Microsoft Blacklist

From Hack Manhattan Wiki
Jump to: navigation, search
  • Temporary solution: send email through a second server at DigitalOcean
  • Some spam is sent directly to Firewall rules have now been set up so it only accepts mail from SpamHero and a few other approved servers.
  • our mailserver appears to be at per Servers
  • DNS MX records for point to Google mail servers (dig -T MX
  • DNS MX records for point to or servers: 3600 IN MX 30 3600 IN MX 40 3600 IN MX 10 3600 IN MX 20

  • No SPF record for, either by using dig -t TXT or
  • 2015-05-03 - SPF record added IN TXT "v=spf1 a ?all"
  • 2016-05-06 - SPF record updated. Added and changed to softfail. IN TXT "v=spf1 a, ~all"

  • PTR record seems proper: AUTH 62 ms Received 1 Answers , rcode=NO_ERROR 1800 IN PTR
  • Sample error from /var/log on our mailserver:
May 1 19:52:27 hackmanhattan postfix/smtp[2887]: 0EDE582FE6: to=<>,[]:25, delay=1.2, delays=0.07/0.28/0.74/0.08, dsn=5.0.0, status=bounced (host[] said: 550 SC-001 (COL004-MC5F19) Unfortunately, messages from weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to (in reply to MAIL FROM command))
550 SC-001 Mail rejected by for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
  • server has no trouble reaching Microsoft's MX servers: telnet 25 from our server returns a MS mail server greeting
  • Created an account on Microsoft's Smart Network Data Service, gives the following result for our server's IP:
First IP Last IP Blocked Details Yes Blocked due to user complaints or other evidence of spamming
  • No other evidence of a problem from SNDS. No spam emails reported for the last month. Don't understand!