Recently, Comcast/Xfinity stopped accepting mail from my MIAB instance. I am clean on Spamhaus so they must maintain their own blocklist or else they use another service. There are no instructions on how to remediate this. Has anyone else run into anything similar? Any ideas on how I can get this fixed?
Reporting-MTA: dns; box.example.com
X-Postfix-Queue-ID: B643C400CC
X-Postfix-Sender: rfc822; user@example.com
Arrival-Date: Thu, 3 Oct 2024 11:06:32 -0400 (EDT)
Final-Recipient: rfc822; user@comcast.net
Original-Recipient: rfc822;user@comcast.net
Action: delayed
Status: 4.0.0
Remote-MTA: dns; mx1a1.comcast.net
Diagnostic-Code: smtp; 554 resimta-a2p-652305.sys.comcast.net
resimta-a2p-652305.sys.comcast.net ESMTP server not available
Will-Retry-Until: Sat, 5 Oct 2024 11:06:32 -0400 (EDT)
Oct 3 18:11:58 box postfix/smtp[950079]: 747E741AD1: to=<user@comcast.net>, relay=mx2h1.comcast.net[96.102.157.180]:25, delay=71793, delays=71788/0/5.2/0, dsn=4.0.0, status=deferred (host mx2h1.comcast.net[96.102.157.180] refused to talk to me: 554 resimta-h2p-561807.sys.comcast.net resimta-h2p-561807.sys.comcast.net 123.234.111.222 found on one or more DNSBLs, see https://postmaster.comcast.net/smtp-error-codes.php#BL000010)
And yes, reverse DNS is correctly configured:
Reverse DNS is set correctly at ISP. [111.222.123.234 / 1111:2222::3333:4444:5555:6666 ↦ box.example.com]
Check yourself here MultiRBL.valli.org - Blacklist, Whitelist and FCrDNS check tool and try to delist yourself from as many as possible. They might be running their own blacklist ruther than Spamhaus. and try to delist yourself from as many as possible. They might be running their own blacklist rather than Spamhaus.
It’s so frustrating that IP addresses that have been clean for so many years get periodically listing on various block lists. It’s such a pain to self host email these days that I wonder how much longer I can do this.
I do agree. There have been a number of users on this forum who have moved to other commercial servers for these reasons. @JoshData
I wander if the greeting ESMTP Hi, I'm a Mail-in-a-Box (Ubuntu/Postfix; see https://mailinabox.email/) can get you on the non-public lists such as this one? Is there any other telltale sign which can identify a self hosted MIAB to these overzealous blacklist maintainers?
As far as I know this could be edited in main.cf and thus may trick them into thinking that the server is not self-hosted.
Is there a way to check the current number of active MIAB servers?
I think the problem is that list maintainers frequently add entire blocks of IP address that have been the source of suspicious emails, regardless of individual IP address reputations. And then of course there are the conglomerates like Google and Microsoft for whom it is in their interest to make self hosting difficult to force people onto their platforms.
I just edited the main.cf message and immediately got a bounce from gmail. They might also filter according to the greeting message provided that there are spammers using MIAB.
ristotodov@gmail.com: host gmail-smtp-in.l.google.com[173.194.76.27] said:
550-5.7.1 [141.22.32.217 12] Gmail has detected that this message is
likely 550-5.7.1 unsolicited mail. To reduce the amount of spam sent to
Gmail, this 550-5.7.1 message has been blocked. For more information, go to
550 5.7.1 Why has Gmail blocked my messages? - Gmail Help
ffacd0b85a97d-37d1695e25dsi2266351f8f.289 - gsmtp (in reply to end of DATA
command)
I am also being blocked by comcast it just keeps saying my emails are being throttled. To be fair google is also blocking me. Yahoo/ATT used to block me but I think I manually got off their blocklist.