Email from my server rejected because of ISP's IP blacklisted

aldux

Member
Nov 16, 2007
5
0
51
Hi, I´m having an issue with a customer that can´t send emails to certain destinations because the IP their ISP provided is blacklisted.
If they send the email using Webmail, the mail goes through.
If I sent the email from the same account but from a different location and ISP, the email goes through.
The ISP is known for their lack of response to spam complaints.
They say thay the SMTP server administrator must configure it to hide the originated IP, and I found a few (but really old) workarounds to configure Exim in that way, but I´m afraid of misconfiguring Exim.

Is there any way to not list in the email headers the email originating IP? (of course in an authenticated SMTP connection).
 

mtindor

Well-Known Member
Sep 14, 2004
1,363
65
178
inside a catfish
cPanel Access Level
Root Administrator
Hi, I´m having an issue with a customer that can´t send emails to certain destinations because the IP their ISP provided is blacklisted.
If they send the email using Webmail, the mail goes through.
If I sent the email from the same account but from a different location and ISP, the email goes through.
The ISP is known for their lack of response to spam complaints.
They say thay the SMTP server administrator must configure it to hide the originated IP, and I found a few (but really old) workarounds to configure Exim in that way, but I´m afraid of misconfiguring Exim.

Is there any way to not list in the email headers the email originating IP? (of course in an authenticated SMTP connection).
I'm going to guess that the recipient mailserver's mail is collected by a Barracuda Spam Firewall with "Deep Scanning" turned on. Deep Scanning on a Barracuda yields so little improvement in spam detection on the Barracuda device, and it generates a lot of false positive blocks [such as in situations like yours] that Barracuda should not even include the deep scanning option. And any mail administrator managing a Barracuda Spam Firewall should consider never enabling Deep Scanning.

My suggestion [although a pain to you and your clients] is to contact the recipient mailserver admins [or have your clients do so] and suggest to them that they need to turn off Deep Scanning on their Barracudas because they are doing their own customers [and potential clients attempting to email them] a huge disservice by [inadvertently] blocking legitimate emails. A real email admin knows how to properly configure a Barracuda Spam Firewall. If you contact those companies and their Barracuda admin doesn't want to disable deep scanning, he should be fired.

The Barracuda Spam Firewall is a wonderful device, if configured properly. If configured with Deep Scanning, it's a piece of garbage that blocks a lot of legitimate email.

NOTE: It is only a guess that the recipient mailsystems that are blocking emails from your client are using Barracuda Spam Firewalls, but I think it's a good bet that they are.

Mike
 
Last edited:

aldux

Member
Nov 16, 2007
5
0
51
Thanks, :) but I must try to solve the issue internally. The recipients are (somebody)@unicef.com and I suspect will be kind of difficult to reach the Unicef server administrators.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

It's ultimately the email client that is adding the sender's IP address to the message header. For example, you will notice the same behavior when using Horde and SquirrelMail, however Roundcube will not display the sender's IP address in the message header. The workaround to this is to have the customer use Roundcube, or search out an email client that will not add their IP address to the message header.

Thank you.