Operating System - HP-UX
1839214 Members
4101 Online
110137 Solutions
New Discussion

Re: Sending address not accepted due to spam filter

 
SOLVED
Go to solution
zxcv
Super Advisor

Sending address not accepted due to spam filter

Hi ,

 

Our ip is getting listed in cbl repeatedly ,

 

we have a unix box which is configured with sendmail.cf  with entry like ;

DSsmtp.cedge.in

Djvinayak.cedge.in

 

sendmail -v tejas.chaudhari@cedge.in.

hii test form 101

tejas.chaudhari@cedge.in.... Connecting to smtp.cedge.in via relay...

220 tmsm60.tracom.net

>>> EHLO vinayak.cedge.in

250-tmsm60.tracom.net Hello [203.124.23.222]

250-SIZE 20971520

250-AUTH LOGIN CRAM-MD5

250 OK

>>> MAIL From:<fnsonlap@vinayak.cedge.in> SIZE=18 AUTH=fnsonlap@vinayak.cedge.in

554 Sending address not accepted due to spam filter

/home/fnsonlap/dead.letter... Saved message in /home/fnsonlap/dead.letter

Closing connection to smtp.cedge.in

>>> QUIT

221 Service closing transmission channel

 

Cedge.in is a registered internet domain , and m not able to figure out the exact problem.

 

8 REPLIES 8
VK2COT
Honored Contributor

Re: Sending address not accepted due to spam filter

Hello,

 

Firstly, check the contents of dead.letter file. It should give you clues.

 

Secondly, check if the address of your SMTP gateway (the one you initiate

sending email from) is listed in any public RealTinme Blackhole Listing. One example:

 

http://www.emailtalk.org/RBL.aspx

 

Thirdly, check your relaying server smtp.cedge.in if it has its own access list and

other anti-spam features...

 

Cheers,

 

VK2COT

 

VK2COT - Dusan Baljevic
zxcv
Super Advisor

Re: Sending address not accepted due to spam filter

Hi VK2COT ,

I have made the changes in sendmail.cf

have put my public ip address in Dj macro.

Hope now evrything would be fine.

 

As you rightly pointed out our ip was blacklisted in rbl , but now all is fine.

Hope the above entry is right ?

VK2COT
Honored Contributor

Re: Sending address not accepted due to spam filter

Hello,

 

Yes, that solution can work :)

 

One has to be very careful to avoid being put in RBLs.

 

I used to own and manage an Australian-based ISP (all Linux based,

Slackware distrubution) for 10 years, so DNS, security, email

services, web servers... were my daily task.

 

On average, at a good company, more than 80% of the incoming

email is rejected due to unsolicited traffic or attempt to attack...

 

Good luck in the future :)

 

VK2COT - Dusan Baljevic
zxcv
Super Advisor

Re: Sending address not accepted due to spam filter

Hi VK2COT ,

 

Even after implementing the above solution still my ip gets blacklisted ,also i have put the same mail id in trusted sender's list.

 

No what do i do ??

root #/etc/mail >sendmail -v tejas.chaudhari@cedge.in.
test
tejas.chaudhari@cedge.in.... Connecting to smtp.cedge.in via relay...
220 tmsm60.tracom.net
>>> EHLO [203.124.23.222]
250-tmsm60.tracom.net Hello [203.124.23.222]
250-SIZE 20971520
250-AUTH LOGIN CRAM-MD5
250 OK
>>> MAIL From:<root@[203.124.23.222]> SIZE=5 AUTH=root@[203.124.23.222]
554 Sending address not accepted due to spam filter
warning: /etc/mail/aliases has world read or write permission. This is unsafe.
warning: /etc/mail/aliases.db has world read or write permission. This is unsafe.
/dead.letter... Saved message in /dead.letter
Closing connection to smtp.cedge.in
>>> QUIT
221 Service closing transmission channel

 

root #/etc/mail >grep DM /etc/mail/sendmail.cf
#####           SENDMAIL CONFIGURATION FILE
#  Masquerade as (DM):                                                         #
#      If the macro M is set using DM  then addresses listed with the local    #
#DMcedge2.cedgedns.in
Mx400, P=/opt/x400/lbin/x4mailer, F=CDMFmn, S=14, R=24, A=x4mailer -f $g $u

============================================================

 

 

root #/etc/mail >grep DS /etc/mail/sendmail.cf
# Relay all non-local mail to the "Smart" relay host (DS) via smtp:            #
#      to a smart relay via SMTP just set macro S (DS) to the name of the      #
# Relay all non-local mail to the "Smart" relay host (DS) via UUCP:            #
#      make two chnages to this file. First, set macro S (DS) to the name      #
#DScedge2.cedgedns.in
#DS[10.1.4.19]
DSsmtp.cedge.in
#DS[64.233.167.114]
# noreceipts    Don't return success DSN's
# Return-Receipt-To: header implies DSN request if this option is set
# DHParameters (only required if DSA/DH is used)

===========================================================

 

root #/etc/mail >grep Dj /etc/mail/sendmail.cf
#  My official domain name or Fully Qualified Domain Name - FQDN (Dj):         #
#      then you need to uncomment the Dj macro and add your domain.            #
#      #Dj$w.Foo.COM                                                           #
#      Dj$w.hp.com                                                             #
#Dj$w.Foo.COM
Dj[203.124.23.222]
===================================================

 

 

root #/etc/mail >cat sendmail.cw
##
# sendmail.cw - List all the possible names that this
#               host might by known as, to allow sendmail
#               to determine mail that is destined to be
#               delivered to this machine (ie, it's intended
#               for the local mailer).
#
#               For example, for system hostname.foo.com, this
#               file should have:
#
#               hostname
#               hostname.foo
#               hostname.foo.com
#
#               If this system acts as a server for diskless
#               clients, list each diskless client here also.
#
#               disklessclient1
#               disklessclient1.foo
#               disklessclient1.foo.com
#               disklessclient2
#               disklessclient2.foo
#               disklessclient2.foo.com
##
#cedge2.cedgedns.in


zxcv
Super Advisor

Re: Sending address not accepted due to spam filter

Hi ,

 

Afetr sending a mail to  'helocheck@cbl.abuseat.org'

 

 

Failed Recipient: helocheck@cbl.abuseat.org
Reason: Remote host said: 550 HELO for IP 64.37.118.141 was "tmsm60.tracom.net"

 

What could be the problem ; i have in my /etc/hosts entry has ;

 

64.37.118.141  smtp.cedge.in

 

Matti_Kurkela
Honored Contributor
Solution

Re: Sending address not accepted due to spam filter

> Dj[203.124.23.222]

 

The Dj macro should be set to the Fully Qualified Domain Name - not an IP address.

To successfully send mail to the Internet, you must either:

  • have a valid fully qualified domain name, so that both forward & reverse DNS lookups agree on it, or
  • be listed as an authorized sender at some mail server that satisfies the first condition, and send through it.

>Reason: Remote host said: 550 HELO for IP 64.37.118.141 was "tmsm60.tracom.net"

>What could be the problem ; i have in my /etc/hosts entry has ;

> 64.37.118.141  smtp.cedge.in

 

Only your local host sees your /etc/hosts file. The rest of the world will use DNS. The name claimed by your host (within the SMTP protocol) will be checked against the information in the DNS.

 

The problem may be in the DNS registration of the smtp.cedge.in.

 

Note: for the following tests, I used Linux nslookup, which is known to use DNS only.

If you do similar tests on HP-UX nslookup, it may use /etc/hosts in preference to DNS, and give you results that do not describe the real situation in the DNS. In that case, you must explicitly tell HP-UX nslookup to ask the DNS server (see "man nslookup").

 

If I run "nslookup 203.124.23.222" here, I get the hostname "smtp.cedge.in".

But when I run "nslookup smtp.cedge.in", I get IP address "64.37.118.141".

This is inconsistent, and is likely to trigger spam filters. Because of this, 64.37.118.141 may reject your email unless it's been explicitly configured to allow it.

 

When I run "nslookup 64.37.118.141" here, I get the result "tmsm60.tracom.net".

If I run "nslookup tmsm60.tracom.net", I also get IP address "64.37.118.141".

This looks right... but let's make a few more checks first.


With the "dig" command, I can check some other DNS records relevant to email delivery:

 

$ dig +short cedge.in MX
10 mail.cedge.in.

$ dig +short cedge.in TXT
"v=spf1 ip4:64.37.118.141/32 mx ptr ~all"

 

The first query indicates the cedge.in domain has a MX record. It indicates that all mail addressed like <something>@cedge.in should go to server "mail.cedge.in".

 

The second query indicates the cedge.in domain also has a SPF policy record (RFC 4408).

It indicates the hosts allowed to send email with sender addresses of the form "<something>@cedge.in".

  • the host at IP address 64.37.118.141 is allowed
  • the host(s) listed in the MX records of the domain (i.e. mail.cedge.in) is allowed
  • any valid members of the cedge.in domain are allowed
  • all others will be treated as "not technically 100% correct", but may be still accepted (SFP SoftFail policy). A spam filter might still choose to reject the email.

So, when we put all this together:

  • 203.124.23.222 is not a valid sender IP address, because its DNS registration is inconsistent
  • smtp.cedge.in is not a valid sender FQDN, because its DNS registration is inconsistent
  • 64.37.118.141 would be a valid sender, but if it claims to be tmsm60.tracom.net and tries to forward email whose headers indicate it is coming from smtp.cedge.in (= a sender address with inconsistent DNS registration), that will not look too good.
MK
zxcv
Super Advisor

Re: Sending address not accepted due to spam filter

Hi Matti ,

 

Thnks for the wonderful explaination.

Afetr much R&D we have the following situation ,

 

root #/var/adm/syslog >dig  cedge.in MX

; <<>> DiG named 9.2.0 <<>> cedge.in MX
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12743
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;cedge.in.                      IN      MX

;; AUTHORITY SECTION:
cedge.in.               3600    IN      SOA     cemumvikdcdn1.cedge.in. hostmaster. 7582 900 600 86400 3600

;; Query time: 2 msec
;; SERVER: 10.1.5.4#53(10.1.5.4)
;; WHEN: Tue Mar  6 17:21:03 2012
;; MSG SIZE  rcvd: 86
========================================

 

root #/var/adm/syslog >dig  cedge.in TXT

; <<>> DiG named 9.2.0 <<>> cedge.in TXT
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25965
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;cedge.in.                      IN      TXT

;; AUTHORITY SECTION:
cedge.in.               3600    IN      SOA     cemumvikdcdn1.cedge.in. hostmaster. 7582 900 600 86400 3600

;; Query time: 4 msec
;; SERVER: 10.1.5.4#53(10.1.5.4)
;; WHEN: Tue Mar  6 17:22:32 2012
;; MSG SIZE  rcvd: 86

 

Let me know where m wrong now ?

As again we have been delisted in cbl.

 

zxcv
Super Advisor

Re: Sending address not accepted due to spam filter

Thanks Matti as per your suggestion have asked my team to be listed as an authorized sender at our mail server