector, this is called a blow back, because it generates a new email
message to the forged return address. To the hapless owner of the forged
return address this is spam, and this gets reported as spam. So you want to
be sure to configure your system so that this does not happen.

Finally, if you can identify which blacklist was used to reject your email,
and this is a know invalid black list, you might contact your correspondent
and ask them to contact their IT department to signal that they are using an
invalid black list and to please update their spam filtering approach.
Sometimes it is simply lack of information on the part of the
administrator--Exchange makes it as easy to subscribe to an invalid
blacklist as to a valid blacklist. Again, most blacklist administrators
recommend that you do NOT use their blacklist as the sole filter to reject
mail.

C_O


In news:5E75D9A1-C6CC-4BC3...@microsoft.com,
Oswaldo <Osw...@discussions.microsoft.com> typed:
>> Hi,
>> I have SBS 2003 hosting our website and email using Exchange, I have
>> a DSL line with a static IP address that my ISP provided and
>> everything was working fine until I started getting rejected emails
>> because our IP address is listed as spam or as a dynamic address. I
>> contact one of these lists asking them to remove us and they told me
>> this:

(snip)

Oswaldo

unread,
Feb 9, 2006, 4:03:27 PM2/9/06
to
Hi everybody,
Thanks a lot for your help, especially to Lanwench. I followed your
instructions and now I can send emails to the people that were rejecting them
before. Besides I asked my ISP to create the PTR record for the reverse
lookup and they told me that they will do it today.
The lists that were rejecting my emails are SORBS, njabl.org and
GoDaddy.com. I don't know if they are reliable or not.
Again thanks a lot for all your help.

--
Oswaldo Cortes

Reply all
Reply to author
Forward
0 new messages