Spam detected by content scanner

-1

I was writing to a friend of mine, back and forth, and suddenly I am getting the following message back:

<email@example.com>: host mx1.example.com[123.123.123.123] said: 554 5.7.1 Spam
    detected by content scanner.  Message rejected.  (in reply to end of DATA
    command)

This is strange, because I am not even using words or phrases that are "SPAMMY."

I tried to re-send the message with a slight change in the content, but I get the same reply.

Could it be that this has not something to do with the content but with something else, such as my server reputation?

As a note, I am using a local mail server here, not GMAIL or something.

koljanep

Posted 2014-10-22T13:21:57.620

Reputation: 167

@Ƭᴇcʜιᴇ007 Not at all. Did you even read my question? – koljanep – 2014-10-22T13:54:14.310

1Did you read what I suggested was a possible dupe? You've confirmed you're not on a blacklist? You've used MXtoolbox to do other checks to try and trace your problem, as suggested in the answer? If so, please edit your question to share that info/results. If you're not in charge of your mentioned local mail server, then have you spoken to those who are, for some suggestions yet? Right now your question is far from concise and will just invite guesses as to why this one server thinks you're sending spam. – Ƭᴇcʜιᴇ007 – 2014-10-22T13:59:49.723

1Sending a lot of messages to the same email address is a common thing flagged as spam. – fixer1234 – 2014-10-22T14:38:01.863

@Ƭᴇcʜιᴇ007: The link is a closed dupe - that does no good. Either we close this as OT or try to solve the problem. – studiohack – 2014-10-22T21:18:32.153

Answers

You say this:

This is strange, because I am not even using words or phrases that are "SPAMMY."

Well, maybe not to your knowledge. Did you check your whole e-mail reply chain? Could be a false positive. You also say this:

I am using a local mail server here, not GMAIL or something.

That’s most likely the issue. Meaning, SPAM reputation is not a hard & fast rule as much as it is a set of criteria you get scored on. So perhaps you could send a few e-mails from your machine locally for a while. But then one day you are e-mailing each other every other minute. Your score on the receiving end is lowered due to multiple messages from an IP address server & there you go! Blacklisted.

To check if you are indeed blacklisted, you can use a tool like this. Just enter your IP address or hostname to see what various SPAM checking services think about that record.

The two things one typically does on real-world production servers is:

PTR/Reverse DNS: Set a PTR (reverse DNS) record for the public IP address that is sending the mail. The way it works is let’s say your hostname is my_hostname, then the PTR record from your ISP should be my_hostname as well. This direct matching of the sending hostname to the PTR record is one of the first things SPAM system check for. No matching or valid PTR? You score lower. If you only have a bare IP address instead of a hostname in the PTR? You score lower.
SPF Record: Similarly, if your IP address is externally reachable, then the DNS record for the domain should have an SPF (Sender Policy Framework) set. The way SPF works is if you are claiming to send e-mail for my_hostname, then the mail server on the other end will do an SPF lookup to check, “Hey! This is from an IP address. Let me check the SPF record for that host to see if they would allow that!” And if the IP address is in the SPF, you are good to go.

But if this is basically just something like postfix running on a Linux box inside your home which is connected to the internet via some sundry ISP connection, those two items would not help.

You are pretty much going to get tagged as SPAM since the ease at which anyone can just run an e-mail server from any machine makes them perfect SPAM factories. Thus why a floating IP address randomly assigned from an ISP pool will always score high on a potential SPAM list.

JakeGould

Posted 2014-10-22T13:21:57.620

Reputation: 38 217

1I checked, but I am not blacklisted. I use this server to send mailings regularly, but never had much problem with SPAM. What confuses me is the part where they refer to the message content but without saying what exactly or providing some help on this. It even says to contact postmaster, but when I wrote them I got a bounced message as well saying "invalid recipient". – koljanep – 2014-10-22T13:55:18.653

@koljanep Well, I just edited my answer. I would recommend checking your mail chain to see what it has. There might be some chain of issues—links or words—that would cause an issue. – JakeGould – 2014-10-22T13:58:11.767

It is may happens because your ip address listened in spam lists. I had that problem with my ip address. In my case problem been in infected machine which sends a spam messages from my public IP. You can check your address in spam bases. Sample

Or, in another way, if you have an attachment, you can try archive it with password and resend the message.

Corvus Frugilegus

Posted 2014-10-22T13:21:57.620

Reputation: 11