-1

I have had my dedicated server for 2 months or so, having transferred from a different, very expensive, old and slow dedicated server, for all those reasons. Initially it got onto 1 or 2 blacklists which I hastily got them off (I now have a monitor on this with mxtoolbox.com) and my new IP address now has a good reputation on every checker I can find and a score of 97 on SenderScore. I have set up my clients domains with the appropriate rDNS, DKIM and DMARC DNS records and as a result they score either a 9/10 or 10/10 rating on mail-tester.com but I have daily reports from my clients of experiencing bounce backs from people they have been sending emails to successfully for years! These seem to mostly be returned with the following error:

550 rejected is temporarily blocked

or

550 5.7.1 : Recipient address rejected

My server is a Linux server running Plesk Onyx. It runs Postfix as it's mail server and Dovecot as the POP3/IMAP server. It allows relaying but only with SMTP authorisation (I have to allow this as one of my largest clients uses Shopify and requires relaying to be allowed). I'm not an expert in this particular field (I'm a developer and app programmer) but I have SpamAssasin working on all accounts with a low threshold of 4 as people have been receiving a lot of spam in the past and I wanted to sort it with this new server. I also have other things in place to protect from incoming spam, but it's this outgoing bouncing that's really bothering me... what more can I do when everything I check tells me I have a decent server setup and reputation?! Expert help needed!!

I should add that none of my customers have sites that allowing spam to be sent through them and none are sending abusive mass emails.

Helen Danger Burns
  • 101
  • 1
  • Bounces from temporary blocks could be from greylisting where your ``smtp`` server gives up too quickly. Otherwise it could be that not your IP address that is blacklisted but a much larger range belonging to your isp – HBruijn Oct 03 '17 at 21:17
  • @HBruijn how would I fix this? – Helen Danger Burns Oct 03 '17 at 21:18
  • That depends on your ``smtp`` server (postfix exim, sendmail , they all have different settings) – HBruijn Oct 03 '17 at 21:19
  • Argh, almost out of my depth already! My server is using postfix. – Helen Danger Burns Oct 03 '17 at 21:21
  • You didn't provide enough information about the error to help. The basic error is posted, but almost always there are more important details in the bounce. If you're not prepared to at least divulge the sending domain and recipient domain as well as the IP addresses involved, and the full text of the error we can't tell you why it's being blocked. – Appleoddity Oct 03 '17 at 23:07

1 Answers1

0

If you don't provide your mail server name(s), you won't get much in the way of expert help.

Temporary blocks are common for your first email to a recipient from a server. Barring rules that bypass greylisting for your server, servers using greylisting will temporarily reject your messages. However, this should be with 450 (temporary) rejection rather than a 550 (permanent) rejection. If you are too agressive at retrying, you may trigger the receiving server to locally blacklist your server.

It is possible that you managed to get onto local blacklists when you were first setting your server up. This may be from greylisting as noted ablove, or another mechanism. My server includes some automatic blacklisting of poorly configured servers. These kinds of blacklisting are typically temporary, although often for a period of months.

The "550 recipient address rejected" typically means the recipient is no longer at the address. (Mailing lists often don't get cleaned, so they can generate a lot of these messages.)

As you have setup DMARC, your reporting address should be giving you some indication of why major mailer hosts are rejecting your mail. If you have not setup reporting, do so. Smaller mail servers likely don't support DMARC, so they will not report.

You should be able to use your logs to gather enough data to attempt a reasonable replay of rejected messages using telnet. This may provide more details on why the mail was rejected. You can also use this data to contact the postmaster on the receiving server to see if they can provide assistance.

BillThor
  • 27,354
  • 3
  • 35
  • 69
  • I didn't post details as I wasn't sure if any of this kind of info would expose me to risk. To be honest, as is probably obvious, I'm way out of my league here and really just want to hire a proper expert to log into everything and sort it all out and bomb proof it. I've just installed pflogsumm and run it on my last mail log which covers yesterday and today and its showing a load of stuff being sent from domains I've never seen and certainly don't host which is scary. I don't know what I'm doing... where can I hire someone to do this?! – Helen Danger Burns Oct 04 '17 at 16:11
  • It seems you are running an open relay or your client using Shopify is seriously misconfigured. Exposing it will definitely expose.you to further abuse if you are running an open relay. Revalidate your relay configuration. Consider going to queue only for a while so you can examine the mail being relayed. – BillThor Oct 05 '17 at 03:31
  • The server is set to allow relay but only with authorisation... is this not safe at all? – Helen Danger Burns Oct 05 '17 at 10:50
  • It isn't safe if a password got lost or cracked. Some programmers use the recipient as the sender, which is incorrrect. The log should show that the connection is authenticate during relaying. It should also show the source of the message. Try running spam filtering on all mail (incoming and outgoing). Check the articles under https://serverfault.com/search?q=canonical+email – BillThor Oct 06 '17 at 01:18