Verification results in (Spamhouse-)blacklisting, results tainted...

#1
Hi there,

I am currently trying to run a test on 2.000 addresses and I am facing issues with the verification process – I am seeing a lot of "probably valid"-flags but upon inspecting the logs almost all of these are a result of the Email Verifier / my IP being blacklisted and/or there is an issue with the HELO-settings and thus they are actually rejected...

What can I do to not run into these issues? What are the right settings here?

I went through the setup guide and checked the FAQs but couldn't find anything with regards to these errors...

0. My Email Verifier Settings
MX-server-search
[x] Dig [ ] internal

Validation method
[x] Simulate sending (valid address, my server)
[ ] Try to identify valid mails via VRFY
[x] Send RSET-command (group = 10)
[ ] Send HELO with following domain

1. IP-Blacklisting
I am listing various responses here, they all seem to go be based on a Spamhouse-entry...

Code:
554-web.de (mxweb112) Nemesis ESMTP Service not available
554-No SMTP service
554-IP address is black listed.
Code:
550 5.7.606 Access denied, banned sending IP [95.91.xxx.xxx]. To request removal from this list please visit https://sender.office.com/ and follow the directions. For more information please go to  http://go.microsoft.com/fwlink/?LinkID=526655 (AS16012609) [VE1EUR02FT021.eop-EUR02.prod.protection.outlook.com]
Code:
550-IP 95.91.xxx.xxx is blacklisted (pbl.spamhaus.org). Help at/Hilfe unter
550 www.mfaq.info
Code:
554 mxbw.lb.bluewin.ch vimdzmsp-mxin14.bluewin.ch Swisscom AG IP: 95.91.xxx.xxx, You are not allowed to send us mail. Please see https://www.spamhaus.org/query/ip/95.91.xxx.xxx if you feel this is in error
2. HELO mismatch

Code:
ecipient address rejected: Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs; MTA helo: [127.0.0.1], MTA hostname: ip5f5bd6ba.dynamic.kabel-deutschland.de[95.91.xxx.xxx] (helo/hostname mismatch)
Code:
421 4.2.1 HELO fqdn needs a public DNS record OX_202
Code:
503 5.5.1 Error: send HELO/EHLO first

Thanks & regards!
 

stanbusk

Administrator
Staff member
#2
Have you tried to remove your IP at Spamhaus? Usually it is quite easy to do. You can even contact them. I did in the past and they are quite responsive. Just explain what you are doing. This is a false positive, eMail Verifier doesn't send emails.

--
Follow maxprog.com on Facebook | Google+ | Linkedin | Twitter | YouTube
and keep up-to-date with the latest Max Programming updates!
 
#3
Thanks for getting back!
Have you tried to remove your IP at Spamhaus?
Nope, not yet, will do asap – but this only seems to be a temporary fix, once I change my IP / location then I'll run into the spam flags again...?

So the real question would be: What can I do to properly set up Email Verifier so it won't be detected as spamming in the first place? Having to go through the removal process at Spamhouse every time is quite tedious.

Also: The user guide doesn't say anything about setting up the HELO part – where can I find information on how to set this up properly?
 
Last edited:
#4
OK, I have issued a removal at Spamhouse but I am unsure as to whether this might be helpful in the long run...
The IP address has been added to the PBL Removals database. Please allow 30 minutes for servers around the world to update their data. Under normal circumstances, in approximately 30 minutes you should be able to send email directly to networks that use Spamhaus' Policy Block List system.

Note that the PBL Removal System will now automatically run a check on the removed IP address and will re-activate the PBL listing if the IP address is found to be dynamic, not a real mail server, having any history of sending spam, or if it appears infected with a virus/trojan.
Since the IP-address is in fact dynamic won't I run into the flags yet again? Will test and let you know how it goes...
 
#5
Update
The Spamhouse removal did work, I also had to issue other removal requests with SORBS and Microsoft but this seems to be clearing the pipeline fine...

I noticed though that all the mail addresses / domains belonging to United Internet are refusing the tests performed by Email Verifier with responses such as follows:
Code:
CONNECT TO: [mx-ha02.web.de]
[09] 1/8 12:31:27 554-web.de (mxweb112) Nemesis ESMTP Service not available
554-No SMTP service
554-Bad DNS PTR resource record.
554 For explanation visit http://postmaster.web.de/error-messages?ip=87.122.xxx.xxx&c=rdns
Since our customers are based in DACH (Germany, Austria & Switzerland) and the users rely heavily on services like GMX, Web.de and such the testing results are very 'thin' – we won't be able to properly clean our addresses this way...

Is there any way we can fix the "Bad DNS PTR resource record" with Email Verifier?

Thanks & regards!
 

stanbusk

Administrator
Staff member
#6
eMail Verifier does a DNS lookup to get the mail exchanger for each domain on your list. Then it connects to that mail exchanger server to try a delivery. In your case either the DNS is not correct (because you are connected thru the provider that owns that domain) or the server doesn't accept connections from your place because your IP is dynamic:

5xy Bad DNS PTR resource record
Emails from your email server were rejected because the PTR Resource Record (PTR-RR) of your IP address does not follow our guidelines. Possible reasons for this can be:
  • The PTR-RR states that the IP address was dynamically allocated.
  • The PTR-RR is a generic standard entry of your provider. Please allocate an independent and fully qualified domain name (Fully Qualified Domain Name - FQDN) to your email server and enter the corresponding valid PTR-RR.
  • Individual rejection of the PTR-RR for system protection reasons. Please contact the administrator of your system who should then contact us.
smf
 
Top