For several months, people have been telling me that
emails they sent to me have been bouncing back, marked as undeliverable. The bounce message would contain portions like this:
Final-Recipient: rfc822;
[email protected]
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 <
[email protected]>... Recipient declines email from
69.64.159.2, <spamhaus-xbl>, Ref: http://www.spamhaus.org/query/bl?ip=69.64.159.2
Clicking the link on the last line, the destination page told me that "this IP address is infected with/emitting spamware/spamtrojan traffic and needs to be fixed."
I could temporarily de-list this node by clicking a link on that page, but it would get back on the list and more
emails to me to bounce.
I own a domain, innerpaths.net, and I normally use
[email protected] for my email. I have my domain registrar, namecheap.com, forward all email from innerpaths.net to the email account
[email protected]. (BTW, I had this same problem at a former registrar. I changed registrars, hoping that would fix the problem. It didn't.)
Trying to isolate the problem, I asked namecheap.com what I should do. Their answer, though substantial, left me scratching my head:
We have received feedback from our upstream provider which informed us that the mail server
that you are trying to email subscribes to a 3rd party blacklist service which they appear
to be listed on at the present time and is causing destination mail server to reject
the messages. Being blocked with one of these services can happen to anyone for many reasons
and is something that is beyond our control.
3rd party blacklist services require companies whose mail servers they have blacklisted,
pay fees in order to be removed from their lists. As we cannot pay fees to blacklist
services which require them for removal, you should contact your email provider and
have them whitelist our mail server IP address: 69.64.157.73.
My best guess is that I should email my ISP, sonic.net, tell them what is going on and ask them to whitelist the IP address 69.64.157.73. (If not, please let me know.)
But I want to know what is going on and how email works. I understand that there's a device at location 69.64.159.2 that is doing something bad that causes the "destination mail server [sonic.net's, I assume --gw] to reject the messages." I know that email is sent through multiple devices in a way that eventually gets it to its destination. Beyond that, here are my questions:
1) I thought the Internet "routed around damage." Why does email starting at namecheap.com always (or is it 'sometimes'?) go through 69.64.159.2?
2) Who is the "upstream provider" that the namecheap.com representative mentions, and what is their role?
3) How does having sonic.net's whitelisting namecheap.com's mail server prevent my email being bounced by 69.64.159.2?
I've searched the Internet for answers but have found nothing useful. Thanks for whatever answers you can provide.
