Email Bouncebacks

Hi Jarland & MX Community,

My dev / sysadmin shared this issue with me:

“I see a bunch of frozen email bounces… they all say things like this, which indicates the possible cause if being on a blacklist at mxroute… will have to contact them to see what the deal is.”

Date: Mon, 25 Jan 2021 14:20:46 -0600

From: Mail Delivery System Mailer-Daemon@server1.thesite’shostingdomain.com

To: noreply@my.xxxxx.com

Subject: Mail delivery failed: returning message to sender

–1611606046-eximdsn-797571208

Content-type: text/plain; charset=us-ascii

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its

recipients. This is a permanent error. The following address(es) failed:

robert@xxxxx.com

host blizzard.mxrouting.net [00.00.00.00]

SMTP error from remote mail server after end of data: 550 High scoring spam message has been dropped, likely blacklist

–1611606046-eximdsn-797571208

Content-type: message/delivery-status

Reporting-MTA: dns; server1.thesite’shostingdomain.com

> “it seems that the process of bounce backs, and the circular stuff that happens starts off with these emails:”

Date: Sun, 24 Jan 2021 18:01:03 -0600

From: Mail Delivery System Mailer-Daemon@server1.thesite’shostingdomain.com

To: noreply@my.xxxxx.com

Subject: Mail delivery failed: returning message to sender

–1611532863-eximdsn-1880917096

Content-type: text/plain; charset=us-ascii

This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: robert@xxxxx.com

host blizzard.mxrouting.net [00.00.00.00]

SMTP error from remote mail server after end of data: 550 High scoring spam message has been dropped, likely blacklist

–1611532863-eximdsn-1880917096

Content-type: message/delivery-status

Reporting-MTA: dns; server1.thesite’shostingdomain.com

Action: failed

Final-Recipient: rfc822;robert@xxxxx.com

Status: 5.0.0

Remote-MTA: dns; blizzard.mxrouting.net

Diagnostic-Code: smtp; 550 High scoring spam message has been dropped, likely blacklist

–1611532863-eximdsn-1880917096

Content-type: message/rfc822

Return-path: noreply@my.xxxxx.com

Received: from tfwh by server1.thesite’shostingdomain.com with local (Exim 4.93)

(envelope-from noreply@my.xxxxx.com)

id 1l3pIq-00CKtu-GQ; Sun, 24 Jan 2021 18:00:20 -0600

To: Me

Subject: WHMCS Cron Job Activity

Date: Mon, 25 Jan 2021 09:00:20 +0900

From: xxxxx noreply@my.xxxxx.com

Message-ID: a8zl94tJ0ZqhULcnt6EWqWHg9mXGrWhvGC9aXGEnHM@server1.thesite’shostingdomain.com

X-Mailer: xxxxx

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary=“b1_a8zl94tJ0ZqhULcnt6EWqWHg9mXGrWhvGC9aXGEnHM”

Content-Transfer-Encoding: 8bit

This is a multi-part message in MIME format.

–b1_a8zl94tJ0ZqhULcnt6EWqWHg9mXGrWhvGC9aXGEnHM

Content-Type: text/plain; charset=us-ascii

All cron automation tasks completed successfullyInvoices

1 Pending Module Actions in Queue. https://my.xxxxx.com/xxxxx/modulequeue.php

I found a few emails from the server starting with hostname “ec1” that were rejected with that message. They were rejected mostly for being sent from a subdomain (my.t****.com) which has no MX records. Someone sending from a domain/subdomain that lacks MX records generally means they don’t want to receive email back, which means they don’t want to get bounce emails for the spam they’re sending.

Remember that if you’re sending to us rather than through us, you’re held to the same standards as an external sender and we do make an effort to prevent our customers from being bombarded with endless spam as this is probably the most requested function of us by customers.

rspamd_rules/force_actions.conf at master · mxroute/rspamd_rules (github.com)

So I will solve this problem by adding the same MX records I have for my original domain to the subdomain, correct? Do I need to add that subdomain to my MXRoute account too?

Oh, and should I add an SPF, DKIM & DMARC for the subdomain too then?

Upon further review, I see that I have an SPF record for it already. So just MX & DKIM will do it, right?

Thanks again Jarland!

Well the MX record for the server is in:

Hopefully that solves it!

As always, thanks for the assist Jarland!

Yes, I added one for the subdomain:

https://drive.google.com/file/d/1HokKoR7a9WaXmIxYlBihODcijAp3H1Zi/view?usp=sharing

It was in the top of that pic, you may have only noticed the current records at the bottom of the list.

That could work.

A bit iffy on this, the server might not like receiving mail from a domain that was added in DirectAdmin where that email wasn’t authenticated against the SMTP server on our DirectAdmin server.

You could also maybe just add the ec1 server as the MX record for the “my” subdomain and add the subdomain to that server, if that server has any mail server on it at all. Since you’re basically bypassing our sending infra and sending mail to us from your own mail server, makes sense that you’d complete the circuit on that end.

The “my” subdomain would need it’s own MX record in this case. MX record for the root domain doesn’t cover sending as @my.domain.tld.

Hi Jarland,

That still appears to not have solved the issue. You think it will take time? Add an SPF record? Any other steps you think we could take?

Thanks,
Steve

It’s hard for me to keep up with where we’re at on this in this venue, since I can’t post private data to it. This is probably better in a ticket (support@mxroute.com). Please open the ticket as though we haven’t walked through any of this, and you’re introducing it to me for the first time so we have a solid baseline. Sender, recipient, error, expected behavior vs actual, etc.