A user in my server trying to send email, but email is flagged as "Absolute Spam" by Spamassassin. It says IP is listed in SBL/XBL.
There is an IP address in "Received-From" part of the headers. That IP is actually listed in several spam databases, but not my server's IP (Below, red and bold).
Email is sent from my server, but how come "From" IP is different from mine?
Headers of the email are below:
Quote:
Received: from [203.215.94.252] (helo=[10.0.0.7])
by server1.kanmonline-server101.net with esmtp (Exim 4.63)
(envelope-from <*********@sweetmail.org>)
id 1HQ3Yj-0007jV-6J
for ************@ezweb.ne.jp; Sun, 11 Mar 2007 00:32:37 +0900
Mime-Version: 1.0 (Apple Message framework v624)
In-Reply-To: <**********************@nm03imap01c.ezweb.ne.jp>
References: <**********************@nm03imap01c.ezweb.ne.jp>
Content-Type: text/plain; charset=ISO-2022-JP; delsp=yes; format=flowed
Message-Id: <98108bd45ea8b8bbd10cc7c35b6fad81@sweetmail.org>
Content-Transfer-Encoding: 7bit
From: =?ISO-2022-JP?B?GyRCOWI2NhsoQiAbJEIwITUqO1IbKEI=?= <**********@sweetmail.org>
Subject: Re:
Date: Sat, 10 Mar 2007 23:32:34 -0800
To: *********@ezweb.ne.jp
X-Mailer: Apple Mail (2.624)
I work at a small startup. We have a database of contact information that is available on a subscription basis; people signup up and can download a limited number of contacts each month.
A core part of our signup is to send an activation email to the client. The email has a link back to our site. Clicking on the link activates the account and allows the client to log in.
Sometimes -- not always, but probably 20% of the time -- the client's email server will reject our activation email as spam. We see this alot with hotmail clients, and occasionally with others.
We're able to reproduce the problem. It appears to be an issue of the mail headers rather than the email content. I think it's related to the way we have our internal email configured: our email is hosted at Network Solutions, but we send the activation emails from our server at LiquidWeb. The activation email specifies a 'from' address that includes the domain that NS hosts.
My questions are: would this configuration cause email recipients to identify our email as spam? Short of moving our email server mgmt to our LiquidWeb server, is there anything we can do to avoid this issue from causing our email to look like spam?
I'd like to seek help on how to read eximlog file. I saw the below inside eximlog. I'm wondering now because realemail@domain.com does not exist on this user emailaddress when I browse his cpanel. Now who is sending it? the only correct info is the pixelxl which is the user.
I am trying to make sure my server configuration is optimally set to prevent my outgoing activation emails being set as spam.
so far I have set up an SPF record - Using Plesk for mydomain.com set up a DNS record of type TXT and value v=spf1 mx -all.
How do I check if this has been set up correctly?
I am using CentOS with Apache and Plesk 8.3 and I am sending mail using PHP's mail() function. The majority of the emails that aren't being received are going to hotmail accounts but I haven't yet sent a large enough amount of emails to view any concrete pattern. Curiously they don't appear to be going to the user's spam folder they are just being deleted outright.
Also, I'm not sure if it's related but one of my users mistyped their email address as @gogglemail.com and I now have a message in the qmail mail queue which is dated 1970. Is this something I am failing to do at a PHP level (i.e. not setting a date attribute)?
I'm wondering if theres anything I can install on the server that will either filter or track outgoing spam. I don't want to limit the number of emails sent per hour or anything, I just want to be able to maybe search through some flagged emails or something. Or if they send the exact same email more than x times it can disable their account... I'm not sure
I just did the update to 12.0.18 #6 and everything seemed to go pretty well. One feature we were really interested in was the Outgoing Spam Filter. Unfortunately, the error I see when I go to that feature reads, "Protection : Not active. There are some problems that prevent the service from being started."
When I Google that error, I'm brought to some KB articles but they are all for the older Outgoing Spam Filter that you need a license key for. I don't believe that is the case any more - if it is, I don't know where to get the key. I will say point out I'm a bit of a Linux novice (we are running CentOS 6.5 on this server), so I'm not really sure where to look....
I have a hard problem with my VPS. I have postfix as mail server on plesk 12 under ubuntu 12.
I dont know why the outgoing mails of all my domains in my servers are getting spam in servers like gmail, yahoo, hotmail...
I'm using mxtoolbox to fix errors and warnings and finally fixed all of them, but my mails are still outgoing to spam.
In mxtoolbox actually I have no mail server errors / warning, u can see it with, for example, this one of my domains: [URL] ....
Headers:
This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community.
I have some error when the new outgoing spam protection (limitation for outgoing mail) is enabled. Mail clients are unable to use SMTP for sending mails. "My mail client says: The message could not be sent. You are not allowed to use sendmail utility."
I don't undestand the blocking behaviour since the checkbox "Allow scripts and users to use Sendmail" is checked and no limit is exeeded.This is the relevant log part of maillog:
Code:
Jul 3 00:44:36 srv01 postfix/smtpd[3326]: C0E5182A20: client=46.128.x.x.dynamic.cablesurf.de[46.128.x.x], sasl_method=CRAM-MD5, sasl_username=info@domain.de Jul 3 00:44:36 srv01 postfix/cleanup[3331]: C0E5182A20: message-id=<0A380CA8-AAE3-4FA8-BA7A-A3FDF7CD16E2@domain.de> Jul 3 00:44:37 srv01 /usr/lib/plesk-9.0/psa-pc-remote[3280]: handlers_stderr: DATA REPLY:554:[B]5.7.0 The message could not be sent. You are not allowed to use sendmail utility.[/B] REJECT Jul 3 00:44:37 srv01 /usr/lib/plesk-9.0/psa-pc-remote[3280]: REJECT during call 'limit-out' handler Jul 3 00:44:37 srv01 postfix/cleanup[3331]: C0E5182A20: milter-reject: END-OF-MESSAGE from 46.128.213.43.dynamic.cablesurf.de[46.128.x.x]: 5.7.0 The message could not be sent. You are not allowed to use sendmail utility.; from=<info@domain.de> to=<mail@domain2.de> proto=ESMTP helo=<[192.168.1.20]> Jul 3 00:44:37 srv01 postfix/smtpd[3326]: disconnect from 46.128.x.x.dynamic.cablesurf.de[46.128.x.x]
Moreover I disabled the line "non_smtpd_milters" in postfix main.conf since my server has same issues discribed in the following thread: Postfix: mails sent through sendmail binary are blocked because of wrong HELO
My server is sending all emails via exim smarthost to other specialised exim server (both cPanel). How may I limit customers from sending out SPAM ? Mean to scan outgoing emails and delete/store in some folder which ones identified as SPAM. Preferrably the scan part to be on exim email proxy cause it is much idle.
I have exim, smartermail and qmail servers running in my fleet. Which is the easiest to capture outgoing emails for a specific account and how can I do it?
We've recently had a lot of complaints from clients who say Yahoo! mail recipients are not receiving the emails they send. We first noticed this sometime November 2006 but it could have started earlier.
One solution would be to find another hosting provider. The problem is I suspect that it's happening to a lot of hosts and it's Yahoo! in particular that seems to have been a lot more stringent than they were in the past.
I remember some time back (2004 or 2005), AOL blocked an EHOSTPROS.COM server (SVR28) for over 6 months. We also had SVR75 with them and it wasn't blocked (I believe they were in the same DC). And AOL was notorious for blocking a lot of servers. I don't know how it is with them now because from the Philippines, there is very little email exchange with AOL.COM or AIM.COM accounts.
And there is a lot of emails going to YAHOO.COM accounts! And that's where the problem lies.
I first noticed it on my ResellerZoom reseller account (GRAY). Mails from GRAY accounts were completely blocked off by Yahoo! It didn't even go to the Bulk Folder. So Yahoo! was blocking the GRAY server's mail IP and not particular domains (I don't think blocking a domain makes any sense, you usually block IP's).
I opened a ticket with RZ and got great support. But of course, it was about 3 days before Yahoo! started accepting mails from GRAY. RZ did the best they can but could only have done so much.
And then the same thing happened with my HostGator reseller account (INFINITI). Similar issue as well.
From that time until today, it seems to come back on and off. Sometimes emails never reach Yahoo!, sometimes it lands in the Bulk Folder (that's a much lesser evil).
I have 3 reseller accounts at RZ (CAMERON B1, GRAY A1, R2 Failover-1) and 2 reseller accounts at HG (INFINITI and SONOMA). The same issue has come back again the past couple of days on INFINITI (HostGator) and GRAY (ResellerZoom). I'd open a ticket but it's on and off.
Dec 5 / Dec 6, several clients on INFINITI complained that emails to Yahoo! recipients were not being delivered. By the time we tested it, it was ok already. And then just a few hours ago, we got a call from a client on GRAY. We tested and emails were landing on the Bulk Folder. But after a couple of more tests, it went to the Inbox.
We advise clients to tell Yahoo! recipients to always check their Bulk Folders. We also ask the recipients to tag emails with MARK AS NOT SPAM hoping that would help.
You could say that I should be going to HG and RZ support for these. It's just that I don't think it's limited to them and I want to get feedback from others. I will also invite HG and RZ to give their comments on this post.
In the reseller hosting area, I'll actually be asking around also for reseller hosting that's more reliable with email. But I've been doing reseller hosting since May 2003 and have used all of the following:
There were more in between but that was a quick in and out. The above list in the sequence I signed up and only includes those that I stayed with long enough (at least 6 months) to evaluate and decide if they're worth it.
I won't expound but avoid MIDPHASE, SITE5, and BLIKSEM. There's enough here on WHT for you to search upon.
My point is that, by far, I've had the best experience with HG and RZ and it does get tiring moving from one host to the other. And it's not that we haven't contributed to the problem. A lot of our clients' contact us forms have recently been hijacked by spammers and have caused abuse on the servers. We're working on fixing each and everyone of these scripts (> 80) and should solve it within a few days. We do our part but there are hundreds of accounts and millions of ways spammers try to hijack server resources for their cause. Note, however, that those scripts have been there for quite awhile and only recently have they been used to spam.
Although there are a lot of other hosts with good reps here on WHT, the only other host I am considering (for the moment) is Aussie Bob's DOTABLE.COM.
But then, right now, with these email woes, we're still evaluating our business. The bulk of our clients are dependent on email. Too much incoming spam is already an issue but mails not reaching intended recipients kinds of ruins the business.
Damned these spammers!
Is there actually a viable solution for this issue? Or is it something that we just have to start living with?
I bought a shared hosting account, specifically for my own personal email account. I wanted to use IMAP obviously, but the host only allow IMAP on incoming mail... And Pop3 on outgoing.
Is this a problem? What will this mean I cannot do?
And secondly, if anyone has a blackberry, will this style work with a new blackberry?
Since upgrading to Plesk 12 I am experiencing a strange bug:
When enabling the limitation of outgoing email messages, is not possible to RECEIVE emails to a account that is only redirecting the email messages (to a different account which also lies on the server).
I reproduced this behavior on two different servers from which one is a complete reinstall.
The maillog will then show the following error when receiving mails to a redirecting address:
Aug 1 04:04:34 xxxxxx plesk sendmail[16709]: handlers_stderr: DATA REPLY:554:5.7.0 The message could not be sent. You are not allowed to use sendmail utility.#012REJECT Aug 1 04:04:34 xxxxxx plesk sendmail[16709]: REJECT during call 'limit-out' handler
I can find very few information on this error message, but when disabling the limiting feature, everything works as expected.
We are facing issue with option " Switch on limitations on outgoing email messages", after the plesk upgrade to 12.0.18. Please find our license details
============================= Key number PLSK.02868019.0004 Next license key update Oct 21, 2014 User accounts (resellers and customers) Unlimited Domains Unlimited Mail accounts Unlimited Web users Unlimited Language packs 1
Since 12.0.18, when I go to Tools & Settings > Mail Server, I get this error message on the page:
"Error: The limits on outgoing mail will not work for the subscriptions that have IP addresses from the white list. To make the limits work, remove IP addresses from the mail server's white list".
However, the whitelist page just contains 127.0.0.0/8 and ::1/128, and all my subscriptions have an external IP address which is clearly not in the whitelist.
I have just install on a new server plesk 12.0.18 Update #7 on centos 6.5 final.Added new hosting for the domain on a dedicated IP. All works fine (website, incoming mails etc) apart from outgoing mails.Both webmail (roundcube) and other mail software (outlook 2010, 2013 , android phone etc) outgoing mail i can't get to work.
I have attached screen from webmail with SMTP error (250) : Authentication failed..With Outlook it will allow me to set up account, test account setting... it say all all complete if i don't set secure connection (SSL)/requires authentication. But when you try sending mails you get the error: Your message did not reach some or all of the intended recipients.
Subject:test Sent:16/07/2014 15:13
The following recipient(s) cannot be reached:
'x@xxx.com' on 16/07/2014 15:13 Server error: '554 5.7.1 <x@xxx.com>: Relay access denied'
When you set the outgoing requires authentication/ advance SSL you get:Send test e-mail message: None of the authentication methods supported by this client are supported by your server.I have tried changing to some outgoing ports to no avail.
