ServerTune

Browse by category

Search    |    Advanced search

Tips to avoid getting your server blocked by Hotmail/Yahoo/Gmail

If you believe that the feature "Sender verify callout", is causing problems, read on to find out more. Click here to read about "Send verify callout" in this Knowledgebase.

If you're experiencing problems sending email messages from your server to any of the ISPs including: Hotmail / Yahoo / AOL, Gmail, Comcast we suggest the following:

  1. Make sure all domains sending mail via your server have an appropriate email authentication such as:
    • SPF record
      Add SPF entry in your DNS zones using the following:
      v=spf1 a mx ip4:SERVER_MAIN_IP_ADDRESS -all
      In some situations, some of your customers might have dedicated IPs for their sites and their MX and A records point to those IPs. Those IP addresses "are NOT the main IP address " for the server. By default, on a cPanel and/or a DirectAdmin powered server(s), the main IP address is the one which sends out mail. So if the main IP of the server is 60.70.80.90, then you need the following as a minimal SPF record for all domains on that server:
      "v=spf1 a mx ip4:60.70.80.90 -all"
      MSN/Hotmail recommends using -all terminators in the SPF record. Click here to learn more about how to create a SPF record.
    • DKIM
      Technically speaking, DKIM provides a method for validating a domain name identity through cryptographic authentication. Implementing DKIM helps ISPs to identify email messages sent from your server are legitimate and valid.
  2. Assign an IP address to every client sending out large number of email messages. Yahoo! Mail, for example, keeps reputation data about each IP address sending out messages to their system. By doing that, you make it easier for Yahoo! Mail to determine the IP address' reputation.
    ISPs look at the reputation of the domain and the IP address used to send email messages from.
  3. Manage your and/or your client's lists by paying attention to bounces and rejections. Clean lists get higher-priority delivery than others.
  4. Don't act and/or any of your clients act like a phisher:
    • Don't use an IP address as part of your email address. Use a valid domain name hosted on your server.
    • Don't include HTML forms in email messages. Submitting and/or including forms in email messages is considered security threat for many ISPs.
    • Don't include JavaScript code in email messages.
    • Don't include embedded objects in email messages such as: Flash or Active-X.
    • Don't re-send rejected messages. If a message gets rejected, it will not be accepted anytime soon. Re-sending rejected messages is a waste of resources and makes you appear to have a dirty list.
  5. Use standard POP3 and SMTP Mail Ports, only.
  6. Use a consistent "From:" header address. Your domain name is an important element of your brand. Using it consistently helps in distinguishing email sent out from your server from SPAM.
  7. Be CAN-SPAM compliant.
  8. Make sure the IP address that your server sends mail from (which would be the main IP address), has:
    1. Valid reverse DNS (rDNS); and
    2. That rDNS is reflective of your hostname, rather than some generic record that your upstream IP provider has put in place.
  9. SSH to your server and run the following two commands to see if your hostname is associated with the main IP of your server:
    nslookup your.hostname
    and
    nslookup YOUR_SERVER_MAIN_IP
    (where YOUR_SERVER_MAIN_IP is the main IP address of your server). The system should return your_hostname
  10. Go to: www.openrbl.org and make sure your main server IP address and/or hostname is not blocked or blacklisted on any of the popular DNSBLs. We also suggest you read this article "How can I find out if my IP Address(s) have been blocked by an anti spam company?"
    Although your main IP or hostname might not be listed there, it doesn't mean that it is not blacklisted or negatively scored by AOL or Yahoo or Hotmail or www.RR.com. It is likely that AOL or Yahoo or Hotmail or www.RR.com negatively scored your server due to past traffic from that IP address before your server was using it.
  11. Disable, if possible, the feature Autoresponder on your server. Click here to read why are Autoresponders bad?
  12. Make sure your users aren't forwarding all of their email, which might include spam, from their accounts hosted on your server to an @aol.com or @yahoo.com or @hotmail.com email address. That will surely cause future emails from your server's IP address to be considered un-safe or spam by those entities.

    Stopping customers from forwarding their email is very difficult. Since it is not possible to guarantee that all email messages forwarded from your server to AOL / Hotmail / Yahoo are not spam or don't contain spam, you need to let your customers know that their email might be rejected by those entities.
  13. Enable SpamAssassin, or any good spam filter, on all accounts hosted on your server. Make sure spam rules are up-to-date all the time.
  14. Secure and harden your Web and Mail servers. Ensure your Mail server is not an open relay or proxy. Keep your Mail server up-to-date with the latest security patches to help prevent spammers from using your resources and tarnishing your reputation.
  15. Make sure all scripts either Php and/or cgi/Perl such as: formmail/cgimail are secure and can not be used by spammers to send out spam.

Even after you've followed all of the above instructions, you and your users may find that their email does not arrive, or ends up in the Spam folder of an ISP. Read and follow the instructions of these ISPs:

NOTE
We'll be more than happy to apply the best possible spam rules, secure, harden, and optimize your Mail server. Please contact us at: customerservice@servertune.com

 
 
Add comment
 
Views: 1416
 
Votes: 0
 
Comments: 0
 

Other articles in this Category

RSS