[mail] Undelivered Mail Returned to Sender

[klmhsb42]

If I send mail to outlook.com my mail is blocked as a IP is listed in https://www.spamhaus.org/query/ip/xxx I don't want to show the IP here because I don't know which it is. Is it possible that syncloud.it is listed there?

For gmail.com it says:

The IP you're using to send mail is not
    authorized to 550-5.7.1 send email directly to our servers. Please use the
    SMTP relay at your 550-5.7.1 service provider instead. Learn more at 550
    5.7.1  https://support.google.com/mail/?p=NotAuthorizedError

Any idea what the problem is?

[cyberb]

This is happening because you have a dynamic IP which was used by some spammer in past. The only fix I think is to get a static IP.

[klmhsb42]

This makes sense. But why is the mail delivered by IPv4 if I have IPv6? IPv6 should be static and solve this problem, right? Could this be set up in the mail app settings? Would the mail be delivered if it is send by IPv6 to an IPv4 only mail server?

[cyberb]

It should be your device IP. Check with dig:

IPv4

dig [user].syncloud.it A +short

IPv6

dig [user].sybcloud.it AAAA +short

[cyberb]

Also looks like postfix may fallback to IPv4 if other side rejects IPv6. Also people say to fix that we need reverse DNS on IPv6. https://serverfault.com/questions/565107/when-does-postfix-use-ipv6-and-when-ipv4

[cyberb]

Also, did you upgrade platform and then mail? Dkim keys should help as well.

[klmhsb42]

I have just a privat IPv4 and public IPv6. I guess it's the associated dynamic public IPv4 of my ISP for DSlite NAT. IP leads to URL of ISP. I did upgrade now, but still the SPAM problem. "reverse DNS on IPv6" sounds great...

[klmhsb42]

You could also offer a smart host service (payment based) https://en.m.wikipedia.org/wiki/Smart_host

[cyberb]

Not sure what happens if one of the Syncloud customers starts sending spam and smart host ends up in spam list. I guess similar can happen to Gmail but they must have some crazy cool technics.

[klmhsb42]

That's right. Maybe you will have to pay to get removed from the list. But this would be worst case. This could help maybe https://www.mailscanner.info/

[klmhsb42]

Also you have to be sure not to be legally liable for any damage on spam receiver.

[cyberb]

@klmhsb42 Do you still have this issue?

[klmhsb42]

Not for the sending problem. But if I send from outlook to my server, then the mail is not delivered and outlook says "Message expired, connection refused(Socket error code 10061)"

[klmhsb42]

I don't have port 25 open, as I have IPv6

[cyberb]

If something like firewall blocks incoming port 25 you will not be able to send emails. Can you check if postfix is listening on IPv6:

netstat -lnp | grep 25

Also can you check from outside if you can connect to port 25:

telnet [IPv6] 25

[cyberb]

Postfix was actually not listening on IPv6, just pushed a fix to the official channel, you can update from UI and run netstat again.

[klmhsb42]

Great! Everything works. Thanks. You can close this issue.

You could add to the wiki https://github.com/syncloud/platform/wiki/Mail for the SPAM part, that it might be required to have constant IPv4 address othreiwse mail could be blocked and IPv6 might be blocked (not delivered, neither in spam folder)