Outlook.com / Hotmail.com Blocking Email

Matt

Owner
If you get a bounce notification from hotmail / outlook.com, you can request your domain and the server IP be allowed on their whitelist

https://support.live.com/eform.aspx?productKey=edfsmsbl3&ct=eformts&scrx=1

Complete the form, with all the required details (you will see the information needed in the bounce message you receive back).

They blacklist whole ranges for no specific reason, so there is little I can do until you request your domain matched to the IP in their whitelist.
 

Adam H

Customer
Yeah they shoot first ask questions later, Any new IP range is blocked even after one email that hasnt yet got a reputation. Best thing to do is sign up to : Smart Network Data Services

Add all the IPs to be monitored and generally if you do that first its rare they get blocked. You also get notifications if a particular IP is not playing ball, it tells you whether the IP is 100% blocked and you can see how many mails are sent ( if its over 100 ) in a day. I had issues with mircrsoft services and AOL but Aol was a routing problem "apparently" according to them.
 

Matt

Owner
As a side to this, if you want to ensure reliable sending via your forum / wordpress sites, please look into use a 3rd party such as Mandrill or Amazon SES. They handle all the sending, and you don't need to worry about delivery of mail.

I personally use Amazon SES for sending all my outgoing mail from my sites, and it literally costs a couple of pence a month to use them.
 

19ninety

Hosting Customer
Everything is bouncing for me, all Hotmail (Live, Mail, etc) BigPond, Yahoo, BT & TalkTalk.
Do I need to send a seperate request for each of the domain, Hotmail, Live, etc?
Any info on getting setup with Amazon?
 

Matt

Owner
It looks like the IP has been added to 3 black lists. I'm going through now, and I'm trying to figure which site(s) have caused it.
 

Matt

Owner
upload_2016-2-1_16-57-46.png

I've requested it be removed from the 2 blacklists. I can't get any other information from them though, other than it was blocked.

I would still recommend using Amazon SES for sending outbound mail.

AWS | Amazon Simple Email Service (SES) - Cloud Based Email Services

It's literally a case of adding a domain, validating your DNS records, and validating any email address you are going to be sending from. You then get SMTP details from them, and set those up in XenForo.
 

Matt

Owner
I can see hotmail accepting mails again now

Code:
2016-02-01 16:56:11 cwd=/XXX 3 args: /usr/sbin/sendmail -t -i
2016-02-01 16:56:11 1aQHlr-0004n1-0v <= XXX@cpanel.mattwservices.uk U=caf P=local S=10634 id=112d7f337c0cfba7b56d6c4cfd11baedc87b3554@XXX.com T="XXXXXXXX@hotmail.com
2016-02-01 16:56:11 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1aQHlr-0004n1-0v
2016-02-01 16:56:11 1aQHlr-0004n1-0v SMTP connection outbound 1454345771 1aQHlr-0004n1-0v XXX.com XXX@hotmail.com
2016-02-01 16:56:13 1aQHlr-0004n1-0v => XXX@hotmail.com R=lookuphost T=remote_smtp H=mx1.hotmail.com [65.55.37.88] X=TLSv1.2:ECDHE-RSA-AES256-SHA384:256 CV=yes C="250  <112d7f337c0cfba7b56d6c4cfd11baedc87b3554@cafesaxophone.com> Queued mail for delivery"
2016-02-01 16:56:13 1aQHlr-0004n1-0v Completed
 

Matt

Owner
Also, for anyone on a dedicated IP address, I would recommend setting up SMTP back to an email account on the server, rather than sending via PHP's built in function. This will allow mails to be sent via your own dedicated IP address via EXIM, rather than the shared IP address of the server.
 

Matt

Owner
I've been doing some testing, and it appears to be working correctly again. Hope Pete doesn't mind me using his domain as an example:

Code:
2016-02-04 08:37:09 SMTP connection from (cpanel.mattwservices.uk) [127.0.0.1]:58910 closed by QUIT
2016-02-04 08:37:09 1aRFPZ-0007W0-G1 [54.93.50.35] SSL verify error: depth=0 error=unable to get local issuer certificate cert=/C=XY/ST=unknown/L=unknown/O=QSMTPD/OU=Server/CN=ip-172-31-7-227.eu-central-1.compute.internal/emailAddress=postmaster@ip-172-31-7-227.eu-central-1.compute.internal
2016-02-04 08:37:09 1aRFPZ-0007W0-G1 [54.93.50.35] SSL verify error: depth=0 error=certificate not trusted cert=/C=XY/ST=unknown/L=unknown/O=QSMTPD/OU=Server/CN=ip-172-31-7-227.eu-central-1.compute.internal/emailAddress=postmaster@ip-172-31-7-227.eu-central-1.compute.internal
2016-02-04 08:37:09 1aRFPZ-0007W0-G1 [54.93.50.35] SSL verify error: depth=0 error=unable to verify the first certificate cert=/C=XY/ST=unknown/L=unknown/O=QSMTPD/OU=Server/CN=ip-172-31-7-227.eu-central-1.compute.internal/emailAddress=postmaster@ip-172-31-7-227.eu-central-1.compute.internal
2016-02-04 08:37:10 1aRFPZ-0007W0-G1 ** helocheck@cbl.abuseat.org R=dkim_lookuphost T=dkim_remote_smtp H=mail.abuseat.org [54.93.50.35] X=TLSv1:AES256-SHA:256 CV=no: SMTP error from remote mail server after RCPT TO:<helocheck@cbl.abuseat.org>: 550 *** The HELO for IP address 151.80.77.180 was 'cafesaxophone.com' (valid syntax) ***
2016-02-04 08:37:10 cwd=/var/spool/exim 7 args: /usr/sbin/exim -t -oem -oi -f <> -E1aRFPZ-0007W0-G1
2016-02-04 08:37:10 1aRFPa-0007WG-2O <= <> R=1aRFPZ-0007W0-G1 U=mailnull P=local S=2258 T="Mail delivery failed: returning message to sender" for noreply@cafesaxophone.com
2016-02-04 08:37:10 1aRFPZ-0007W0-G1 Completed
2016-02-04 08:37:10 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1aRFPa-0007WG-2O
2016-02-04 08:37:10 1aRFPa-0007WG-2O ** noreply@cafesaxophone.com R=virtual_user_filter: This is a no reply address, please click on the link in the email or use the contact form on the forum site. Thanks
2016-02-04 08:37:10 1aRFPa-0007WG-2O Frozen (delivery error message)
2016-02-04 08:37:14 SMTP connection from [106.206.137.36]:6278 lost
Specifically:
Code:
2016-02-04 08:37:10 1aRFPZ-0007W0-G1 ** helocheck@cbl.abuseat.org R=dkim_lookuphost T=dkim_remote_smtp H=mail.abuseat.org [54.93.50.35] X=TLSv1:AES256-SHA:256 CV=no: SMTP error from remote mail server after RCPT TO:<helocheck@cbl.abuseat.org>: 550 *** The HELO for IP address 151.80.77.180 was 'cafesaxophone.com' (valid syntax) ***
 

Matt

Owner
and they have blocked it again. This is getting beyond a joke now. It's a single provider doing the block, but Hotmail subscribe to it.

The CBL
 

Matt

Owner
I've just sent CBL a mail directly to try and find out why they are blocking the main IP address of the server.
 

Matt

Owner
I've had a reply. It looks like setting the server back to only sending from its own ip address is the easiest fix for this.
 

Matt

Owner
Address has been unblocked again, and I've set the server back to send all mail from the main IP address of the machine.

HELO check is passing with the correct FQDN

Code:
016-02-06 11:18:42 1aS0sz-0007fz-MK ** helocheck@cbl.abuseat.org R=dkim_lookuphost T=dkim_remote_smtp H=mail.abuseat.org [54.93.50.35] X=TLSv1:AES256-SHA:256 CV=no: SMTP error from remote mail server after RCPT TO:<helocheck@cbl.abuseat.org>: 550 *** The HELO for IP address 5.196.93.133 was 'cpanel.mattwservices.uk' (valid syntax) ***
 

Pete

Hosting Customer
Odd, I had a blocked email yesterday, the one I forwarded you (Mail delivery failed: returning message to sender) as it had no option for me to get unblocked, only said contact your ISP.

(A previous one gave me the link to get unblocked)

Anyway I resent today and it went through fine. So whatever you did worked.
 

Matt

Owner
Yeah, it should "hopefully" be all fixed now. cPanel have released a fix for the bug, but I'm not going to risk getting the IP blocked again by re-enabling the option to send via dedicated IP address. It's just easier having it all sent from the one IP address (and I've not had any other issues with any other cPanel servers I have, apart from this one, as it's the only one with IPv6 configured)
 
Top