I've notices lately many bounce emails which actually have the message:
SMTP error from remote mail server after end of data:
421-4.7.0 [ IP 15] Our system has detected that this message is
421-4.7.0 suspicious due to the very low reputation of the sending IP address.
421-4.7.0 To protect our users from spam, mail sent from your IP address has
421-4.7.0 been temporarily rate limited. Please visit
421 4.7.0 Why has Gmail blocked my messages? - Gmail Help for more information. m21si7321721wrb.455 - gsmtp
H=(csrd.com) [114.234.57.84]:1756 Warning: Message has been scanned: no virus or other harmful content was found
<= [email protected] H=(removed.com) [114.234.57.84]:1756 P=esmtp S=1792 T="Re: New refitting business to make your turnover increasing 30% in 1 month" for [email protected]
SMTP connection identification D=mycustomersdomain.gr [email protected] [email protected] M=1ehF5X-001yUB-Pz U=magrizos ID=1323 B=redirect_resolver
Sender identification U=magrizos D=mycustomersdomain.gr [email protected]
SMTP connection outbound 1517492380 1ehF5X-001yUB-Pz mycustomersdomain.gr [email protected]
So a customer of mine, with the email account [email protected] has setup a forwarding email to a gmail account [email protected]
The above email is ofcourse spam and gmail is responding to that.
If I check in the cPanel -> Track Delivery -> Show Deferred I can see many many emails like that, all spam that recieve SMTP error from google.
The REAL problem here is that wondered , if I'm I've setup many RBL's what does spam get through ? so I did check the ip of the spam email: H=(removed.com) [114.234.57.84]
and it is blacklisted in many RBLs including CBL and Spamhaus where I allready use in this server,
so why did the spam got through ?
So if I change to cPanel -> Track Delivery -> Show Failures
I can see that the email above was allready rejected!!!!:
[email protected] Feb 1, 2018 3:38:15 PM 0 [email protected] JunkMail rejected - (csrd.com) [49.68.127.146]:1048 is in an RBL: Client host blocked using Barracuda Reputation, see BarracudaCentral.org - Technical Insight for Security Pros
So the real problem here is that if a spam is received and it's ip exist in one of the blacklists,
the local email user will not get that email, but if that local email user has a forwarding email setup, the spam email will be forwarded, thats getting the server's ip reputation to a terrible place.
How can I fix that ?
SMTP error from remote mail server after end of data:
421-4.7.0 [ IP 15] Our system has detected that this message is
421-4.7.0 suspicious due to the very low reputation of the sending IP address.
421-4.7.0 To protect our users from spam, mail sent from your IP address has
421-4.7.0 been temporarily rate limited. Please visit
421 4.7.0 Why has Gmail blocked my messages? - Gmail Help for more information. m21si7321721wrb.455 - gsmtp
H=(csrd.com) [114.234.57.84]:1756 Warning: Message has been scanned: no virus or other harmful content was found
<= [email protected] H=(removed.com) [114.234.57.84]:1756 P=esmtp S=1792 T="Re: New refitting business to make your turnover increasing 30% in 1 month" for [email protected]
SMTP connection identification D=mycustomersdomain.gr [email protected] [email protected] M=1ehF5X-001yUB-Pz U=magrizos ID=1323 B=redirect_resolver
Sender identification U=magrizos D=mycustomersdomain.gr [email protected]
SMTP connection outbound 1517492380 1ehF5X-001yUB-Pz mycustomersdomain.gr [email protected]
So a customer of mine, with the email account [email protected] has setup a forwarding email to a gmail account [email protected]
The above email is ofcourse spam and gmail is responding to that.
If I check in the cPanel -> Track Delivery -> Show Deferred I can see many many emails like that, all spam that recieve SMTP error from google.
The REAL problem here is that wondered , if I'm I've setup many RBL's what does spam get through ? so I did check the ip of the spam email: H=(removed.com) [114.234.57.84]
and it is blacklisted in many RBLs including CBL and Spamhaus where I allready use in this server,
so why did the spam got through ?
So if I change to cPanel -> Track Delivery -> Show Failures
I can see that the email above was allready rejected!!!!:
[email protected] Feb 1, 2018 3:38:15 PM 0 [email protected] JunkMail rejected - (csrd.com) [49.68.127.146]:1048 is in an RBL: Client host blocked using Barracuda Reputation, see BarracudaCentral.org - Technical Insight for Security Pros
So the real problem here is that if a spam is received and it's ip exist in one of the blacklists,
the local email user will not get that email, but if that local email user has a forwarding email setup, the spam email will be forwarded, thats getting the server's ip reputation to a terrible place.
How can I fix that ?
Last edited by a moderator:
