Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

All mail to hotmail / outlook.com blocked from main IP

Discussion in 'E-mail Discussion' started by PCZero, Dec 9, 2018.

Tags:
  1. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
    Very recently my user's have been getting bounces from all mail sent to any hotmail.com or outlook.com email address. Seems the server's main IP is on their block list for some reason.

    Below is an example of the bounce messages being received. I have tried figuring out what the issue is but it is going over my head (even though the bounce is probably telling me exactly what to do). I was thinking that it might be a RDNS issue (and it still may be) but I am totally at a loss.

    Can someone please point me in the right direction in DFU terms?

    Thanks!

    __________________________________________________________________________

    Code:
    This message was created automatically by mail delivery software.
    
    A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
    
    xxxxxxxxx@hotmail.com
    host hotmail-com.olc.protection.outlook.com [104.47.14.33]
    SMTP error from remote mail server after pipelined MAIL FROM:<xxx@clientsdomainb.com> SIZE=101791:
    550 5.7.1 Unfortunately, messages from [my.server.main.ip] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to Troubleshooting. [VI1EUR04FT030. eop-eur04.prod.protection.outlook.com]
    
    __________________________________________________________________________
     
    #1 PCZero, Dec 9, 2018
    Last edited by a moderator: Dec 9, 2018
  2. HostSane

    HostSane Member

    Joined:
    Nov 26, 2018
    Messages:
    17
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Mumbai
    cPanel Access Level:
    Root Administrator
    The error message clearly states that the part of the server provider's network is on Hostmail's block list and hence the emails are not getting delivered.

    Make sure you have created RDNS for the mail server's hostname , Domain keys and SPF records are there.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
    Those are all in place and set up correctly.
     
  4. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
  5. HostSane

    HostSane Member

    Joined:
    Nov 26, 2018
    Messages:
    17
    Likes Received:
    4
    Trophy Points:
    3
    Location:
    Mumbai
    cPanel Access Level:
    Root Administrator
    Then you will need to contact the server provider with the error and informing them about the issue and their support should be able to help you out.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
    I AM the service provider. The bounced emails are some that one of my hosting clients is getting.
     
  7. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,356
    Likes Received:
    63
    Trophy Points:
    178
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    You need to open a ticket with Microsoft. https://support.microsoft.com/en-us/supportrequestform/8ad563e3-288e-2a61-8122-3ba03d6b8d75

    As much of a pain in the ass it is, they are pretty good about handling it. You should also have a Live account and sign up for SNDS (Smart Network Data Service) and JMRP (Junk Mail Reporting Program). I'm pretty sure that once you open a ticket and they follow up with you, they will mention those things.

    Mike
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    cPanelMichael likes this.
  8. baronn

    baronn Member

    Joined:
    Dec 27, 2017
    Messages:
    24
    Likes Received:
    6
    Trophy Points:
    3
    Location:
    manchester
    cPanel Access Level:
    Root Administrator
    FYI here is the URL to the SNDS network: Smart Network Data Services you can also try proofpoint which is normally used with the 360 services to ensure your not blocked there either: Home | Proofpoint Dynamic Reputation - IP Lookup
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,325
    Likes Received:
    2,157
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi @PCZero,

    The previous two posts offer solid advice.

    If Microsoft/Outlook is blocking email from your server, you'll need to go through their troubleshooting steps per the Microsoft section at:

    Tutorial - How do I check if my mail server is blacklisted?

    Since Microsoft is blocking the email, you must go through them to determine what must be done to remove the block.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. baronn

    baronn Member

    Joined:
    Dec 27, 2017
    Messages:
    24
    Likes Received:
    6
    Trophy Points:
    3
    Location:
    manchester
    cPanel Access Level:
    Root Administrator
    @PCZero,

    Id also further add that you ensure your SPF and DKIM records are setup correctly and test those with any of the following:
    DKIM record Checker | Test your DKIM record - DMARC Analyzer
    DKIM, SPF, and Spam Assassin Validator - dkimvalidator.com
    DKIM Inspector - dmarcian

    then test an email using: Tools - mail-tester.com

    id also implement the DMARC tag in your dns so that you can monitor whats going on with your emails and enable reporting. You can create your tag manually Build Your DMARC Record in 15 Minutes | Return Path OR using this service: DMARC | Proofpoint

    as a last step whiclst your at it have you added your domains to Google's postmaster tools: Postmaster Tools - Gmail Help

    All that will give you the most comprehensive analysis on what external providers are doing with your emails.

    @cPanelMichael apologies if i have covered some stuff referenced in the link you provided...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    cPanelMichael likes this.
  11. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
    LOL I don't think I have ever had so much info provided for an issue I am having., Thanks for all the help. Let me digest all of this and get rolling on it. I have already opened the ticket with Microsoft and received the reply that appears to indicate they are working on this.

    FYI proofpoint returns this:


    Dynamic Reputation IP Lookup
    Not Blocked
    This IP address is not blocked.

    So that looks good. Thanks for all the help so far. Hopefully this will get resolved quickly.
     
    cPanelMichael likes this.
  12. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
    I have opened a case with Microsoft. Hopefully they will look into this and contact me with the steps to resolve the issue.

    In the mean time, I do have two unused IPs assigned to this box. Is it possible to reconfigure the server to use one of those IPs as the main server IP? If so what are the steps to do so and would that at least temporarily address the issue since it is tied to the current server main IP?

    Thanks everyone for the feedback.
     
  13. webhostuk

    webhostuk Well-Known Member

    Joined:
    Sep 11, 2013
    Messages:
    148
    Likes Received:
    15
    Trophy Points:
    18
    Location:
    UK
    cPanel Access Level:
    Website Owner
    Twitter:
    Setting up few things like SPF record, RDNS and DKIM should help you sent emails to Hotmail, incase your IP is not blocked at there end.

    You can also change the email IP for your domain, if you have 2 IPS in /etc/mailips file.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #13 webhostuk, Dec 11, 2018
    Last edited by a moderator: Dec 11, 2018
  14. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,266
    Likes Received:
    86
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    I went through something similar.
    MS did after a few hours release my IP, but couldn't tell me what triggered it.
    I did say that being the server owner, I need to know so I could put a process in place to prevent a future blacklist.
    However, I just got the answer "we don't know"

    Not much help really.
     
  15. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,325
    Likes Received:
    2,157
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi @PCZero,

    It might, depending on what policies Microsoft uses for detecting a blacklisted mail server. Instructions on how to do this are documented at:

    How to Configure the Exim Outgoing IP Address - cPanel Knowledge Base - cPanel Documentation

    See this note under the /etc/mailips section of the above document:

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    PCZero likes this.
  16. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth

    1) Is this under WHM - Edit a DNS zone? Is the zone for the server hostname.doman.com the zone I want to look at?

    I see the following there...

    hostname. domain.com NS NS1.xxx.xxx
    hostname. domain.com NS NS2.xxx.xxx
    hostname. domain.com A main server ip
    localhost A 127.0.0.1
    hostname. domain.com MX hostname.domain.com.
    mail CNAME hostname.domain.com.
    www CNAME hostname.domain.com.
    ftp CNAME hostname.domain.com.


    In the zone for the actual domain that is bouncing I see all of those (for that domain) plus the following...
    domain.com. TXT "v=spf1 +a +mx +ip4:184.172.200.131 -all"
    default._domainkey TXT "v=DKIM1; k=rsa; p=Very/Long/Random/String;"


    2) Let me ask this. I notice that under WHM - DNS Functions there is an option called Enable DKIM/SPF Globally. Reading the description this looks to perform a clean up of SPF and DKIM on any accounts that were built pre v62. Is this something that I should do and if so is there anything I should look (to ensure it is set correctly) at before performing this function?


    Once again thank you for the patience and assistance. This is one area of my server where my knowledge is (at least) slightly lacking. I am doing my best to follow along and learn as I go.
     
  17. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth

    Michael thank you for the reference. I think for now I am go to leave the IP assignment as is. I'd much rather fix the issue than cover it up (even if it does take a little more time and effort). As time progresses, if the situation changes and the IP change seems appropriate I will move forward.
     
    cPanelMichael likes this.
  18. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,325
    Likes Received:
    2,157
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    This looks good. Those are the SPF and DKIM entries in the DNS zone for that particular domain. It shows DKIM/SPF are setup correctly, assuming the DNS for the domain name is hosted on the cPanel server.

    I recommend enabling DKIM/SPF globally for all accounts. This option will automatically configure DKIM and SPF for you, including the addition of the TXT entries in the DNS zones. No additional actions are required once you use this feature, unless the DNS for the domain name is handled by a remote DNS server.

    An additional action you can take is to ensure a DKIM record is setup for the server's hostname. To setup DKIM for the server's hostname, see this thread. Also, make sure RDNS is setup for the server's main IP address pointing to the server's hostname. You'll need to have your provider/data center setup the RDNS record for you, as it's generally not possible to configure that on the individual server.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. PCZero

    PCZero Well-Known Member

    Joined:
    Dec 13, 2003
    Messages:
    639
    Likes Received:
    67
    Trophy Points:
    178
    Location:
    Earth
    Thanks Michael. I just started the global DKIM/SPF process. On a box with only about 35 accounts (all with just one domain otehr than a very few that have 2 or 3) how long does that process take to complete? I want to wait for it to finish before making any additional changes.

    BTW I do want to thank you publicaly once again for the level of help you have given me since I have been here. I realize that some of the topics I needed help with were not even specifically cPanel related, but you have always gone out of you way to not only help me get the underlying issue resolved but also to make sure I have a comprehension of what the cause and the resolution were. "Teach a man to fish..." Thanks!
     
    cPanelMichael likes this.
  20. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,325
    Likes Received:
    2,157
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    It should complete in under a minute. The process runs in the background, so you won't see a status update in the UI.

    You're very welcome!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice