Friday, March 12, 2010

Using Plesk’s SMTP Server: DNS Blacklist Prevents Sending

SkyHi @ Friday, March 12, 2010

If you’re trying to use your Plesk’s SMTP service to allow sending e-mail, you might run into the following error: rblsmtpd: <IP ADDRESS>: 451 http://www.spamhaus.org/query/bl?ip=<IP ADDRESS>.

The cause of this error, is the enabled option to check for DNS blacklists. It’ll find that the user’s (often dynamic) IP address isn’t allowed to send e-mail to the Plesk’s SMTP service. A common cause for this, is the use of the “zen.spamhaus.org“, which is a combination of SBL, XBL and PBL blacklists.

And the PBL blacklist, has the following warning-message in the FAQ.

Caution: Because the PBL lists normal customer IP space, do not use PBL on smarthosts or SMTP AUTH outbound servers for your own customers (or you risk blocking your own customers if their dynamic IPs are in the PBL). Do not use PBL in filters that do any ‘deep parsing’ of Received headers, or for other than checking IP addresses that hand off to your mailservers.

Disabling the zen.spamhaus.org will cure this issue. You can enable the xbl.spamhaus.org;sbl.spamhaus.org DNS blackhole list to get a combination of XBL and SBL blacklists, without PBL.

This does, however, have another drawback. Enabling the remaining DNS blackhole lists, will prevent (authenticated) e-mail communication over port 25. Meaning you still can’t send e-mail.

Bummer. But fixeable.

Enable the Message Submission option, on the Plesk page Server > Mail.

This will make the SMTP service also available on port 587, configured to allow Authenticated SMTP connections with disregard of the DNS Blackhole list. The only drawback is it can’t be used in combination with the zen.spamhaus.org (which is why we changed it in the first place).

Outlook should then be configured to send e-mail over port 587, instead of the default port 25.

Go to Tools > Account Options and doubleclick the account you’re using. Go to More Settings and proceed to the tab “Advanced“. There, you can change the Outgoing mailserver (SMTP) port to 587.

Seems like a lot of work, but it appears to be the only way to use the SMTP service in Plesk, in combination with a DNS Blackhole list and dynamic IP ranges.


REFERENCE

http://mattiasgeniar.be/2009/01/14/using-plesks-smtp-server-dns-blacklist-prevents-sending/