Server blacklisted - not understood reason

7 posts / 0 new
Topic locked
Last post
#1 Mon, 05/26/2008 - 23:29
pixel_paul
pixel_paul's picture

Server blacklisted - not understood reason

I've found that my server has been blacklisted on 0spam (http://0spam.fusionzero.com/) and the reason given is this:

v=spf1 mx -all Return codes were: 127.0.1.0

I've checked all my configuration settings with respect to spf and they all appear ok.

I just cannot see where the class C address is being picked up from the mail server.

I'm using postfix as my mail server.

Any help would be super appreciated, as this one is confusing the hell out me.

Thanks,

Paul

Tue, 05/27/2008 - 03:18
ronald
ronald's picture

this goes beyond my experience however the TXT in my zonefiles look like this
mydomain.com. IN TXT "v=spf1 a mx a:mydomain.com ip4:xx.xxx.xxx.xx ?all"

where xx.xxx.xxx.xx is the servers external IP,
also it seems important to have a PTR which is done by your ISP
xx.xxx.xxx.xx.in-addr.arpa -> sv01.mydomain.com

if nothing else it will give you some comparison.

Tue, 05/27/2008 - 03:38 (Reply to #2)
pixel_paul
pixel_paul's picture

Hi Ronald,

Thanks for your response. My DNS records for SPF are as follows:

mydomain.co.uk. IN TXT "v=spf1 a mx a:mydomain.co.uk ip4:12.34.56.78~all"

This was generated by Virtualmin, so that looks ok.

However I am missing:

87.65.43.21.in-addr.arpa IN PTR sv01.mydomain.co.uk

I'm having difficulty understanding the reverse lookup part. When I add this to the Reverse Address Records in Virtualmin it wants to add the mydomain.co.uk to the end!

87.65.43.21.in-addr.arpa.mydomain.co.uk IN PTR sv01.mydomain.co.uk

Thanks again Ronald for helping me dig a bit deeper - maybe someone else can add a bit more!

Paul

Tue, 05/27/2008 - 11:29 (Reply to #3)
Joe
Joe's picture

<div class='quote'>I'm having difficulty understanding the reverse lookup part. When I add this to the Reverse Address Records in Virtualmin it wants to add the mydomain.co.uk to the end!</div>

Virtualmin doesn't deal with reverse records at all (because it would make no sense for it to--reverse records don't have a &quot;virtual hosting&quot; context, as one IP can only ever map to one name). Do you mean in the BIND Webmin module, perhaps?

If so, you may want to read up on reverse records in the BIND section of the Webmin documentation here:

http://doxfer.com/Webmin/BINDDNSServer

Specifically the sections about setting up zones.

However, it's worth noting that reverse resolution may not even be delegated to your system...in which case it would be pointless to add a reverse zone to your DNS server. Most hosting providers handle reverse resolution themselves, and that's fine--as long as your IP resolves to something, it'll work out OK. But, if your ISP <i>has</i> delegated reverse resolution to you, then obviously, you'll need a reverse zone.

--

Check out the forum guidelines!

Wed, 05/28/2008 - 00:34
pixel_paul
pixel_paul's picture

Hi Joe,

Thanks for the heads up on this -&gt; I contacted my server hosts, and they handle reverse resolution themselves (as I thought). So everything should be okay on that front.

Appears that I have now been removed from the blacklist, so perhaps my request for removal was reacted upon and they removed the IP.

I just can't see where else there is a misconfiguration - I'll have to continue to monitor the blacklists and see if it happens again!

Again thanks for the assistance,

Paul

Wed, 05/28/2008 - 04:09 (Reply to #5)
sgrayban

His postfix is a open-relay.

Wed, 05/28/2008 - 04:17
pixel_paul
pixel_paul's picture

<div class='quote'>His postfix is a open-relay.</div>

Are you saying that my postfix is?

I would seriously hope not!

Topic locked