email whitelist suggestions

doug doug at
Wed Jun 12 22:10:11 UTC 2019

On Wed, 12 Jun 2019, Matthew Seaman wrote:

> On 12/06/2019 16:28, David Banning wrote:
>> I changed the IP address for my server recently having changed my ISP, and 
>> now mail from my server is getting continuously filtered into peoples spam 
>> folders.
>>   I check my ip address on fairly regularly - my IP never 
>> appears on a blacklist.
>> So now I'm thinking whitelist - but I don't have the money to lay out for 
>> this type of thing - at least not a large amount.
>> Anyone have a suggestion as to how to resolve my problem?
> I assume you have
>  - ensured your mailserver address is both forward and reverse
>    resolvable in the DNS.  Without a valid PTR record you aren't
>    going to have much fun trying to do SMTP
>  - Have updated SPF and DMARC records in the DNS to account for the
>    new IP number
>  - Have waited long enough for all the DNS TTLs to expire and the
>    changed data to populate caches.
> Whitelisting is unlikely to help you very much.  You'll find that all the 
> usual methods to improve deliverability will give you the best results.
> It's also pretty important that your mail server name doesn't look like its a 
> typical dynamically assigned residential address.  Those are marked down by 
> receiving systems on the basis that most e-mail originating from such 
> locations is the result of virus infected hardware.
> In principle you might run afoul of not having established a good reputation 
> for your new IP.  In practice, if you're running a low volume system just for 
> personal e-mail, reputation scoring is pretty unlikely have any effect on 
> you.  It's worth checking though.  It is always possible that the previous 
> user of your new IP number sent oodles of spam from it and has tarnished its 
> reputation for a long time to come.

All the above answers are good advice. I've run moderately busy mail servers 
since 1995. Lots of changes. That said your minimum requirements IMO: static IP 
and SPF records. Without the static IP you can not control listing or not by the 
spam sites. If your IP is assigned by one of the larger ISPs it might take you a 
while to get it defined as 'clean'. For some of my user's google will tag an 
email as 'not trusted' without the SPF record. As time goes on more and more 
will probably do this. Your primary mail server should be a jailed service or a 
stand-alone system. There are [lots of??] wordpress exploits that send email 
without any logging. If this happens it will be big deal if you are not the one 
that finds the breach. Lastly the recipient can always accidently mark your 
email as spam. Some times you can differentiate that a server level or a user 
block is the problem but not always. Lastly you can run afoul of the ISPs AI. 
AOL has deemed me to be spam when my total emails into AOL were less than 500 on 
that day. G'luck

Doug Denault

More information about the freebsd-questions mailing list