Blacklisted IP - what to do?

Hi,

My newly set up mailinabox is working fine, but I’ve identified a major issue. I’m hosting the server on Linode, and many mail hosting services (including some major ones like Outlook and Exchange 365) seem to be blacklisting Linode IPs. Most of my sent emails bounce back, with the notable exception of Gmail which seems to accept them. My SPF, DKIM, DMARC, and SRV records are all set up correctly and verified using MXToolbox.com, which reports that I’m on only 1 blacklist: UCEPROTECTL3. I understand this is a shady and disreputable list that practices extortion (essentially, pay to have your IP removed), but email hosting providers seem to have their own private blacklists as well which is what’s causing my issue. I’ve tried the removal procedures mentioned in the bounce-back emails; I didn’t receive a reply except from Microsoft, which basically said “no”.

After doing some research, I understand it’s fairly common practice for IPs belonging to VPS hosting services like Linode, AWS, Digital Ocean, etc. to be blacklisted. So what does everyone here do to get a clean IP? Without one, I simply can’t keep using mailinabox. In the meantime, I’ve transferred my domain to Exchange 365 because I can’t afford to be without reliable sent email. It’s a shame, because mailinabox itself is great.

Thanks

2 Likes

What sites did you use to discover the blacklists you are on?

I have found this site tells me of blacklists I have been on that other sites do not:

Also, what are the log messages left when you send mail? Microsoft and Yahoo! usually do a reasonable job at leaving log messages for admins.

As a side note, I’ve been using Vultr without issue for several years, and other mail admins using Vultr usually report the same thing.

The developer of OpenSMTPD, the OpenBSD SMTP project, also uses Vultr and prior to COVID had hinted he would be launching his own mail services primarily utilizing Vultr. However, for whatever reason, nobody in the MiaB forums, except for me, ever reports on Vultr, while many people in the MiaB forums report problems with their ISPs.

Thanks. I used MXToolbox.com to check my blocklist status. I also tried the one you recommended, and it confirms the results from MXToolbox: I’m on dnsbl-3.uceprotect.net and no others. Just for fun, I also tested my residential ISP IP address and it’s clean. Go figure…

The error message I received from Microsoft is the following (IPs and names redacted):
outlook-com.olc.protection.outlook.com[104.47.57.161] said: 550 5.7.1
Unfortunately, messages from [] weren’t sent. Please contact
your Internet service provider since part of their network is on our block
list (S3140). You can also refer your provider to
http://mail.live.com/mail/troubleshooting.aspx#errors.
[DM6NAM11FT051.eop-nam11.prod.protection.outlook.com] (in reply to MAIL
FROM command)

Reporting-MTA: dns; 
X-Postfix-Queue-ID: 8F6F79F1C9
X-Postfix-Sender: rfc822; [](mailto:)
Arrival-Date: Sat, 6 Feb 2021 11:35:13 -0500 (EST)

Final-Recipient: rfc822; [](mailto:)
Original-Recipient: rfc822;[](mailto:)
Action: failed
Status: 5.7.1

I followed the procedure described in the link, but Microsoft responded that my IP is not eligible for removal.

Here’s another error message from a different mail hosting provider:
<>: host mx1-us1.ppe-hosted.com[67.231.154.162] said: 550 5.7.1
Service unavailable; client [] blocked using Proofpoint
Dynamic Reputation (Visit https://ipcheck.proofpoint.com/ if you feel this
is in error.). Please provide the following IP address when reporting
problems: [] (in reply to RCPT TO command)

I estimate that at least 50% of my sent emails bounce back with similar messages. The problem seems to be that mail providers are using custom private blocklists, so just because the IP isn’t listed on public blocklists it doesn’t mean it’s OK.

The best I can offer you is to use a different VPS provider which is not on M$'s internal black lists …

or use a paid smtp relay such as the one I have created:

I don’t recommend the ‘free’ smtp relays as they too are blacklisted for the same reasons your VPS provider is. @cinergi

1 Like

You can get your IP removed from Microsoft (Outlook, Hotmail etc) by joining their SMDS system as well as their Junk Mail Reporting Program. Search for both and sign up for both. Once you’ve checked an inbound DMARC email that your settings are working (don’t rely on MXToolbox for confirmation, only a DMARC email will prove it) you’ll know where you stand. Send an email to your GMail account to receive a Google DMARC which is the one you should examine.
Once you’ve done the above, email Microsoft through their “Support Request” page which will ask you for your IP and email headers. Work with them (can take days and several emails) but you should eventually get your IP removed from their blacklist.

Ignore the dnsbl-3.uceprotect.net blacklist. It changes every 4 hours, and blocks entire blocks of IPs. Luckily it’s hardly used by ISPs. You can get yourself removed from uceprotect 1 and 2, but 3 has to be done by the maintainer of the IP block.

Hope this helps… Best of luck!

Thanks to all who replied. As a 1st step, I will try using Vultr as @openletter suggested. Hopefully this will work. If not, I’ll try AnyMXRelay. The option of working with Microsoft to resolve the issue might work for Microsoft email services (Outlook, Office 365) but not other providers. I don’t really want to deal with random email hosting providers whenever I send an email.

Thanks

Regarding Vultr, they do seem to have some newer policy of requiring a support ticket to unlock mail ports. I never experienced this and I can spool up a server any time and use it for mail, so either I’m somehow grandfathered or maybe it’s a limitation on new accounts (I actually had Vultr account that I used for a couple of years for web servers before installing MiaB there).

I’m glad Vultr has this policy. FWIW, Linode has it too but my IP is still blacklisted due to the actions of others (spammers) that apparently managed to get around the policy. I’ve read that Vultr has an even more restrictive policy of requiring photo ID to unblock the SMTP port; I welcome this too. Anything that keeps spammers from ruining the service for the rest of us.

Can you please confirm whether you’re able to send email to Outlook, Office 365 and related Microsoft-owned services from your Vultr VPS?

Thanks

When I first set it up years ago I emailed all of the major providers with some minor issues but got everything working no problem.

They charge by the hour, so if it doesn’t work out you’re out a few cents or whatever.

I was initially on a blacklist that tracks IP addresses that have never been used for email, lol.

I recommend following the MiaB Setup recommendation to not use IPv6 address.

Oh, another one I had a good experience for a long time is Rackspace, but they are very expensive by today’s standards.

I went through that headache. You have to wait a lil over a month for it to clear. After this then it will work.

I went through that headache. You have to wait a lil over a month for it to clear. After this then it will work.

Thanks. Do you mean wait a month because the IP address is new, or wait a month after contacting the email hosting providers (Microsoft, etc.) to remove the block?

So you think the block could just be because the address is new?

as per many other threads in this forum, this is common and nothing got to do with your blacklisting, you just got to follow the procedure to get them to unblock them.

Microsoft/Hotmail/Outlook will say you are not eligible to unblock.

You got to email them again, saying you own the IP from linode, then you forward them the receipt of your linode, showing the start date of your box (IP) ownership, and write a little story about how you have enforced SPF checks, DMARC records etc etc, they will get your IP unblocked.

I too use Lindode for email and went through this issue. After submitting a support ticket to Linode, they gave me the MS email contact information to “unban” my Linode IP address. In all, it took just a couple of days to have MS unban my IP address. It’s been working fine ever since and that’s been about a year now. Mind you, my MAIB is just for personal use, not for commercial accounts.

Good luck!

I run MiaB on Linode and have not had unsurmountable blacklist problems. I did need to get MS to unblock me, but that was fairly painless in my case. I believe Linode will allow you to change the IP address of your VM, so maybe you can get on a different IP block that hasn’t been permanently blacklisted by MS.

1 Like

Recent article from Sucuri, they deals with website protection, malware etc.

Update: I spun up a new VPS on Vultr as @openletter suggested and moved my mailinabox over to it, and the IP is clean. It’s not on any blacklists including the infamous UCEPROTECT. My emails to Outlook recipients go into Spam, but at least they’re not rejected completely like with my Linode IP. I understand it’s simply because the IP is new and hasn’t previously been used for sending email. I’m currently following the MS process to clear my address. I haven’t experienced issues with other mail providers. Thanks for the suggestion!

-cinergi

1 Like

Thanks, @cinergi for bringing this up!

I’m running my own mail server for about 8 years now, a few years back I moved from another OS e-mail to MIAB hosted @ Linode for a few years now.

Never had direct rejections from MS domains and my mail server sends a couple of dozens of personal emails per month. I am in on MS SMDS and their Junk Mail Reporting Program since the beginning with MIAB@LInode. This did not help much up-to this day - always my e-mails sent to Outlook/Hotmail recipients arrive in the spam/junk folder, which is very annoying! Never had an issue with e-mails sent to Gmail over the years to be classified as spam/junk not once or any other provider!

Definitely start thinking of boycotting MS domains and sending them by default into the SPAM - E4E fashion! It sounds like MS statement is you do not pay us to host your e-mails, and you’re not big enough for us to care, so we’ll fit your mails in the SPAM by default?

Just for the record recently I deployed another MIAB for a friend as he is starting his own business and this time I did host his mail @ Digital Ocean for 4 months now. The other day he called me said I couldn’t send e-mails to MS Outlook/Hotmail recipients they all get rejected. Checking further it was clear that his IPv4 address was only on a UCEPROTECTL3 list now is the MS subscribed to it well?
Looking at the details these scammers @UCEPROTECTL3 does not have a way to request unblock unless you pay the hefty price tag for it? They were very generously blocking IPv4/18 blocks, altho UCEPROTECTL3 said that his IPv4 was not directly related to the spam score on Digital Ocean they were still blocking 16,382 addresses from DO, and my friend’s MIAB was one of them! Not only that I did move friend’s VM snapshot to another region on DO and guess what it was in that same list UCEPROTECTL3 another /20 blocks blacklisted. Was curious then checked another DO server IPv4 in the third region and guess what?

Contacted DO support and they said we are not a mail platform provider and can’t/won’t do anything about UCEPROTECTL3, and steered me to go to MS/Gmail or pay to SMTP relay services and discouraged me from running my own mail server, well just because it’s difficult and complicated this does not mean we should not try it!

The interesting part was that yesterday my IPv4 from Linode got under the same general /00 L3 block all on that same list - as someone mentions the list is dynamic and tomorrow Vultr ranges could end up on this same scammers lists.

I’m sorry for ranting about it, but your post hit a “sweet” spot, so I could not hold myself not to pitch in.

So what’s the solution? Why should an independent/privacy orientated mail providers like us have to pay third parties to get their personal mail delivered reliably?

Cheers,

1 Like