Sending E-Mail using sendmail & GoDaddy 's DNS settings (SPF, PTR...)

[aurora]

Hello,

For the last couple of days I've been trying to send E-Mail from my FreeBSD 7.2 (hostname: ibmsmtp.MYDOMAINNAME.com) using sendmail. In its most basic form I do:

# telnet localhost 25 (Trying 127.0.0.1... Connected to localhost. ibmsmtp.MYDOMAINNAME.com ESMTP Sendmail 8.14.3/8.14.3; DATESTAMP...)

MAIL FROM:<me@MYDOMAINNAME.com (... Sender ok)
RCPT TO:<friend@HISDOMAINNAME.com> (... Recipient ok)
DATA
Just a text
.
250 2.0.0 A UNIQUE CODE Message accepted for delivery

When HISDOMAINNAME is yahoo (yahoo.com) the message is sent but it drops into the SPAM folder of Yahoo.

When HISDOMAINNAME is operamail (operamail.com) the message is returned back with a message including this:

< ibmsmtp.MYDOMAINNAME.com #5.0.0 SMTP; 554 EMail from mailserver at
MY_STATIC_IP_NUMBER is refused. See http://spamblock.outblaze.com/MY_STATIC_IP_NUMBER>

I manage MYDOMAINNAME.com using Godaddy.com and edit its DNS settings using "Total DNS Control" facility of GoDaddy and here is the DNS record contents (obtained thru the Export UNIX option)

; BIND zone data exported from Total DNS Control v2.20

; NS Records
@	3600	IN	NS	ns15.domaincontrol.com	
@	3600	IN	NS	ns16.domaincontrol.com	

; A Records
@	3600	IN	A	MY_STATIC_IP_NUMBER
ibmsmtp	3600	IN	A	MY_STATIC_IP_NUMBER

; CNAME Records
www	3600	IN	CNAME	@
ftp 	3600	IN	CNAME	@

; MX Records
@	3600	IN	MX	10	ibmsmtp.MYDOMAINNAME.com

; TXT Records
@	3600	IN	TXT	"v=spf1 mx mx : ibmsmtp.MYDOMAINNAME.com ~all"

This file is edited by myself, in order to make sendmail work without being spam filtered. I have added the SPF record using the GoDaddy's wizard which formatted it as:

@	3600	IN	TXT	"v=spf1 mx mx:ibmsmtp.MYDOMAINNAME.com ~all"

I have added that SPF record based on a friends suggestion. He also told me to add reverse DNS ("PTR") record but it cannot be done using GoDaddy's wizard so I guess it's not strictly necessary. (Please see the Question #2)

And I have changed GoDaddy's default MX record settings which were:

@ 3600 IN MX 0 smtp.secureserver.net
@ 3600 IN MX 10 mailstore1.secureserver.net

to

@	3600	IN	MX	10	ibmsmtp.MYDOMAINNAME.com

because I want to send E-Mails using my own domain name, (hence the sender E-Mail address will be of <"me@MYDOMAINNAME.com" format).

And here are my questions:

Q#1: Are there any errors in my DNS records and/or other sections?

Q#2: Is it strictly necessary to add "PTR" records to send e-mail reliably. If yes, then why doesn't GoDaddy include a PTR edit section in its Total DNS Control? (BTW, I think it's possible to add/edit PTR or any other record by injecting a DNS file using the "Import" feature of Total DNS Control but, that raises further question marks)

Q#3: Could it be a better idea to use any of the default SMTP suggestions of GoDaddy i.e. smtp.secureserver.net or mailstore1.secureserver.net, instead of bothering with sendmail? Or let me ask it this way: Is it possible to send an E-Mail using me @ MYDOMAINNAME.com address format even when I use
smtp.secureserver.net as the SMTP server?

Thanks in advance.

 

[DutchDaemon]

Are those exported records the actual records? Because all hostnames must end in a period (".") in order not to be expanded further.

As to PTR records: your IP address does not necessarily have to resolve back to the hostname you have for it, so long as the PTR record for the IP address matches the A record of the name showing up in the PTR record.

E.g.
If your hostname has A record 123.231.231.123, then 123.231.231.123 does not have to resolve back to your hostname, so long as the PTR record for 123.231.231.123 (which may be "dsl123.provider.com") resolves back to 123.231.231.123 itself (i.e. "dsl123.provider.com" == 123.231.231.123 and 123.231.231.123 == "dsl123.provider.com").

I wonder what Outblaze thinks of your IP address, and why it blocks it. What information do they give? This is probably the same information that makes Yahoo drop it in a spambox. Are you sure your IP address isn't listed as a dynamic or residential DSL line? Because even static IP addresses are blocked by large email providers if they belong to 'residential customers'.

You may need to use your ISP's smtp server to send your email to/through. And most ISP's don't care which email domain you use. They will provide smtp services to you based on either your IP address or a valid username/password combination.

Whether the latter option (to send mail through someone else's smtp server) means you still need Sendmail is up to you. You will find that simply relaying email straight from your mail client will be somewhat easier, because it has all the options you may need to make it work right in its Preferences/Settings menus, whereas you'll have to configure sendmail to use a smarthost or SASL.

 

[aurora]

First of all, thank you for the comprehensive explanations.

Are those exported records the actual records? Because all hostnames must end in a period (".") in order not to be expanded further.

You're correct about period (".") issue. Well, they must be actually present in the actual DNS file, but it's just that GoDaddy's Total DNS facility (which is just a WEB GUI control panel for editing DNS records, here is the ScreenShot, just in case you may wonder) which removes them perhaps for "more compact looking" text file exported from the "Export."

And, as for the PTR records... The problem with PTR records is that, there's no suitable entry section for PTR in Godaddy's Total DNS Control facility, you see in the image there are sections for A (Host), CNAMES (Aliases), MX (Mail Exchange), SPF (Sender Policy Framework), TXT, etc... but no section named "PTR". From this I understand that, PTR is not absolutely required, otherwise GoDaddy would have arranged a section for it. But on the other hand, I 've read and heard several times that a reverse DNS record is necessary for a suitable E-Mail transfer operation. But at the least, I'm able to enter any record I want (eg "PTR") by forming my own DNS file and using Import.

I wonder what Outblaze thinks of your IP address, and why it blocks it. What information do they give? This is probably the same information that makes Yahoo drop it in a spambox. Are you sure your IP address isn't listed as a dynamic or residential DSL line? Because even static IP addresses are blocked by large email providers if they belong to 'residential customers'.

I've forgotten to post the details of my E-Mails rejection note. It's shortly as:

MY_STATIC_IP_NUMBER is on the Outblaze Spammers List
Reason: Direct Spam Source
Blocked Since: 2008-11-27

Well my static IP number should currently be listed as a residential DSL line, because when I recently subscribed to this static IP, it was from my home (I currently serve my applications from home). I didn't know being a residential customer would cause such a problem, that's surprising. I think that's something I have to talk to my ISP...

You may need to use your ISP's smtp server to send your email to/through. And most ISP's don't care which email domain you use. They will provide smtp services to you based on either your IP address or a valid username/password combination.

Yes, eventually I may ease the problem by using my ISP's smtp server. I will continue looking for ways around this. But still, I wonder why an E-Mail should be blocked when sent from a residential DSL line, when I'm easily identifiable with this DSL line. Or is easily sending E-Mails something which is granted solely to non-residential Internet subscribers? A question just came to my mind now...

 

[DutchDaemon]

To be clear on PTR records: they're not part of your domain, they are part of your IP range's in-addr.arpa zone (usually administered by your ISP). So there is no way for you to set PTR records for your IP address under your domain. That's something the ISP your IP address belongs to should do, and most ISP's simply won't. You can check whether your current IP address's A and PTR records match by comparing the output of:

[cmd=]dig -x your.ip.address +short[/cmd]
[cmd=]dig A (the result of the previous command) +short[/cmd]

If you want to know which organisation holds your PTR record, repeat the -x command above without the +short part. You'll see NS/SOA records pointing to the responsible party.

Note: a lot of IP addresses in the world have no PTR records at all.

 

[DutchDaemon]

When Outblaze says 'Direct Spam Source', you or a previous owner of that IP address sent spam. You could try looking your IP address up at e.g. SpamCop and/or Spamhaus. You or your ISP may need to get the IP address delisted as a spam source.

As to 'no mail from residential DSL' -> this has been a widely accepted guideline for many years now, and an enormous amount of parties will use blacklists to keep email from residential customers (DSL/cable) off of their servers, forcing them to use their own ISP's smtp server. Including me. They're responsible for a great majority of spam.

See http://www.spamhaus.org/pbl/index.lasso for the rationale. And if you want to vent your frustration over this practice, you might as well wail into me, because the Spamhaus PBL and several other of these lists are based on my initial anti-spam work (called 'DynaBlock') in my previous job

 

[aurora]

Again, thank you for the valuable input.

I have tried

# dig -x your.ip.address +short
# dig A (the result of the previous command) +short

and the first one gave two results:

mail.itemas.com
mail.plastiform.com.tr

and the second one gave further details.

I've looked up my IP number at the SpamHaus.org and (luckily) it was not listed in any of the SBL, PBL, XBL lists. Oh I really wouldn't guess that you've taken part in an anti-spam work but that's fine. I feel I have to study more on this thing called "anti-spam". Tomorrow I will devote some time for it.

 

[DutchDaemon]

Well, mail.itemas.com resolves to a different IP address now, so only mail.plastiform.com.tr should be valid for your IP address. If that one is not yours, your ISP (I'm guessing ttnet) should correct the PTR record and point it to your preferred hostname. They're obviously willing to do it, so they should do it for you as well.

As far as blocking at Outblaze goes: they use several external and in-house blacklists, and you (and the surrounding network at a /24 level) appear to be in the latter. Use the contact options on their web form to request a delisting. Don't shrug off an Outblaze block, they own tens of thousands of email domains, and millions of mailboxes are behind their filters. They're one of the biggest email providers in the world.

 

[aurora]

Thank you for the comments. I was hesitant to display my IP number, (because of the forum rules) but here it's:
# dig -x 85.105.206.193

returns:

; <<>> DiG 9.4.1-P1 <<>> -x 85.105.206.193
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51150
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 4

;; QUESTION SECTION:
;193.206.105.85.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
193.206.105.85.in-addr.arpa. 86400 IN	PTR	mail.itemas.com.
193.206.105.85.in-addr.arpa. 86400 IN	PTR	mail.plastiform.com.tr.

;; AUTHORITY SECTION:
105.85.in-addr.arpa.	16772	IN	NS	ns2.ttnet.net.tr.
105.85.in-addr.arpa.	16772	IN	NS	ns.ripe.net.
105.85.in-addr.arpa.	16772	IN	NS	ns1.ttnet.net.tr.

;; ADDITIONAL SECTION:
ns.ripe.net.		103150	IN	A	193.0.0.193
ns.ripe.net.		103150	IN	AAAA	2001:610:240:0:53::193
ns1.ttnet.net.tr.	6422	IN	A	212.156.4.4
ns2.ttnet.net.tr.	6296	IN	A	212.156.4.20

;; Query time: 40 msec
;; SERVER: 195.175.39.39#53(195.175.39.39)
;; WHEN: Mon Dec 21 12:23:21 2009
;; MSG SIZE  rcvd: 257

PTR returns two domain names which are totally unrelated to my own domain name, so it seems, as you've said, I should urge my ISP to correct those records.

After my domain name's PTR records are corrected and Outblaze has removed my IP from their Spam Block List, I wonder if I'll be able to send E-mail (because my IP will still be a residential DSL IP) I will post the result. Oh I've forgotten to say, yeah my ISP's ttnet, as you've guessed.

 

[DutchDaemon]

I think your IP address will be fine, especially when PTR records reveal a mail server. Most blacklists will allow a delisting based on that, but I don't see a listing of your IP address in other blacklists to begin with, so you should be able to send email without problems.