For several months, people have been telling me
that emails they sent to me have been bouncing back, marked as undeliverable. The bounce message would contain portions like this:
Final-Recipient: rfc822;
[email protected]
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 <
[email protected]>... Recipient declines email from
69.64.159.2, <spamhaus-xbl>, Ref: http://www.spamhaus.org/query/bl?ip=69.64.159.2
Clicking the link on the last line, the destination page told me
that "this IP address is infected with/emitting spamware/spamtrojan traffic and needs to be fixed."
I could temporarily de-list this node by clicking a link on
that page, but it would get back on the list and more emails to me to bounce.
I own a domain, innerpaths.net, and I normally use
[email protected] for my email. I have my domain registrar, namecheap.com, forward all email from innerpaths.net to the email account
[email protected]. (BTW, I had this same problem at a former registrar. I changed registrars, hoping
that would fix the problem. It didn't.)
Trying to isolate the problem, I asked namecheap.com what I should do. Their answer, though substantial, left me scratching my head:
We have received feedback from our upstream provider which informed us
that the mail server
that you are trying to email subscribes to a 3rd party blacklist service which they appear
to be listed on at the present time and is causing destination mail server to reject
the messages. Being blocked with one of these services can happen to anyone for many reasons
and is something
that is beyond our control.
3rd party blacklist services require companies whose mail servers they have blacklisted,
pay fees in order to be removed from their lists. As we cannot pay fees to blacklist
services which require them for removal, you should contact your email provider and
have them whitelist our mail server IP address: 69.64.157.73.
My best guess is
that I should email my ISP, sonic.net, tell them what is going on and ask them to whitelist the IP address 69.64.157.73. (If not, please let me know.)
But I want to know what is going on and how email works. I understand
that there's a device at location 69.64.159.2
that is doing something bad
that causes the "destination mail server [sonic.net's, I assume --gw] to reject the messages." I know
that email is sent through multiple devices in a way
that eventually gets it to its destination. Beyond
that, here are my questions:
1) I thought the Internet "routed around damage." Why does email starting at namecheap.com always (or is it 'sometimes'?) go through 69.64.159.2?
2) Who is the "upstream provider"
that the namecheap.com representative mentions, and what is their role?
3) How does having sonic.net's whitelisting namecheap.com's mail server prevent my email being bounced by 69.64.159.2?
I've searched the Internet for answers but have found nothing useful. Thanks for whatever answers you can provide.
