IP address on block lists -- Need advice ASAP please.

J

jim.thornton

Verified User
Joined
Jan 1, 2008
Messages
334
I got my VPS a while ago and have been taking my time setting everything up the way I want it. I have the email server passing all tests but BATV on the AllAboutSpam website/email tool. I have not sent many messages at all from my server.

Last week I started activating users and domains on the server when I noticed that some of the emails were being rejected by Gmail. It didn't make any sense because I have checked to make sure everything working correctly. I read the bounce and noticed it was rejected for suspected spam. I then went to mxToolbox to run their diagnostics and sure enough the IP address is on 3 block lists.

I sent in a request to be delisted on one. Then I went to SORBS and searched and it shows 11 counts of spam all received in early May. I wasn't even using the server live at this time. So, I'm thinking from when I got the server setup to now, someone maybe spoofed my IP address and sent out a bunch of spam messages. Is this possible? It's not setup as an open relay.

So... I explained the situation to my ISP and they have assigned a new IP address to my account. Am I better to just re-configure everything and change email addresses, or request and wait to be removed. In the mean time Google is rejecting everything.

Please advise ASAP
 
Is there an automated way of changing the SPF records in all of the emails?

Maybe just search and replace the old ip to the new ip address in the DNS zone file? Or is that already done with teh ipswap.sh script?
 
Use the following to change the SPF records for all of your domains:
Code: 
perl -pi -e 's/a mx ip4:[B]OLDIP[/B]/a mx ip4:[B]NEWIP[/B]/' /var/named/*.db
echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue
/usr/local/directadmin/dataskq d

More info about lsof: http://en.wikipedia.org/wiki/Lsof
 
You must log in or register to reply here.
Back
Top