Re: SMTP server for mass email

Sandy,
Thank you for responding so quickly to my post. I thought I should mention
that most of the mass emails are going to be legitimate. We administer court
cases rulings and sometimes we have to send out notifications and claims to
recipients that may be unaware of the case and may mark us as spammers. This
is why I’m attempting to come up with a solution to protect our primary
domain and save cost. Due to your insightful input I have created a new game
plan. To protect our primary domain name from RHS and URIBL, I will purchase
a new domain name that is similar and continue to use a separate ISP. Also I
will open up incoming messages and ensure that it passes the PRT-HELO-A round
trip. But, how to I prevent the recipient from replying? Wouldn’t forge
headers get caught in spam blockers?


Sincerely,
Raymond


"Sanford Whiteman" wrote:

My objective is to setup up a SMTP server so that the company I work
for can send mass email (Outbound only). My thought is to setup a
subdomain like mail.subdomain.domain.com that is connected to a
separate ISP to minimize the risk of our primary domain and email
server being blacklisted.

Your second-level domain, i.e. example.com, will usually be the one
listed in RHS (right-hand-side) blacklists. Using a subdomain offers
little to no protection in this regard.

Likewise, if your mass e-mails are seen as spamvertising your
second-level domain in clickable URLs, that domain will be blacklisted
in URIBL blacklists, as it should be.

Using a separate ISP _does_ offer you significant protection against
IP4R blacklisting, though.

1. Setup DNS internally and externally so that the MX records point to
the right IP a. mail.subdomain.domain.com

MX records point to hostnames, not IPs, but I think you may have meant
'MX record for domain pointing to hostname + A record for hostname
pointing to IP'.

However, if host 'mail.subdomain.domain.com' is the 'right' MX for the
domain 'mail.subdomain.domain.com', and you will be using that domain
in sender addresses, then it had better accept mail for that domain.
Given your note in [4a], it does not accept inbound traffic.
Therefore, it is not a valid MX.

1. Not able to send email to the primary domain (error message
“Unable to
bind to the destination server in DNS”)

There's a common problem when outbound gateways behind the same
firewall as mailbox servers attempt to send to the mailbox servers'
public addresses. You will need to ensure that the second-level
domain's MX can be resolved and connected to from your outbound
machine. Do your lookup and connection tests from the outbound
machine. Make sure to use exactly the same DNS resolver that IIS will
be using.

2. Not able to send email to hotmail (no error message), but can send
to
gMail.

You probably don't pass the PTR-HELO-A roundtrip test. See below.

3. x.x.x.147 is a secondary IP address but the messages are sent over
the
primary (x.x.x.157) even though I have specified the SMTP server to use
x.x.x.147.

Outgoing connections are always bound to the primary address of the
NIC. Known behavior.

In general, you must ensure that any outbound gateway passes the
PTR-HELO-A roundtrip test to have the greatest probability of
successful remote deliveries.

This means you need a PTR for your public IP. The PTR hostname must
match the HELO hostname sent by your server. There must be an A record
for that hostname that points back to the public IP.

--Sandy




------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
------------------------------------

.

Relevant Pages

  • Re: SMTP server for mass email
    ... for can send mass email (Outbound only). ... server being blacklisted. ... listed in RHS blacklists. ... 'MX record for domain pointing to hostname + A record for hostname ...
    (microsoft.public.inetserver.iis.smtp_nntp)
  • Re: Help w/ Not-booting Problem
    ... >No - setting the hostname is one element in the boot process. ... I have had a working system of RedHat Linux 7.2 for several months. ... >external DNS server on an adsl router! ... >You appear to have a networking problem. ...
    (comp.os.linux.misc)
  • Re: DNS lookup delays
    ... > 127.0.0.1 localhost.localdomain localhost luminiferous luminiferous.aethernet ... You want to set your hostname, so the machine isn't trying to work it ... That sounds awfully like it's not using its own hosts file to work out ... >> to resolve them locally (via the hosts file, or your own DNS server). ...
    (linux.redhat.install)
  • Truly Bizarre outbound traffic when I have open TS connection to DNS server
    ... The problem is that I am seeing strange outbound TCP traffic being denied by ... I am running windows 2003 on 3 machines for a public ... One of these machines is the DC/DB/DNS server and the other 2 are ... The reason im sure this is a DNS issue is that 1) the requests originate ...
    (microsoft.public.windows.server.dns)
  • Re: Question regarding firewalls
    ... In an SBS domain, what firewall ports are really needed for most ... 110 if they use POP3 on external server ... Your clients should need only HTTP and HTTPS outbound, ...
    (microsoft.public.windows.server.sbs)