Classed as Spam by Large-Scale Free Email Servers? 86
bartle asks: "I run my own personal domain that serves all of my email needs of myself and a few friends. In general this has worked out pretty well but there's a fairly significant limitation: if I send an email to a Hotmail or Yahoo account that I've never contacted before it tends to get filed as spam. This means that if I'm writing someone out of the blue I need to send an email from a free service which kind of defeats the purpose of running ones own email server. My domain has a SPF record, the IP resolves, and it doesn't appear to be on any blacklists. I can not find any documentation on what hoops I need to jump through before Hotmail and Yahoo will consider my mail legitimate. I understand that there's a general paranoia about publishing information that could assist spammers but this attitude seems to be leaving do-it-yourselfers out in the cold. Does anybody have any ideas? Are there guidelines or protocols I can follow to make my email non-spam?"
I've run 2 ISP's, starting my third... (Score:4, Informative)
Most major mail provider bl dynamic IP's. The way around this is to smarthost against a known, static-IP mail server. In short, smarthost outbound mail. Inbound mail is fine, and you'll be all fixed up.
Not flaming you, but any good smtp faq or mailing list would have told you this, and Sendmail's FAQ answered it for me 3 years ago.
Just wondering how we get to an ask slashdot from a simple mail administration question. Google really *would* have answered this.
I know, I know, I'm new here. Next meme.
Re:I've run 2 ISP's, starting my third... (Score:5, Insightful)
My email address is listed in the post. I would think that anyone who would bother to reply might also be bothered to do a little probing of their own to see if their reply has merit.
Re:I've run 2 ISP's, starting my third... (Score:5, Informative)
chrisbartle.com has address 216.17.137.189
$ host 216.17.137.189
189.137.17.216.in-addr.arpa domain name pointer bartle189.dsl.frii.net.
It may not be a static IP, but it's obviously an end-user address, and free services aren't too picky about who they block. I bet anything that has
Re:I've run 2 ISP's, starting my third... (Score:2)
Re:I've run 2 ISP's, starting my third... (Score:2)
Re:I've run 2 ISP's, starting my third... (Score:2)
1) his DNS says that the MX is chrisbartle.com
2) his MX has A which is 216.17.137.189
3) 216.17.137.189 resolves reverseley to bartle189.dsl.frii.net
4) bartle189.dsl.frii.net resolves forward to 216.17.137.189
this is exactly how it should be, according to the book
Now the only thing we don't know is how his mailserver is setup, and whether he passes the right HELO/EH
Re:I've run 2 ISP's, starting my third... (Score:2)
Whoa. How did we get into a discussion of 'right' vs. 'wrong'. I was merely describing how a RBL might -not- be the case here.
Also, after later reflection, how would we know it's not a private label RBL like spamikaze, etc...
> this is exactly how it should be, according to the book
What book would that be exactly?
The point is that his IP reflects a regexp
Re:I've run 2 ISP's, starting my third... (Score:1)
I'm guessing that you don't administer a mail server! I do.
There's nothing "wrong with that" in the sense of RFCs, but there's everything "wrong with that" as far as a mail server is concerned. That "dsl" is enough to get most anti-Spam software rejecting the mail. There are no "rights" and "wrongs" when it comes to blocking Spam - it's just a matter of experience. And anyone with any degree of experience will know that a lot of Spam comes from "dsl" addresses; so they block
Re:I've run 2 ISP's, starting my third... (Score:2)
Wrong.
Re:I've run 2 ISP's, starting my third... (Score:1)
If you can manage a mail server that receives over 20,000 messages per day, pass through all items that satisfy the RFC requirements, and still achieve a Spam content of under 1% then I take my hat off to you.
I just can't do that with my mail servers. If I accepted all RFC-compliant mail then I'd be delivering over 10,000 items of Spam per day to my users. And that means that I'd be failing in my job. Just because mail is RFC-compliant doesn't mean it's not Spam!
Re:I've run 2 ISP's, starting my third... (Score:2)
Re:I've run 2 ISP's, starting my third... (Score:2)
His e-mail going out says its from christbartle.com, but the e-mail servers upstream are trying to prevent spam, and are doing a reverse DNS lookup which returns bartle189.dsl.frii.net which does not match chrisbartle.com .
They think you are a spammer.
Your ISP is not managing DNS properly for your domain.
Talk to your ISP. Good Luck.
to clarify (Score:3, Informative)
The HELO name usually defaults to the hostname.
This implies if the guy can get his box to HELO with what the IP resolves to he will be OK.
I'm just clarifying what I think you are saying to make the next step obvious.
Sam
Re:to clarify (Score:2)
$ dig frii.net
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
frii.net. 86400 IN A 216.17.184.30
frii.net. 86400 IN NS ns1.frii.net.
frii.net. 86400 IN NS ns2.frii.net.
ns1.frii.net. 164278 IN A 216.17.128.1
ns2.frii.net. 164278 IN A 216.17.128.2
Not good. Both of their na
Re:to clarify (Score:2)
Why not? The only people who will see it are ones that look at the headers - and even then, they won't care.
Seriously, why would he not want to set his HELO to match his PTR record?
Re:I've run 2 ISP's, starting my third... (Score:2)
Reality is that if you HELO with a valid resolvable domain name, it's pretty irrelevant in real life what your RDNS is (as log as the RDNS
Re:I've run 2 ISP's, starting my third... (Score:3, Interesting)
I believe that in those cases the reverse lookup of the IP address would either not resolve or would resovle to a generic name on your ISPs block, as opposed to resolving to your mail servers actual hostname (the host name identified in the messages headers. My understanding is that this is typically done as part of the HELO check).
In my experience having an IP address reverse resolve is one of
Re:I've run 2 ISP's, starting my third... (Score:2)
I use to work with Earthlink and even though people would purchase a "static" address, it was still technically not a true static address. If you're purchasing the address from an ISP, thats why you're having problems. If you read the contract, they can technically change the address anytime they wish. Earthlink would usually rotate about every 4-6 months.
Re:I've run 2 ISP's, starting my third... (Score:2)
That's not what you think it is. (Score:4, Informative)
chrisbartle.com resolves to 216.17.137.189
but
216.17.137.189 resolves to bartle189.dsl.frii.net
So it doesn't resolve correctly. You might think you have a "static" IP address, but it appears the same as any other, dynamic, home DSL address.
Unless you can get frii.net to change their DNS entry for you, you'll continue to have your mail rejected.
Re:I've run 2 ISP's, starting my third... (Score:5, Insightful)
Google really *would* have answered this.
Certainly. But the point of Ask Slashdot is that now others can read the answers too and learn something new, even if they were not searching for an answer to that particular problem at the time.
These "Just Google it" replies really miss the point, IMHO.
JP
Re:I've run 2 ISP's, starting my third... (Score:2, Insightful)
Exactly, great response. I was thinking of taking my systems which are currently hosted at a colo several miles away and putting them in my office here, which is hosted off of cable (was thinking of moving to DSL possibly) and now I know that if I do move my systems, I may begin to encounter problems sending to fre
Re:I've run 2 ISP's, starting my third... (Score:1)
Speaking of missing the point - you failed to note that the parent also provided a thoughtful solution (i.e. hand the mail off to your ISP's SMTP server and stop trying to deliver it directly).
ISPs that rewrite From: (Score:2)
you failed to note that the parent also provided a thoughtful solution (i.e. hand the mail off to your ISP's SMTP server and stop trying to deliver it directly).
Problem is that some ISPs rewrite the From: header to match the username provided in the SMTP authentication sequence. For instance, Dan is the owner of example.com or an employee thereof. Dan is supposed to send e-mail as From: dan@example.com, but when he does so through his ISP's mail server, the server rewrites it to From: dan16623@isp.net /
That is not Internet mail (Score:1)
An ISP that does this is not a provider of internet mail. So anyone that wants to use internet mail should not subscribe to such ISP. If your contract specifies that email service is included you should ask for the money back. Internet mail has quite precise definitions in RFC 2821 and RFC 2822, and rewriting the "From" header is not part of this. It actually contradicts RFC2822 that says the "From:" identifies the author (and not the link from the author's PC
Monopoly or duopoly (Score:1)
So anyone that wants to use internet mail should not subscribe to such ISP.
In other words, in some geographic areas, "anyone that wants to use internet mail should not subscribe to" high-speed Internet access at all because the only broadband provider (the cable company, or the DSL company that does all it can to interfere with Speakeasy's attempts to provide service) does not provide conforming internet mail service to residential customers. How much does SMTP AUTH + TLS smarthosting cost per month?
Re:Monopoly or duopoly (Score:1)
> does not provide conforming internet mail service to residential customers.
I wouldn't like to live in that area...
It's a monoply. Monopolies should be regulated. A minimum requirement from a monopolistic Internet service provider should be to provide standard compliant access. There are ways to find the spammers in your network without denying service from customers (like reading spam complaints sent to your abuse team. Like not refus
Re:I've run 2 ISP's, starting my third... (Score:2)
1) Dont trust the reliabilty of their ISP's SMTP services
2) Would perfer to communicate directly with external SMTP servers
3) Dont have other broadband options/providers
4) On a static IP which is listed in a large DUL block
5) Are on a tight budget
Your ISP's ip-range is listed (Score:3, Interesting)
Re:Your ISP's ip-range is listed (Score:2)
There is really no good reason to run a mail server on your own machine, and most spam is sent out from dynamic IPs using either hijacked machines or by spammers that subscribe to the service. You are lucky your e-mail provider doesn't block port 25, anyway.
Re:Your ISP's ip-range is listed (Score:4, Insightful)
a smarthost really is the most practical solution to this for now, until the climate of the internet changes (never?)
Re:Your ISP's ip-range is listed (Score:1)
Re:Your ISP's ip-range is listed (Score:2)
I get a lot of mail from Asia (from friends, not spammers). My ISP doesn't handle 8-bit mail correctly: the characters are not just mangled, they are completely removed, leaving a blank message.
So I can't use my ISP for sending or receiving mail. So I run my own mail server.
send invites (Score:2)
Re:send invites (Score:2, Funny)
dsphitz@gmail.com [mailto]
Re:send invites (Score:2)
Here is what to do.. (Score:1)
rDNS (Score:1)
PTR DNS record (Score:5, Informative)
Try setting up your ISP's SMTP server as your outgoing mail relay. In other words, when you send mail to your SMTP server, instead of looking up the remote host, doing an MX record lookup, etc., just send to your ISP's SMTP server. They should be configured to accept anything from your IP (you are their customer after all), and it only requires one extra hop for your email on the way out the door.
Instead of:
Email client -> Your SMTP -> MX record lookup -> Destination
it becomes
Email client -> Your SMTP -> ISP SMTP -> MX record lookup -> Destination
After doing this, from your point of view, nothing will have changed, and you can learn to sysadmin on a small scale to your heart's content.
A lot easier than getting an ISP to change the PTR record to your hostname.
Re:PTR DNS record (Score:1)
My provider is Speakeasy. They have always been very quick at setting up PTR records for me. Unfortunately, they do not have a web front end for doing this, so I have to create a trouble ticket with the request rather than just do it myself. Nevertheless, they respond very quickly.
I run my own mail server as well and do not have troubles with being tagged as spam.
Speakeasy rocks.
Re:PTR DNS record (Score:2)
Bought a new house, and cant use them anymore.
Am stuck on telco's dsl.
But yeah, Speakeasy was a great company.
Re:PTR DNS record (Score:2)
Of course, none of this should be needed but spammers have really ruined things for us.
Re:PTR DNS record (Score:3, Informative)
That's certianly worth a try but some ISPs have their smtp servers set up to only relay mail with From headers that match one of their own domains so they might reject him anyway.
Re:PTR DNS record (Score:2)
Re:PTR DNS record (Score:2)
Which he could do, but again, it defeats the purpose of owning a domain and running a webserver.
Just an idea... (Score:2, Funny)
Comment removed (Score:5, Insightful)
Re:Duh, yourself. (Score:1)
If your PC+broadband connection is more reliable than your ISP's mail servers, then you should not use this ISP. Why would their connectivity be any better than their mail server? The ISP's mail server shold be running all the time, and should be backed up. If your ISP cannot provide SMTP email 24h a day it is a good indication that you cannot trust their reliability on anything.
Re: (Score:2)
It may be the content of your message (Score:3, Interesting)
When I was tuning spamassassin on a daily basis, I got lots of surpizes related to what triggered the filters at first.
Many people put little ads in their sigs for example
We had a person who put their address in the sig. the problem was that they lived on 888 48th street (or similar address.) this looked like an 800 number to spamassassin.
If you really want to see a dumb message, have someone send you a cell phone picture mail. The did not get through our filters at all. When I white listed it, it had so much advertising for the company it addition to the bit map it was shocking.
Please post a copy of your standard email so we can see it. (#### out the to address of course)
Good luck
I've had success with... (Score:3, Insightful)
Some time ago, I found that my company's mail was rejected by a large provider. Similar to your issue, our mails were also being rejected without any notice. I had good luck with calling the ISP. Once I got the right person on the line, we were able to diagnose the problem with ease. In my case, it was an incorrect reverse DNS lookup record that I had overlooked, which it was easily resolved. Your domain appears to have the same problem.
You may want to see if your ISP will update your reverse lookup record to match your DNS info (unlikely if your DSL is residential). If they won't do this for you, consider upgrading to a business class service that allows you to run a mail server and gives you some control over your DNS record(s). If this turns out not to be the issue, your best bet is to contact the recipient's service provider(s). Once you get the right person on the line, you may be pleasantly surprised.
Mod parent up! (Score:2)
DUH! That's what most of the spam zombies do.
If you don't want to be rejected because you look like them, then you must change how you look.
Either get a business account or see if you can convince your ISP to change the reverse DNS lookup on your IP address (lots of luck on that).
Remember, it is all about how you APPEAR to the receiving machine.
If you APPEAR to be a legitimate server with the correct DNS entries, HELO, etc,
Re:The problem is hotmail & yahoo... (Score:1)
A mystery (Score:2)
I used to work the help desk at a hosting company, and the most frustrating part of my job was helping people whose email was being unfairly classified as spam. I was supposed to hand off those cases to the abuse desk, but that department seemed better at antagonizing people than resolving the issue. So a couple times I tried to sort out the issue on my own. (Which probably helped
Hotmail's reply (Score:1)
There might be very good reasons to run your own mail server on your own PC, but I don't see any advantage on using this approach for direct delivery of outgoing email. Relaying through your ISP's mail server would almost certainly
Personal Servers (Score:2)
I'm sure you're right. And you've also described the likely reason Chris is getting filtered: Yahoo and Hotmail just assume any home user with their own server is a spammer. (Stupid of me to not think of it.) Can't hurt to ask, but that's probably the answer.
Re:Personal Servers (Score:1)
Not exactly. What they assume is that email coming directly from a home user's IP number is spam, and this assumption is 99.9% correct (probably even closer to 100%). Most spam nowadays come from "Zombie PCs" and this means that almost all email being sent directly from home users PCs is spam. Avoiding this email means avoiding most spam. And also avoiding some legetimate, but not much legitimate mail from the point of view
Simple answer: (Score:2)
Maybe that's [google.ca] your problem?
the IP resolves, and it doesn't appear to be on any blacklists
I have my own domain, and never have an issue - the only difference between me and you is that I don't use SPF.
Try getting rid of your SPF record and see if that helps.
Happens to me too (Score:2)
The best way to solve the problem is for end users to not rely on unreliable email providers. One false positive when spam blocking is one too many especially if they don't bounce.
Overly permissive SPF record? (Score:1)
You have "-mx all", I think what you want is a "-a a:chrisbartle.com" and then make sure that all of your mail goes outbound through 216.17.137.189.
Overly permissive SPF record? NO SUCH THING! (Score:1)
SPF specifically says that the result of the SPF test is "pass" in this case. The same for SenderID when comparing to the "purported whatever(TM)". The problem with SPF is that people want to use the record but not follow the standard. Instead of checking if the email comes from an IP address authorised by the domain owner, people want to limit what domain owners can authorise.
This is a very bad side effect of SPF, and eventually
Re: (Score:2)
Followup (Score:2)
Original submitter here with a general followup response for anyone who cares or perhaps reads this later in the archives.
It looks like their are two general suggestions: route all outgoing mail through my ISP's mailserver and change my DNS records to something more reputable.
I really don't want to follow the first suggestion for a variety of reasons - it mucks up my SPF record, I can't diagnose email problems, and I can't send stupidly large emails. I suppose if all else fails I might try it; if it does
Re:Followup (Score:3, Informative)
The problem is that it's not actually stupid - because it's something that is a very strong predictor for zombie machines, and it's something that the "owners" o
Re:Followup (Score:1)
The problem is that it's not actually stupid - because it's something that is a very strong predictor for zombie machines, and it's something that the "owners" of the zombies can't change, while legitimate operators frequently can.
It just seems unreliable to assume that a home connection will have the terms "dsl" or "dialup" in the DNS name. But I suppose most indicators of spam are naturally unreliable. I've been meaning to change the reverse lookups for my IPs to something less lame for years now; thi
Re:Followup (Score:2)
Oh, it is rather unreliable, which is why there are things like The SORBS dynamic IP RBL [sorbs.net] to consolidate that sort of information.
Re:Followup (Score:2)
Re:Followup (Score:2)
Probably not a reverse DNS problem (Score:2)
Neither one has a reverse DNS that matches forward DNS. They never have any trouble sending mail to Yahoo, Hotmail or AOL.
FYI they do not have SPF records, so that is another datapoint, but I wouldn't draw any conclusions from that.
MANY companies have non-matching forward and reverse DNS, so it would be stupid to block on that criteria. Maybe some diehard slashdot anti-sp
Re:Followup (Score:2)
1) 220 gawaine.chrisbartle.com ESMTP Sendmail 8.13.1/8.11.6; Sat, 30 Jul 2005 22:04:46 -0600 (MDT)
2) 189.137.17.216.in-addr.arpa name = ns.chrisbartle.com.
3) mail.chrisbartle.com. 3600 IN CNAME chrisbartle.com.
Chris, sure would help if you picked a common server name. Some mail servers actually try to check your HELO and your reverse to see if you match up who you claim to be.
Also, have you considered "v=spf1 a mx ~all" ?
Final Followup (Score:2)
In case anyone is interested in what I tried...
I changed out my IP names so they now resolve to something sensible. My email was still seen by Hotmail as spam and on a lark I tried something different: I sent an email from Pine instead of Outlook Express and it went through.
I've tried this a second time. I sent an identical piece of mail from Outlook Express and from Pine, same server, same everything else, and the email from Pine makes it through while the one from Outlook Express is marked as spam. P
How to report a Yahoo bug to Yahoo (Score:1, Informative)
to Yahoo.
http://docs.yahoo.com/info/support/contacts/bugs.
Nope. (Score:2)
Now you can reduce the number of sites that are able to tell you are connecting via DSL,
(Many for example only check your rDNS so if you can get that set to your domain then they'll accept your email) but there will always be some that use block lists that include your IP.
To get around this, you really need to send email through a relay.
I don't know of any free rel
Reverse (Score:2)
Re:Reverse (Score:2)
If they won't, change over to one that will.
Moving house to a geographic area serviced by Speakeasy would likely be much more expensive than renting a smarthost.
another hurdle (Score:4, Informative)
Chris, I'm assuming you want to send out only from mail.~, since you have no PTR in the SPF, right? Still might be useful to add "A" to the SPF, since mail.~ is a CNAME. Or maybe not.
And if it helps any, you seem to be clear off all the RBLs I was able to check.
Its really easy... (Score:1)
Content (Score:2)