message routing
Since December 14th I have some mail, sent from my domain based account, rejected as being spam, due to the routing it was passing through. Other mail has got through but has gone into spam boxes at the other end. I should emphasise that I am an ordinary domestic user and have not sent out bulk mailings or anything which could be defined as spam. I raised a query with my domain manager and this is the reply that came back from the host technical team at gridhost.co.uk:
-------The way that our system works is that when you connect using a mail client you are being routed through a specific outmx server. The problem is that your email are routed through outmx-075.london.gridhost.co.uk (31.170.120.34) and they are they're blocked out by most service providers. The outmx-075 server is used when the sending computer's HELO is 'USER' or '127.0.0.1'.
HELO name of a computer is usually the computer's "name" in the OS/system settings. It's the greeting used when talking to mail servers like ours. Very often, certain HELO names are connected with or linked to malicious activity, e.g. ylmf-pc is blocked outright on the cloud. 127.0.0.1 and this can often be associated with misconfigured or pirated Windows. To fix this, change the computer name in the control panel under system preferences. -----
I did change the computer name on December 19th but this did not correct the problem. The domain manager suggests that the problem lies with my email client, which I presume is Thunderbird. Has anyone got any suggestions please? I have done a thorough check for malware and as far as I know my computer is clean.
Toutes les réponses (10)
Argh. We had this problem a couple of months ago, where as in your case, an email provider had decided arbitrarily that they wouldn't process messages which had certain addresses appearing in their headers. In that case the user reported that another email client didn't give them the same problem and this seemed to be because it didn't include this originating address.
Thunderbird is simply and truthfully recording all the addresses it has has available to it, including that belonging to your own machine, and as far as I understand the appropriate standards this is acceptable. I would argue that the email provider is using a somewhat perverse interpretation of those standards. Of course this doesn't help you.
It's possible to override the address that Thunderbird uses as the originating address. I had suggested using the address of your email provider's server, though I consider this a poor solution as it is effectively asking Thunderbird to lie.
Ah, here is the previous discussion. Matt summarized the problem nicely:
https://support.mozilla.org/en-US/questions/1140522#answer-923116
Hi - not sure if that helps me! I can send the messages from my domain based account successfully via web mail and via Outlook (using the same server settings as I use on Thunderbird i.e. mail3.gridhost.co.uk). When I send from Thunderbird they get returned saying that the IP address has been blacklisted. The blacklisted IP address quoted in the messages is 31.170.120.34. This is the typical error message:
<d.............@btinternet.com>: host mx.bt.lon5.cpcloud.co.uk[65.20.0.49]
said: 522 email sent from (31.170.120.34) found on industry IP blacklists, please contact your mail sending service or use an alternate email service to send your email. Guide for bulk senders www.bt.com/bulksender (in reply to MAIL FROM command)
For some reason sending from Thunderbird routes the messages through this blacklisted server. What can I do to rectify this? I like Thunderbird and want to continue using it.
This is surely a different problem from the one in your first posting?
That first problem was with a local address, one belonging to your own computer. This new error is about someone else's server. cpcloud.co.uk is a third-party email service employed by bt.com.
Tell gridhost. That's who 31.170.120.34 points to:
The IP address 31.170.120.34.
There is one host name that point to the IP address 31.170.120.34.
- It uses name server group 1.
- It uses the mail server OUTMX-075.LONDON.GRIDHOST.CO.UK.
https://www.robtex.com/ip-lookup/31.170.120.34
I am not really sure that gridhost know what they are doing. They are needlessly blocking good IP addresses, and they are on spam blacklists.
This is the same problem, mail was being routed through a blacklisted IP address belonging to gridhost. I have told gridhost and they just said to rename the computer, which I did without resolving the problem. They say the problem is not at their end and the proof is that mail is delivered successfully through their servers via the webmail service and via Outlook. When I send through T'bird it gets routed through the blacklisted server, they say the problem is with my email client, which I presume is T'bird. Sorry to seem thick but who determines what route a message takes?
Not the email client. It just hands it on, via whatever network connection is available, to the smtp server. Email clients do not have any influence over routing.
I'd argue that Thunderbird, using SMTP will be routed to a different server than their webmail uses. I don't know why a message sent by Outlook would be handled any differently, unless it is connecting to an MS Exchange server and thereby using yet another route.
Thanks, I can understand what you are saying and feel better equipped to chase it up further with my domain administrator who seems to keep on suggesting that I am doing something wrong or must have changed something ....... cheers.
just to be clear, the ip address 127.0.0.1 is the loopback address for your machine. It is the loopback address for all machines. That some goose with your mail provider has decided it is automatically spam simply proves yet again that there is no requirement to use your brains to collect a pay cheque. A problem more and more often as business appoints unqualified folks to technical positions
The difference between what Thunderbird does and say Outlook is we use the somewhat anonymous local address, but not usually the loopback address. Usually it is a 192.168 or a 10.1 IP address rather than the public IP address of the computer. GMail, my main mail provider append the address I connected to their server from, so my public IP address is used, but there is no requirement in the RFC for that to be the case.
Historically both Norton and McAfee anti virus used the 127.0.0.1 address in their scanning. Using either of those by any chance?
Hi Matt - Just to be clear it is my outgoing mail which is being rejected by the recipients' systems, I am having no problem with incoming mail.
I did install the McAffee Security Scan Plus software last autumn. Surely that software would only be filtering incoming mail and not affecting any messages I am sending? If I uninstall it again do you think it will help?
(I looked at some message sources and my outgoing mail does use my public IP adress, which is due to change next week).
This is the work-around which gridhost have suggested, does this make sense to you guys? It seems to have been just lifted off a mozillazine page
............. 1. Press the Config Editor button at Tools > Options -> Advanced -> General .
2. Type smtp in the filter edit field
3. Find which SMTP server you need to specify the outgoing name for. For example, if it's for an account on our Cloud platform, you might find
mail.smtpserver.smtp1.description user set string mail3.gridhost.co.uk
You want to find the number appended to "smtp". In this case its 1.
4. Right click in the window and select New -> String and then enter mail.smtpserver.smtp*.hello_argument as the name of the setting (replace * with the number you found for the SMTP server) and the name you want to use. It can be whatever.you.want.com (no spaces please) but if it uses the domain name of your SMTP server that prevents a "forged hello" penalty by SpamAssassin. For example, use John.Smith.gmail.com if you're using a Gmail SMTP server. .................
If it does can you advise what name I put into that space? Is it my own email address or is it something related to gridhost who are the hosts for this account?
cheers
We have gone full circle. You have been given pretty much the same advice as the poster in the other thread.
I found it ironic that the host in that other thread, hostmonster, gave a link to a blog which advised how to do precisely what they wanted you not to do!
It isn't asking for an email address, but the address of a server. The safe option, it seems to me, is one that gridhost view as being one of their own.
Since you gave one explicitly, earlier in this thread:
I'd start by trying that one. You'll need to carefully unpick the internal numbering to identify which smtp server you need to tweak.
It's all wrong that you need to do this; as I read it, gridhost is implicitly acknowledging this in advising you to fudge this setting. You will be setting Thunderbird to lie about the origin of messages, just to circumvent an arbitrary prohibition put in place by gridhost.