From owner-freebsd-questions@freebsd.org Wed Jun 12 22:10:10 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CD55915C322D for ; Wed, 12 Jun 2019 22:10:10 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from cyrus.watson.org (cyrus.watson.org [204.107.128.30]) by mx1.freebsd.org (Postfix) with ESMTP id AB0378F2F3 for ; Wed, 12 Jun 2019 22:10:09 +0000 (UTC) (envelope-from doug@fledge.watson.org) Received: from fledge.watson.org (fledge.watson.org [198.74.231.63]) by cyrus.watson.org (Postfix) with ESMTPS id 58E2B192899 for ; Wed, 12 Jun 2019 22:10:03 +0000 (UTC) Received: from fledge.watson.org (doug@localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.15.2/8.15.2) with ESMTP id x5CMA22l053764 for ; Wed, 12 Jun 2019 18:10:02 -0400 (EDT) (envelope-from doug@fledge.watson.org) Received: from localhost (doug@localhost) by fledge.watson.org (8.15.2/8.15.2/Submit) with ESMTP id x5CMA2i3053761 for ; Wed, 12 Jun 2019 18:10:02 -0400 (EDT) (envelope-from doug@fledge.watson.org) Date: Wed, 12 Jun 2019 18:10:02 -0400 (EDT) From: doug Reply-To: doug@safeport.com To: freebsd-questions@freebsd.org Subject: Re: email whitelist suggestions In-Reply-To: Message-ID: References: <20190612152808.GA88512@skytracker.ca> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: AB0378F2F3 X-Spamd-Bar: ++++++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [6.49 / 15.00]; ARC_NA(0.00)[]; HAS_REPLYTO(0.00)[doug@safeport.com]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; IP_SCORE(2.52)[ip: (6.70), ipnet: 204.107.128.0/24(3.35), asn: 11288(2.60), country: US(-0.06)]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[4]; DMARC_NA(0.00)[watson.org]; NEURAL_SPAM_SHORT(0.99)[0.991,0]; MX_GOOD(-0.01)[fledge2.watson.org,cyrus.watson.org]; NEURAL_SPAM_LONG(1.00)[1.000,0]; RCVD_IN_DNSWL_NONE(0.00)[30.128.107.204.list.dnswl.org : 127.0.10.0]; NEURAL_SPAM_MEDIUM(0.99)[0.990,0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:11288, ipnet:204.107.128.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[] X-Spam: Yes X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Jun 2019 22:10:11 -0000 On Wed, 12 Jun 2019, Matthew Seaman wrote: > On 12/06/2019 16:28, David Banning wrote: >> I changed the IP address for my server recently having changed my ISP, and >> now mail from my server is getting continuously filtered into peoples spam >> folders. >> I check my ip address on mxtoolbox.com fairly regularly - my IP never >> appears on a blacklist. >> >> So now I'm thinking whitelist - but I don't have the money to lay out for >> this type of thing - at least not a large amount. >> >> Anyone have a suggestion as to how to resolve my problem? >> > > I assume you have > > - ensured your mailserver address is both forward and reverse > resolvable in the DNS. Without a valid PTR record you aren't > going to have much fun trying to do SMTP > > - Have updated SPF and DMARC records in the DNS to account for the > new IP number > > - Have waited long enough for all the DNS TTLs to expire and the > changed data to populate caches. > > Whitelisting is unlikely to help you very much. You'll find that all the > usual methods to improve deliverability will give you the best results. > > It's also pretty important that your mail server name doesn't look like its a > typical dynamically assigned residential address. Those are marked down by > receiving systems on the basis that most e-mail originating from such > locations is the result of virus infected hardware. > > In principle you might run afoul of not having established a good reputation > for your new IP. In practice, if you're running a low volume system just for > personal e-mail, reputation scoring is pretty unlikely have any effect on > you. It's worth checking though. It is always possible that the previous > user of your new IP number sent oodles of spam from it and has tarnished its > reputation for a long time to come. All the above answers are good advice. I've run moderately busy mail servers since 1995. Lots of changes. That said your minimum requirements IMO: static IP and SPF records. Without the static IP you can not control listing or not by the spam sites. If your IP is assigned by one of the larger ISPs it might take you a while to get it defined as 'clean'. For some of my user's google will tag an email as 'not trusted' without the SPF record. As time goes on more and more will probably do this. Your primary mail server should be a jailed service or a stand-alone system. There are [lots of??] wordpress exploits that send email without any logging. If this happens it will be big deal if you are not the one that finds the breach. Lastly the recipient can always accidently mark your email as spam. Some times you can differentiate that a server level or a user block is the problem but not always. Lastly you can run afoul of the ISPs AI. AOL has deemed me to be spam when my total emails into AOL were less than 500 on that day. G'luck Doug Denault