Knowledgebase

Portal Home > Knowledgebase > Articles Database > Email server blocked


Email server blocked




Posted by Lakiscy, 01-14-2011, 11:55 AM
Hello, First of all i would like to say that im willing to pay someone to fix this issue for me, its very serious, so anyone with knowledge pm me. We are using a dedicated server with 30 websites, which is used as our mail server as well. Few weeks ago we got hacked on one of our websites and the hacker used a script to send thousands of spam thru our server. After a few hours/days we managed to get whitelisted and solve the issue. But it seems that still many of our emails are getting blocked even if we are still whitelisted everywhere. I checked my ip here http://www.mxtoolbox.com/ and all ok. Yesterday i sent a client newsletter of 4000 emails and only 600 were received. Most of them were bounce return back with fail delivery and not enough info to check the problem. Then i tried to used these email addresses and send them emails individually from my email account that is also using the same mail server, one by one and still the msg was returned failed, so im sure is not newsletter issue. After this i send them the same email using my gmail account and was send successfully, so with this i also know that is not the recipient issue. Now for me its impossible to find every reciepent and change its spamassasin or tell them to get me whitelisted. Note that our problem is not with every recipient and that make it hard to troubleshoot. For example, we have no problem sending emails to hotmail or gmail. But still there is a big amount of recipients that cannot receive our emails and they are returning back fail delivery. The people i pay for manage my server told me that there is nothing they can do on server site and that my mail server is working correctly and i believe them. Is there a solution to this or im doomed? Is the problem that im blocked or is something else? What alternatives i have, do i have to change mail server or ip or anything else? Thank you for your suggestions
Posted by indya, 01-14-2011, 12:28 PM
This needs to be posted in requests rather than here otherwise no one can reply if they can help. (system admin companies). I would suggest tons of things: Checking bounce backs and seeing the delivery report message/errors. Checking SPF and Domain Key Records and ensuring they are active Finding out which spam softwares have blacklisted you (based on bounces) and find out how to express whitelist your ip again. Better option is get a new IP (changed). if you were actually hacked hosts will be a bit forgiving and offer a new IP to your server. There are tons of things and I do not believe a reply "no solution" is possible. There is always a solution for your one time hack issue. Trust me on that. Your support managers need to really dig more (if they want to continue to work with you) and try more since I am sure someone will be able to solve this issue for you really soon.
Posted by servertechs, 01-14-2011, 01:31 PM
You can change the mailservers ip, if you have a dedicated server, then you should have more than one ip configured on the server and this should resolve the issue quickly.
Posted by GORF, 01-14-2011, 02:13 PM
If you get a bounce, there IS going to be info there to start troubleshooting. Email gets rejected for a number of reasons and the exact reason is explained in the bounce. It may be cryptic at times, but it is there. Look for 500, 510, 520, 550, etc. codes. They mean something and you can Google them. If the bounces say something like blocked at Spam-So-And-So.org, then you are not fully whitelisted with everyone. Until you post some sample bounces, there is no way to start to tell why they are coming back.
Posted by Lakiscy, 01-16-2011, 11:05 AM
Hello thanks for replies I have check my mail server sps is ok. I have also change the ip used by Exim to send emails but it didnt work either. I have been told that is not going to affect because my domain name might be blocked as well. I have set my Rdns. I checked my mail server for diagnosis and if its blacklisted here http://www.mxtoolbox.com/ and everything is ok, all green. Sending emails on gmail and hotmail accounts its working fine, only to some specific emails is the issue. What other actions can i take? I write you below a return failed email. I am not able to find the error from these info. Also i noticed when i send an email to this specific address, i get the return email instantly after i push the send button, not even a millisecond delay. Isnt that strange? Thank you ---------------------------- This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: reciepent_email@domain.eu ------ This is a copy of the message, including all the headers. ------ Return-path: Received: from localhost ([127.0.0.1] helo=www.webarts.com.cy) by server.myserver.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1PeV4X-0002kB-My for reciepent_email@domain.eu; Sun, 16 Jan 2011 17:03:17 +0100 MIME-Version: 1.0 Date: Sun, 16 Jan 2011 17:03:17 +0100 From: To: Subject: test Message-ID: X-Sender: myemail@domain.com User-Agent: RoundCube Webmail/0.3.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 test
Posted by dhost, 01-16-2011, 11:19 AM
Check your server's mail logs for a more detailed description of the problem as well as the error code for non-delivery.
Posted by Lakiscy, 01-16-2011, 11:36 AM
Thats all i get in my mail logs for the specific test. I dont understand the error codes. If you check the time, you will notice that this is happening instantly. Is there a possibility that this is being blocked from my site before going to the recipient? Thanks 2011-01-16 17:03:17 1PeV4X-0002kB-My <= myemail@mydomain.com H=localhost (www.mydomain.com) [127.0.0.1] P=esmtpsa X=TLSv1:AES256-SHA:256 A=login:myemail@mydomain.com S=621 id=e2f08db29afc3e06364985a42daa2464@localhost T="test" from for reciepent@domain.eu 2011-01-16 17:03:17 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1PeV4X-0002kB-My 2011-01-16 17:03:17 1PeV4X-0002kB-My ** reciepent@domain.eu F= R=virtual_aliases: 2011-01-16 17:03:17 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1PeV4X-0002kB-My 2011-01-16 17:03:17 1PeV4X-0002kE-Np <= <> R=1PeV4X-0002kB-My U=mail P=local S=1463 T="Mail delivery failed: returning message to sender" from <> for myemail@mydomain.com 2011-01-16 17:03:17 1PeV4X-0002kB-My Completed 2011-01-16 17:03:17 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1PeV4X-0002kE-Np 2011-01-16 17:03:17 1PeV4X-0002kE-Np => info F=<> R=virtual_user T=virtual_localdelivery S=1562 2011-01-16 17:03:17 1PeV4X-0002kE-Np Completed


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
how view error log of server? (Views: 580)
Cloudflare sucks ! (Views: 621)
PHP exec command doubt (Views: 663)
How connetc to FTP remotly from shell (Views: 616)
Please recommend us a good reseller hosting provider... (Views: 613)