The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Email be rejected a spam question

Discussion in 'E-mail Discussions' started by CraftyPanda, Nov 14, 2014.

  1. CraftyPanda

    CraftyPanda Well-Known Member

    Joined:
    Nov 15, 2012
    Messages:
    84
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    Hi guys,

    Someone is trying to email a client on our server and it being rejected as spam by the server. Looking on mail delivery reports in WHM and no entries appear at all, but looking through exims logs and they are there.

    Now the only IP address on a blacklist appears to be a broadband connection IP thats in the middle of the log. Would someone be kind enough to explain to me if and how its possible this could be causing the rejection. Im thinking they are trying to send email from home perhaps through a works exchange server??
    Code:
    2014-11-13 09:07:26 1XoqNA-001sZ9-EQ H=relay.mail-info.co.uk [144.76.217.16]:60740 Warning: "SpamAssassin as rhujhnbg detected message as NOT spam (4.3)"
    2014-11-13 09:07:26 1XoqNA-001sZ9-EQ H=relay.mail-info.co.uk [144.76.217.16]:60740 Warning: Message has been scanned: no virus or other harmful content was found
    2014-11-13 09:07:26 1XoqNA-001sZ9-EQ H=relay.mail-info.co.uk [144.76.217.16]:60740 F=<xxx@xxx.co.uk> rejected after DATA: "The mail server detected your message as spam and has prevented delivery (40)."
    2014-11-13 09:07:26 SMTP connection from relay.mail-info.co.uk [144.76.217.16]:60740 closed by QUIT
    2014-11-13 09:07:32 SMTP connection from [144.76.217.16]:60748 (TCP/IP connection count = 1)
    2014-11-13 09:07:33 SMTP connection from [68.213.80.77]:49958 (TCP/IP connection count = 2)
    2014-11-13 09:07:34 1XoqNI-001sZM-LJ H=relay.mail-info.co.uk [144.76.217.16]:60748 Warning: "SpamAssassin as rhujhnbg detected message as NOT spam (4.3)"
    2014-11-13 09:07:34 1XoqNI-001sZM-LJ H=relay.mail-info.co.uk [144.76.217.16]:60748 Warning: Message has been scanned: no virus or other harmful content was found
    2014-11-13 09:07:34 1XoqNI-001sZM-LJ H=relay.mail-info.co.uk [144.76.217.16]:60748 F=<xxx@xxx.co.uk> rejected after DATA: "The mail server detected your message as spam and has prevented delivery (40)."
    2014-11-13 09:07:34 SMTP connection from relay.mail-info.co.uk [144.76.217.16]:60748 closed by QUIT
    2014-11-13 09:07:36 dovecot_login authenticator failed for adsl-068-213-080-077.sip.sdf.bellsouth.net (ylmf-pc) [68.213.80.77]:49958: 535 Incorrect authentication data (set_id=xxx@xxx.net)
    2014-11-13 09:07:36 SMTP connection from adsl-068-213-080-077.sip.sdf.bellsouth.net (ylmf-pc) [68.213.80.77]:49958 lost
    2014-11-13 09:07:53 SMTP connection from [68.213.80.77]:51431 (TCP/IP connection count = 1)
    2014-11-13 09:07:56 dovecot_login authenticator failed for adsl-068-213-080-077.sip.sdf.bellsouth.net (ylmf-pc) [68.213.80.77]:51431: 535 Incorrect authentication data (set_id=xxx@xxx.net)
    2014-11-13 09:07:56 SMTP connection from adsl-068-213-080-077.sip.sdf.bellsouth.net (ylmf-pc) [68.213.80.77]:51431 lost
    2014-11-13 09:07:56 SMTP connection from [185.38.248.39]:51873 (TCP/IP connection count = 1)
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    To clarify, which blacklist is that IP address on? Is it the IP address referenced with the "rejected after DATA" message? Does the delivery succeed after removing the IP from the blacklist?

    Thank you.
     
Loading...

Share This Page