I manage a server which is hosted with Rackspace. I get a complaint that addresses @hotmail.com aren't receiving email from the server so I go to check it out...in the mail logs we have...
"relay=mx3.hotmail.com[65.55.92.152]:25, delay=0.16, delays=0.08/0.01/0.06/0.01, dsn=5.0.0, status=bounced (host mx3.hotmail.com[65.55.92.152] said: 550 DY-001 Mail rejected by Windows Live Hotmail for policy reasons. We generally do not accept email from dynamic IP's as they are not typically used to deliver unauthenticated SMTP e-mail to an Internet mail server. http://www.spamhaus.org maintains lists of dynamic and residential IP addresses. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please visit http://postmaster.live.com for email delivery information and support (in reply to MAIL FROM command))" I checked spamhaus.org and it says Ref: PBL290440 xxx.xxx.xxx.xxx/27 is listed on the Policy Block List (PBL) Outbound Email Policy of Rackspace US, Inc. for this IP range: It is the policy of rackspace that unauthenticated email sent from this IP address should be sent out only via the designated outbound mail server allocated to rackspace customers. To find the hostname of the correct mail server to use, customers should consult the original signup documentation or contact rackspace Technical Support.
Big schpeel...which basically means the ip range (30 addresses) which the server I support happens to be in are fluffed.
So I go and bug rackspace tech support...now the fun begins. They check things out, turns out that one or more servers in the range (not the one I manage) has been spamming so they got added to the black list, and it will take up to a week to get the address off the list...oh yay.
So I ask for an extra IP outside the block to send mail via...DENIED! Why? Because they can only supply IPs for SSL certs, oh come on I only need it for a week.
They suggest I clone the server to another box and use that new IP..yeah right that means downtime while the new server is built and while DNS propagates which is around 2 days.
So what do I end up doing? Building a new server and have postfix relay through that...which is quite easy in the /etc/postfix/main.cf
file add the following
relayhost = xxx.xxx.xxx.xxx (replacing xxx.xxx.xxx.xxx with the IP of the new server)
Then on the new server set
mynetworks = 127.0.0.0/8, yyy.yyy.yyy.yyy (replacing yyy.yyy.yyy.yyy with the IP of the old server)
Restart both postfix services and you're done.
0 comments:
Post a Comment