smtp & blacklist

Discussion:

smtp & blacklist

(too old to reply)

howard

2005-12-17 23:25:02 UTC

Recently changed from static ip to dynamic ip - simple exchange server setup.
all is well except some sites subscribe to a list of dynamic ip ranges
(supplied by ISPs) so the result is my outgoing email is blocked. I'm told
the solution is to send your smtp traffic through your ISP. Seems reasonable
that this is accomplished in Exchange System Manager/Default SMTP Virtual
Server Properties(Delivery tab)/Advanced Delivery where you set the
'Fully-qualified domain name' to your ISP's smtp server. Did that but did
not notice any change in behaviour. Do I need to set something else?

Leif Pedersen [MVP]

2005-12-18 13:42:16 UTC

Permalink

Hiu,

Much better to create a SMTP connector and on the delivery tab use your
ISP's SMTP server as a smarthost.

Leif

Post by howard
Recently changed from static ip to dynamic ip - simple exchange server setup.
all is well except some sites subscribe to a list of dynamic ip ranges
(supplied by ISPs) so the result is my outgoing email is blocked. I'm told
the solution is to send your smtp traffic through your ISP. Seems reasonable
that this is accomplished in Exchange System Manager/Default SMTP Virtual
Server Properties(Delivery tab)/Advanced Delivery where you set the
'Fully-qualified domain name' to your ISP's smtp server. Did that but did
not notice any change in behaviour. Do I need to set something else?

Gaz

2007-11-19 19:17:04 UTC

Permalink

Did what you suggest below, also tried it with "Use DNS to send mail"

Problem manifests itself in that -

Using DNS, I can send to all domains who have not signed up to Microsoft's
Sender ID initiative, but not to Hotmail, gmail, etc etc - they're using
Sender ID to block all mail from dynamic IDs as spam

Using smarthost, I cannot send to ANYONE at all, outside of the LAN - the
queues just sit there for 36 hours then return as unsendable.

The complication is that my web domain (and therefore email domain) is in
the UK, but my ISP is in Thailand.

I have tried every possible configuration combination using the SMTP virtual
server in Protocols, and the SMTP connector - nothing resolves this.

We now have to use a web-based email to inform all customers that we cannot
accept orders from them if they use a Hotmail, Google, AOL, or Yahoo email
address. We've now got a list of over 1000 major consumer email domains with
whom we cannot communicate / trade and the list is growing daily as the
corporate sector adopts Sender ID Blacklisting.

Has ANYONE found a correct configuration that prevents this problem?

Gaz

---------------------

Post by Leif Pedersen [MVP]
Hiu,
Much better to create a SMTP connector and on the delivery tab use your
ISP's SMTP server as a smarthost.
Leif

Leif Pedersen [ MVP]

2007-11-19 21:43:12 UTC

Permalink

Hi,

Most ISP's have a SMTP service for their customers. Using this (configure
your SMTP connector with a smart-host - your ISP's SMTP server, you should
be able to email everyone).

You need to talk to your ISP.

Leif

Post by Gaz
Did what you suggest below, also tried it with "Use DNS to send mail"
Problem manifests itself in that -
Using DNS, I can send to all domains who have not signed up to Microsoft's
Sender ID initiative, but not to Hotmail, gmail, etc etc - they're using
Sender ID to block all mail from dynamic IDs as spam
Using smarthost, I cannot send to ANYONE at all, outside of the LAN - the
queues just sit there for 36 hours then return as unsendable.
The complication is that my web domain (and therefore email domain) is in
the UK, but my ISP is in Thailand.
I have tried every possible configuration combination using the SMTP virtual
server in Protocols, and the SMTP connector - nothing resolves this.
We now have to use a web-based email to inform all customers that we cannot
accept orders from them if they use a Hotmail, Google, AOL, or Yahoo email
address. We've now got a list of over 1000 major consumer email domains with
whom we cannot communicate / trade and the list is growing daily as the
corporate sector adopts Sender ID Blacklisting.
Has ANYONE found a correct configuration that prevents this problem?
Gaz
---------------------

Post by Leif Pedersen [MVP]
Hiu,
Much better to create a SMTP connector and on the delivery tab use your
ISP's SMTP server as a smarthost.
Leif

Gaz

2007-11-20 01:49:02 UTC

Permalink

Hi Leif

Quoting my post above -

"Using DNS, I can send to all domains who have not signed up to Microsoft's
Sender ID initiative, but not to Hotmail, gmail, etc etc - they're using
Sender ID to block all mail from dynamic IDs as spam

Using SMARTHOST, I cannot send to ANYONE at all, outside of the LAN - the
queues just sit there for 36 hours then return as unsendable."

---

If I create an Internet Mail setup in Outlook then the ISP's SMTP works fine
POP3 in Exchange 2000 works fine for receiving mail

..... BUT, I am faced with a position of Exchange Server either sending no
mail to anyone (Smarthost setup - yes it is the correct name/IP attempts)
or
Cannot sent to Hotmail, Google, AOL etc (DNS setup) even with around 20
external DNS servers set up in the config.

The exact error message is -

The following recipient(s) could not be reached:

'***@hotmail.com' on 20/11/2007 01:49
There was a SMTP communication problem with the recipient's
email server. Please contact your system administrator.
<smtp.DomainName.com #5.5.0 smtp;550 DY-001 Mail rejected by
Windows Live Hotmail for policy reasons. We generally do not accept email
from dynamic IP's as they are not typically used to deliver unauthenticated
SMTP e-mail to an Internet mail server. http://www.spamhaus.org maintains
lists of dynamic and residential IP addresses. If you are not an
email/network admin please contact your E-mail/Internet Service Provider for
help. Email/network admins, please visit http://postmaster.live.com for email
delivery information and support>

That postmaster.live.com is terrifying reading - if you're not "in the club"
then you're going to be unable to send email to anyone, eventually. AND in
their wisdom, Microsoft no longer have the neccesary tool for Win2000 to get
into the club - they've discontinued it, and it's XP / Vista only from here
on in.

Gaz

Gaz

2007-11-26 16:44:11 UTC

Permalink

Hi Leif

Had the infrastructure and internet support crew from the ISP here this
morning (and got a free T1 line out of then for 2 months to test connectivity
performance etc) - demonstrated the issue with dynamic IPs by rebooting the
router several times and inputting each IP into SpamHaus.org's PBL checker -
they were stunned that such a technology has been rolled out because it will
affect every one of their customers using an internal mail-server that is not
a major corporate.

To obtain a fixed IP address in Thailand costs about the same per month as
renting the Presidential Suite at the Waldorf Astoria. Therefore only the
likes of Toyota, Shell Petroleum etc do so.

The ISP guys are taking this back to their chiefs but as we head to a
general election next month (to replace the junta) this is unlikely to get
top level action before late next year .... unless Microsoft (Thailand) does
some political lobbying like they did on the other IP (Intellectual Property)
issue a few years back.

In the meantime, I am stuck with a Server on which open relaying is
disabled, only authorised users can send email, yet which cannot send any
email using smart-host settings, and using DNS forwarding cannot send email
to the big webmail domains.

I can find no setting for SMTP AUTH anywhere in any control panel, nor any
pointer to such a setting in the registry anywhere on Microsoft.com

Totally stuck, and I KNOW I'm not alone in this.

Someone help - please

s***@hush.com

2007-11-27 15:52:45 UTC

Permalink

Post by Gaz
Had the infrastructure and internet support crew from the ISP here this
morning (and got a free T1 line out of then for 2 months to test connectivity
performance etc) - demonstrated the issue with dynamic IPs by rebooting the
router several times and inputting each IP into SpamHaus.org's PBL checker -
they were stunned that such a technology has been rolled out because it will
affect every one of their customers using an internal mail-server that is not
a major corporate.

Were they stunned enough to ask "how do normal ISPs do it?" and
realize all they need to do is provide their customers with a
smarthost like all other ISPs in the world do?

It sounds like all customers of this ISP have to run their own mail
servers, all off dynamic IPs, in order to send email... that's mad.

Post by Gaz
To obtain a fixed IP address in Thailand costs about the same per month as
renting the Presidential Suite at the Waldorf Astoria. Therefore only the
likes of Toyota, Shell Petroleum etc do so.
The ISP guys are taking this back to their chiefs but as we head to a
general election next month (to replace the junta) this is unlikely to get
top level action before late next year .... unless Microsoft (Thailand) does
some political lobbying like they did on the other IP (Intellectual Property)
issue a few years back.
In the meantime, I am stuck with a Server on which open relaying is
disabled, only authorised users can send email, yet which cannot send any
email using smart-host settings, and using DNS forwarding cannot send email
to the big webmail domains.
I can find no setting for SMTP AUTH anywhere in any control panel, nor any
pointer to such a setting in the registry anywhere on Microsoft.com
Totally stuck, and I KNOW I'm not alone in this.
Someone help - please

Gaz

2007-11-27 16:22:02 UTC

Permalink

"***@hush.com" if you read the previous posts, you would see that I
stated that the ISP does provide a smart host, however, when I set it up in
the SMTP virtual server no email at all goes out

When i set it up in the SMTP connector - the same thing happens

When I set it up in both at the same time - the same thing happens

When I use Outlook direct Internet email to the smart host (instead of
through the Exchange Server) the email goes out perfectly normally.

Therefore - there is nothing wrong with the ISP's smart host, the problem is
in Exchange in that it will not use the smart host - I say WILL not, and not
CANNOT - this server has a mind of its own and is pig-minded enough that
several SHOULD-work solutions refuse to work.

When Exchange is set to send SMTP via DNS, then all email to non-SenderID
domains are sent immediately and perfectly every time. BUT .... all email to
SenderID using domains are rejected with an error message pointing to
www.SpamHaus.org and http://postmaster.live.com (essentially telling me that
my current dynamic IP has been block listed for previous spam related
offences).

As for ISPs expecting Exchange Server to work with dynamically allocated IP
addresses - it used to, and did so for manyyears, it even includes a function
for connecting via periodic dial-up using a MODEM (remember them? we still
have one hooked up for use with the shared fax service within SBS) and it is
an exceptional dial-up connection that provides for a static IP (I believe
only Demon Internet in the UK allocates them and for SBS 4.0 installations
only).

Ergo, I maintain - I am running perfectly functional software that has been
blocked from being functional by the introduction of this SenderID program.
I need a fix for SMTP and either DNS or smart-host - not smart-hass comments.