2024/05/10
Friday, May 10, 2024 (#131) Woozle's journal
|
|
|
Two days ago (May 8), I noticed that Gmail is now outright blocking my emails.
<woozalia@gmail.com>: host gmail-smtp-in.l.google.com[172.253.115.27] said: 550-5.7.1 [68.183.140.54 18] Gmail has detected that this message is likely 550-5.7.1 suspicious due to the very low reputation of the sending IP address. 550-5.7.1 To best protect our users from spam, the message has been blocked. 550-5.7.1 For more information, go to 550 5.7.1 https://support.google.com/mail/answer/188131
I was rather frightfully put out by this, having already spent many hours/days configuring SPF and DKIM and I don't know what else in order to prevent being spamcanned -- and the message seemed to suggest that there was no remedy or appeals process.
It had been working fine as recently as May 5, so whatever changed was obviously very recent.
Long story short:
- Actually, no, it happened in August of 2020 -- definitely not sometime between May 5 and May 8, not recent, and in fact over a month before I started using that IP address.
- There are 3 IP blocklists which might be causing this. I've managed to get off two of them; the third involves more effort and possibly some money.
Long Story Not Short
Upon following the "more information" link, I found information which suggested that Gmail was blocking me because I'd ended up on a blocklist somehow, and that this had happened because I was running an open SMTP relay on that server (which is something you just don't do, in this era, because spammers will abuse it).
finding the problem
The first thing I did was check MX Toolbox to make sure I hadn't inadvertently opened a relay (or that my system had been hacked and one had been installed) -- nope, all good:
Next thing was to see if I could find out what blocklists I'm on, and hopefully why.
Note that this list goes on for about 3-4x that long, and all the rest are green/OK.
getting de-listed
The next step, then, is how to appeal these listings -- given that they're all based on an incident which happened before I was assigned that IP address, and which was in fact over 3 years ago.
SORBS seemed to be telling me that I basically can't right now because they're dealing with a DDoS attack... except that "Re-testing is currently ENABLED", so...?
I was able to create an account and at that point it seemed willing to let me start into the de-listing process -- at which point I first found out just how far back they were reaching:
In any case, I was able to request a de-listing -- which succeeded, and somehow ended me up at Spamhaus, so maybe that "can't do it now [yes we can]" warning was about something else?
'writing still in progress