Microsoft Blacklist

From Hack Manhattan Wiki
Jump to: navigation, search
  • Temporary solution: send email through a second server at DigitalOcean
  • Some spam is sent directly to list.hackmanhattan.com. Firewall rules have now been set up so it only accepts mail from SpamHero and a few other approved servers.
  • our mailserver appears to be at 162.243.60.59 per Servers
  • DNS MX records for hackmanhattan.com point to Google mail servers (dig -T MX hackmanhattan.com)
  • DNS MX records for list.hackmanhattan.com point to spamhero.net or spamhero.com servers:
list.hackmanhattan.com. 3600 IN MX 30 list-hackmanhattan-com.p30.spamhero.net.
list.hackmanhattan.com. 3600 IN MX 40 list-hackmanhattan-com.p40.spamhero.net.
list.hackmanhattan.com. 3600 IN MX 10 list-hackmanhattan-com.p10.spamhero.com.
list.hackmanhattan.com. 3600 IN MX 20 list-hackmanhattan-com.p20.spamhero.net.

  • No SPF record for hackhanhattan.com, either by using dig -t TXT hackmanhattan.org or http://www.kitterman.com/spf/validate.html
  • 2015-05-03 - SPF record added list.hackmanhattan.com. list.hackmanhattan.com. IN TXT "v=spf1 a include:spf.spamhero.com ?all"
  • 2016-05-06 - SPF record updated. Added cups.hackmanhattan.com and changed to softfail. list.hackmanhattan.com. IN TXT "v=spf1 a a:cups.hackmanhattan.com, include:spf.spamhero.com ~all"

  • PTR record seems proper: ns3.digitalocean.com 198.41.222.173 AUTH 62 ms Received 1 Answers , rcode=NO_ERROR 59.60.243.162.in-addr.arpa. 1800 IN PTR list.hackmanhattan.com
  • Sample error from /var/log on our mailserver:
May 1 19:52:27 hackmanhattan postfix/smtp[2887]: 0EDE582FE6: to=<konsgn@hotmail.com>, relay=mx1.hotmail.com[65.55.33.119]:25, delay=1.2, delays=0.07/0.28/0.74/0.08, dsn=5.0.0, status=bounced (host mx1.hotmail.com[65.55.33.119] said: 550 SC-001 (COL004-MC5F19) Unfortunately, messages from 162.243.60.59 weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. (in reply to MAIL FROM command))
550 SC-001 Mail rejected by Outlook.com for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
  • server has no trouble reaching Microsoft's MX servers: telnet mx1.hotmail.com 25 from our server returns a MS mail server greeting
  • Created an account on Microsoft's Smart Network Data Service, gives the following result for our server's IP:
First IP Last IP Blocked Details
162.243.60.59 162.243.60.59 Yes Blocked due to user complaints or other evidence of spamming
  • No other evidence of a problem from SNDS. No spam emails reported for the last month. Don't understand!