my nat IP in postfix headers is blacklisted

Discussion in 'Server Operation' started by toastmaster, Mar 6, 2006.

  1. toastmaster

    toastmaster New Member

    Hello,

    I connect to my mail server through my ISPs NAT router, whose IP address is constantly being blacklisted because of virus activity within the network. When I send an email using my server, postfix inserts the header

    Code:
    Received: from HOSTNAME (Unknown[<My nats IP>])
    which usually causes the outbound message to have a very high score because I get these:

    Code:
    RCVD_IN_XBL: <my NATs IP> listed insbl-xbl.spamhaus.org
    in my @spam_admin notifications.

    My question is what is the best practice so that my outbound email is not getting blocked by anyone using the spamhaus blacklist.

    I have thought about using postfix to strip the headers out, using the postfix command header_checks, but just curious if you have any advice on the subject.
     
  2. till

    till Super Moderator

    This wont help at all, because other mailservers are performing these checks themself. Today all dynamic IP addresses from DSL and dialin lines are blacklisted.

    The solution is to use a mail relay server from your ISP as smartrelay for your local mailserver. So all outgoing mail is sent by the Mailserver from your ISP which is hopefully not blacklisted ;)
     
  3. toastmaster

    toastmaster New Member

    follow-up question

    Till,

    I am not sure that I understand. My server is using a static(Public) IP address. It is outside of the NAT router. My workstation is inside the NAT router. When I send an email, the first header that gets inserted is:

    Code:
    Received: from GERDES (unknown [64.146.168.140]) by cronos.homenetnw.com (Postfix) with ESMTP id 49E92474472 for <jason.gerdes@yahoo.com>; Mon, 6 Mar 2006 16:09:53 -0800 (PST) 
    
    The NAT ip is 64.146.168.140. If I remove or replace that IP, won't that stop spamassassin from checking that IP for blacklisting?

    I work for the ISP whose NAT router is always being blacklisted. Should I instead restrict port 25 access so that I won't get that IP address blacklisted anymore. I'm confused about how to proceed. Any help you can provide would be greatly appreciated.

    Jason:confused:
     
  4. falko

    falko Super Moderator

    IT is possible that even static IPs are blacklisted if they belong to a DSL line, dial-up accout, etc.

    You can use another mailserver (one that isn't blacklisted) for relaying your mail: http://www.howtoforge.com/forums/showthread.php?t=72
     

Share This Page