dolmax
4th January 2011, 12:13
I have been using ISPconfig 2 on one of my older servers. I have received some complaints from the users on that server, for messages being rejected by Trend Micro RBL based servers, tagged as spam.
I have checked their RBL and found out that the mail server IP address is on their list. I have requested de-listing based on the following facts;
- the server has a dedicated IP address, is not NAT'ing and is not sharing Internet connection with another device.
- I have static IP address and related PTR records on the ISP side.
Trend personel has contacted me saying that my mail server is "mis-configured". Below is the actual message from Trend;
We first started to see spam from 78.X.Y.Z 16 March 2009, and this has
continued through 2011.
Based on the spam on file, your mail server is misconfigured - but please read on.
Currently, you accept mail for domains (including mydomain.com), then later
attempt to deliver it to local users. If you can not (mailbox full, user
unknown, administratively prohibited, etc - for example, uucp@mydomain.com),
you create a NDR, append the original mail, and forward the result to the
From: address in the original mail.
Unfortunately, virtually all spam uses forged From: information, so these
NDR's end up going to innocent third parties. Please properly configure your
mail server to reject undeliverable mail during the incoming SMTP session, via
a 5xx status respons to an undeliverable RCPT TO command.
I'll send an example header in the following mail. If you do not get the
message within 300 seconds of this one, you are using a content-based spam
filter - please disable it.
Once you have properly configured your mail server, and secured the spam,
please let me know the details of what you did, and exactly when you did it.
Need help.
Thanks,
Hakan
I have checked their RBL and found out that the mail server IP address is on their list. I have requested de-listing based on the following facts;
- the server has a dedicated IP address, is not NAT'ing and is not sharing Internet connection with another device.
- I have static IP address and related PTR records on the ISP side.
Trend personel has contacted me saying that my mail server is "mis-configured". Below is the actual message from Trend;
We first started to see spam from 78.X.Y.Z 16 March 2009, and this has
continued through 2011.
Based on the spam on file, your mail server is misconfigured - but please read on.
Currently, you accept mail for domains (including mydomain.com), then later
attempt to deliver it to local users. If you can not (mailbox full, user
unknown, administratively prohibited, etc - for example, uucp@mydomain.com),
you create a NDR, append the original mail, and forward the result to the
From: address in the original mail.
Unfortunately, virtually all spam uses forged From: information, so these
NDR's end up going to innocent third parties. Please properly configure your
mail server to reject undeliverable mail during the incoming SMTP session, via
a 5xx status respons to an undeliverable RCPT TO command.
I'll send an example header in the following mail. If you do not get the
message within 300 seconds of this one, you are using a content-based spam
filter - please disable it.
Once you have properly configured your mail server, and secured the spam,
please let me know the details of what you did, and exactly when you did it.
Need help.
Thanks,
Hakan