Solved Email delivery problem

hurricane

Member


Messages: 23

Here is from postfix log, our emails were blocked, I asked masked@ptero-byte.com to contact his ISP to unblock us, his ISP replied: "we didn't block any emails, the email didn't reach our server". So, how does smtp1d.netintelligence.com get involved here? Please help me understand this, thanks!

Code:
Jul  9 04:20:51 mail postfix/smtp[37086]: 8CF5F1D64152: to=<masked@ptero-byte.com>, relay=smtp1d.netintelligence.com[62.128.193.14]:25, delay=3.2, delays=0.02/0.01/3/0.18, dsn=5.7.1, status=bounced (host smtp1d.netintelligence.com[62.128.193.14] said: 550 5.7.1 <masked@ptero-byte.com>... Mail from <1.2.3.4> blocked using Trend Micro RBL+. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=<1.2.3.4> (in reply to RCPT TO command))
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,879
Messages: 31,151

It was blocked at the receiving end due to a RBL by smtp1d, which is one of the MX servers of the ptero-byte.com domain. I'm guessing their mail passes their hosting provider's mailservers before it's passed on to their own mailserver. That's a common setup. So technically they (ptero-byte) didn't block it, their hosting provider did.

I would also suggest checking the reason why Trend Micro put your mailserver on their RBL.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,879
Messages: 31,151

After you clear all infected computer register your MX ip address in Global Approved List
outgoing mailservers don't require an MX record. MX records are for incoming mailservers only. With larger mail setups it's common to split ingress and egress mail.
 
OP
OP
H

hurricane

Member


Messages: 23

SirDice Thank you very much for the detailed explanations, they cleared all my doubt and confusion. :beer:

The block happened many years ago (2011 :rolleyes:), I just started using this IP on a new server. I have used the URL in the error message to request the removal, just got a conformation that the block will be removed within 24 hours.

The request form on the request page has two buttons, I clicked the wrong button in my two previous attempts, nothing happened. This time, it's fast.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,879
Messages: 31,151

Useful command:
drill ptero-byte.com MX
This fetches the MX records for that domain. Any mail sent to that domain is always sent to one of the servers with an MX record (lowest number is tried first). If you look at those MX records you'll notice the same server name that blocked your email.

Small setups often use a provider's mail servers as an intermediate. The provider can guarantee uptimes so mail is always able to be delivered. The provider's mail servers know where to pass the mail along to the company. If their upsteam connection, or their own receiving mail server, is down the mail could get held at the provider for a few days until the issue is resolved. Mail sent in the mean time will still get delivered instead of getting bounced right away.
 
OP
OP
H

hurricane

Member


Messages: 23

Useful command:
drill ptero-byte.com MX
This fetches the MX records for that domain. Any mail sent to that domain is always sent to one of the servers with an MX record (lowest number is tried first). If you look at those MX records you'll notice the same server name that blocked your email.

Small setups often use a provider's mail servers as an intermediate. The provider can guarantee uptimes so mail is always able to be delivered. The provider's mail servers know where to pass the mail along to the company. If their upsteam connection, or their own receiving mail server, is down the mail could get held at the provider for a few days until the issue is resolved. Mail sent in the mean time will still get delivered instead of getting bounced right away.
Very interesting, I should have thought of checking MX to see the connection, thought it's something more mysterious. :oops:

Glad I don't have to receive emails, that would be a nightmare, I always find email related stuff very complicated...
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,879
Messages: 31,151

I always find email related stuff very complicated...
Once you understand the basic principles it's actually quite easy. But that's always the case for just about everything ;)
 

VladiBG

Aspiring Daemon

Reaction score: 252
Messages: 615

outgoing mailservers don't require an MX record. MX records are for incoming mailservers only. With larger mail setups it's common to split ingress and egress mail.
Sorry for the confusion i was not clear enough by MX i mean Mail Exchange (MDA Postfix server address 1.2.3.4 from the quoted log) not the actual MX record in the DNS.

You can check against if your Postfix IP address is listed in any other Blacklist on the following address:
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,879
Messages: 31,151

MXToolbox is very useful indeed. I also use them to check my mail server for open relay issues.
 
Top