IP blacklisted help
-
This is something I know nothing about so go easy on me.
I've recently started getting emails bounced back from my 'work' address. This account is mainly used to communicate with my boss, but I'm worried that it's getting flagged as spam when I use it for other purposes (tax, banking, etc.)
The message I get when I try to send it is
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
<his address and IP>SMTP error from remote mail server after RCPT TO:<his address>: 554 5.7.1 You are sending spam (check http://www.spamhaus.org/query/bl?ip=50.31.160.50)
Action: failed
Final-Recipient: rfc822;<his address>
Status: 5.0.0
Remote-MTA: dns; <his domain>
Diagnostic-Code: smtp; 554 5.7.1 You are sending spam (check http://www.spamhaus.org/query/bl?ip=50.31.160.50)
This isn't my IP address.
While I imagine there isn't much I can do to fix this myself I'm asking who I should inform - my webhost, domain provider, or ISP? I also have a SmartDNS service but I've turned it off for the last few days and it hasn't changed anything.
-
@coldandtired Looks like the entire webhost is marked as sending spam.
-
@coldandtired do you know whose IP it is? I imagine it is your email's web host, right? I would start with them. They probably have SOP for these requests because I bet it happens all the time. You probably have shared space with either a spammer or a host tenant that's compromised with a virus. That needs to be dealt with before anything else because if you try to unlist yourself and the spammer is still active, you'll just be blacklisted again.
-
@the_quiet_one said in IP blacklisted help:
I imagine it is your email's web host, right?
Looks like a shared hosting company's IP address, just based on the domains returned by robtex.
-
@the_quiet_one It's some cheapy shared hosting that's been fine for three years. I don't demand too much from them :)
-
So it's all to do with the webhost. I'll contact them now.
-
@the_quiet_one said in IP blacklisted help:
They probably have SOP for these requests because I bet it happens all the time.
Uh huh..
https://www.abuseat.org/lookup.cgi?ip=50.31.160.50
This IP address was detected and listed 451 times in the past 28 days, and 7 times in the past 24 hours. The most recent detection was at Fri Jun 8 06:05:00 2018 UTC +/- 5 minutes
And from
Parsing input: 50.31.160.50
[report history]
ISP believes this issue is resolved 50.31.160.50
ISP believes this issue is resolved: 50.31.160.50 - no date available
Routing details for 50.31.160.50
[refresh/show] Cached whois for 50.31.160.50 : abuse@servercentral.com
Using abuse net on abuse@servercentral.com
abuse net servercentral.com = abuse@servercentral.com
Using best contacts abuse@servercentral.comStatistics:
50.31.160.50 not listed in bl.spamcop.net
More Information.
50.31.160.50 listed in cbl.abuseat.org ( 1 )Reporting addresses:
abuse@servercentral.com
-
@coldandtired said in IP blacklisted help:
cheapy shared hosting
Well, there's your problem. I've never had a shared host that didn't eventually have this problem. If you have a legitimate business that does more than just hobby work or "maybe this will expand into a real business someday" stuff, you gotta pony up for a full host that you have a lot more control over.
-
@coldandtired said in IP blacklisted help:
So it's all to do with the webhost. I'll contact them now.
I had that happen with my webhost. When I informed them (GreenGeeks), they jumped right on it and had it fixed in about a day or 2.
-
The mails for your domain have been redirected through an alternate IP address and SPF record updated.
Please allow for a few hours for the changes to take effect and let us know if you continue to experience the same issue.
If that has fixed it they only took around an hour, including waiting for more information for me. Not too shabby.
-
@the_quiet_one or don't send e-mails directly from your server, use a third-party service for that
-
Google Apps and Office 365 are ~$5/month. Just pony up the bucks and be done with this sort of issue. Google and MS are unlikely to ever be blacklisted.
-
@polygeekery From my understanding they don't really provide the things I wanted (a website to install stuff on and some email addresses).
Google Apps offers the email address but Office 365 doesn't seem to add anything useful. Plus together they are more like $30 a month.
-
@coldandtired said in IP blacklisted help:
the things I wanted (a website to install stuff on and some email addresses)
Separate your concerns. Keep your cheap webhost, pay Google $5/month to handle your email. Office 365 is the same. You would be looking for "Office 365 Business Essentials".
-
Make your mind, ?
-
@sockpuppet7 said in IP blacklisted help:
Make your mind, ?
He needs email that won't get blacklisted all the time. That will give it to him.
If he needs desktop applications then we can discuss that here or separately.
-
@polygeekery No, I understood what you're saying. It's just the product description that is confusing as hell.
-
Of course, I guess @coldandtired could go full blakey and yell at me for not telling him how to fix this particular blacklisting issue. Instead I told him how to fix it for good and never have to deal with it again. ;)
-
@polygeekery said in IP blacklisted help:
Google Apps and Office 365 are ~$5/month/user. Just pony up the bucks and be done with this sort of issue. Google and MS are unlikely to ever be blacklisted.
Nickel and diming to death! :P
-
@sockpuppet7 said in IP blacklisted help:
No, I understood what you're saying.
Sorry. Possibly my fault. I am not myself today.
@sockpuppet7 said in IP blacklisted help:
It's just the product description that is confusing as hell.
Well, out of context it is. If you look at the overall services comparison it makes sense:
Business Essentials is only email. Other services provide the desktop apps.
IMHO, Business Essentials should include Outlook, but I am not their marketing guy so what do I know?
-
@polygeekery I believe the problem is a lack of a colon after the red "Office applications included." It can be read as a statement that office applications are in fact included.
-
@greybeard I got it later.
-
@greybeard said in IP blacklisted help:
@polygeekery I believe the problem is a lack of a colon after the red "Office applications included." It can be read as a statement that office applications are in fact included.
I read it as a list of apps that they include with a placeholder for "this list is empty".
-
@ben_lubar I think it's a warning for the TimeBandits of the world that they might get Office on them.
-
@polygeekery My problem seems to be fixed but I've bookmarked those for when I go a bit more professional. Cheers!