Email Still Getting Blocked After Blacklist Removal?

Following on from the recent post on UCEProtect and my client being added to a spam blacklist, once we were removed from the blacklist I expected email bounces to stop?

Unfortunately we’ve been getting some odd random (at least I thought) bounces with the following errors:

554 5.7.1 <hostname>: Client host rejected: The sender’s mail server is blocked

Now this isn’t really helpful as the error doesn’t state why you’ve been blocked?!  

Time for a little investigation:

 

Step 1 : Find the mail server bouncing the message

From a DOS window, type “nslookup”

Now type “set type=mx” (this tells nslookup to look-up the mail server for a domain)

Now type the name of the domain e.g. “scotiasystems.com” (note – don’t include a subdomain such as www")

nslookup will now return a list of mail servers which will accept email for the domain.

 

Step 2: Try manually connecting to the server

From a DOS window, type “telnet <mail server name> 25”

This will attempt to connect to the mail server – at this point you may see a disconnect message which gives further instructions on how to follow up.

 

After a little more investigation, it appears that the mail servers in question belong to rr.com and emailsvr.com.   

These companies host email for many smaller companies and appeared to be the common link with all the bounces I’ve found.

Now I’ve checked all known blacklists and we’re not listed – so why are these companies blocking us?    Well it seems once you appear on a blacklist – they continue to block you, even when you’re removed from the blacklist!  

To manually remove the blocks use the following:

rr.com : http://security.rr.com/mail_blocks.htm

emailrsvr.com : [email protected]

 

If I find any more sites like this – I’ll add the removal instructions to this post.