From Hack Manhattan Wiki
- Temporary solution: send email through a second server at DigitalOcean
- Some spam is sent directly to list.hackmanhattan.com. Firewall rules have now been set up so it only accepts mail from SpamHero and a few other approved servers.
- our mailserver appears to be at 220.127.116.11 per Servers
- DNS MX records for hackmanhattan.com point to Google mail servers (
dig -T MX hackmanhattan.com)
- DNS MX records for list.hackmanhattan.com point to spamhero.net or spamhero.com servers:
list.hackmanhattan.com. 3600 IN MX 30 list-hackmanhattan-com.p30.spamhero.net.
list.hackmanhattan.com. 3600 IN MX 40 list-hackmanhattan-com.p40.spamhero.net.
list.hackmanhattan.com. 3600 IN MX 10 list-hackmanhattan-com.p10.spamhero.com.
list.hackmanhattan.com. 3600 IN MX 20 list-hackmanhattan-com.p20.spamhero.net.
- No SPF record for hackhanhattan.com, either by using dig -t TXT hackmanhattan.org or http://www.kitterman.com/spf/validate.html
- 2015-05-03 - SPF record added list.hackmanhattan.com. list.hackmanhattan.com. IN TXT "v=spf1 a include:spf.spamhero.com ?all"
- 2016-05-06 - SPF record updated. Added cups.hackmanhattan.com and changed to softfail. list.hackmanhattan.com. IN TXT "v=spf1 a a:cups.hackmanhattan.com, include:spf.spamhero.com ~all"
- PTR record seems proper: ns3.digitalocean.com 18.104.22.168 AUTH 62 ms Received 1 Answers , rcode=NO_ERROR 22.214.171.124.in-addr.arpa. 1800 IN PTR list.hackmanhattan.com
- http://www.adminkit.net/dnsbl.aspx reports our mailserver is not on any blocklists
- Sample error from /var/log on our mailserver:
May 1 19:52:27 hackmanhattan postfix/smtp: 0EDE582FE6: to=<firstname.lastname@example.org>, relay=mx1.hotmail.com[126.96.36.199]:25, delay=1.2, delays=0.07/0.28/0.74/0.08, dsn=5.0.0, status=bounced (host mx1.hotmail.com[188.8.131.52] said: 550 SC-001 (COL004-MC5F19) Unfortunately, messages from 184.108.40.206 weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. (in reply to MAIL FROM command))
550 SC-001 Mail rejected by Outlook.com for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
- server has no trouble reaching Microsoft's MX servers:
telnet mx1.hotmail.com 25from our server returns a MS mail server greeting
- Microsoft's troubleshooting page http://mail.live.com/mail/troubleshooting.aspx
- Created an account on Microsoft's Smart Network Data Service, gives the following result for our server's IP:
- First IP Last IP Blocked Details
- 220.127.116.11 18.104.22.168 Yes Blocked due to user complaints or other evidence of spamming
- No other evidence of a problem from SNDS. No spam emails reported for the last month. Don't understand!