Allow Sender with poor reputation from Senderbase

MarcoV_ironport · ‎08-04-2009

One of the companies that needs to send emails to my company gets blocked because their MTA has a poor reputation in the SenderBase.

How can I change our Ironports C350 so that messages from this company company are deliverd to our recipients without turning of the SenderBase function on the listener.

Thanks in advance for your response!

Marco

Andrew Wurster · ‎08-04-2009

marco -

thanks for your question! i think you should add this domain or host address (of the delivering MTA) to your "WHITELIST" or other trusted sender group, rather than let SenderBase automatically assign it for you. more on that below:

http://tinyurl.com/k8db7

andrew

MarcoV_ironport · ‎08-05-2009

Hi Andrew,

Thank you for responding.

Unfortunate that is what I tried already but it doesn't work.

Both the senders domain and the MTA domain are in the WHITELIST but the sender still gets the message that the email could not be delivered because of the poor reputation of the MTA.

----- Transcript of session follows -----
... while talking to mail02.mycompany.com.:
<<< 554-mail02.mycompany.com
<<< 554 "Your access to this mail system has been rejected due to the sending MTA's poor reputation. Please reference the following URL for more information: http://www.senderbase.org/search?searchString=200.11.173.18 If you believe that this failure is in error, please contact the intended recipient via alternate means."
... while talking to mail01.mycompany.com.:
<<< 554-mail01.mycompany.com
<<< 554 "Your access to this mail system has been rejected due to the sending MTA's poor reputation. Please reference the following URL for more information: http://www.senderbase.org/search?searchString=200.11.173.18 If you believe that this failure is in error, please contact the intended recipient via alternate means."
554 5.0.0 Service unavailable

It looks that our WHITLIST doesn't work?

- Marco

Andrew Wurster · ‎08-05-2009

marco -

it looks like the sender cantv.net has a lot of IPs you may want to get a definitive list from their organization in order to verify their list of delivering IPs against your HAT.

please do me a favor and post the following information:
- the export of your HAT(s)
- include atleast one set of output from the mail_logs or message tracking to show this connection (ICID) and determine what group it's matching

thanks!

andrew

Andrew Wurster · ‎08-06-2009

marco -

thanks for sending me the info. i am going to reply here to close the loop. I've included some trimmed down versions of your logs below:

WHITELIST sender group from the HAT:
WHITELIST:
cantv.net (On request of B Presti)

ICID from mail_logs:
Wed Aug 5 14:37:35 2009 Info: New SMTP ICID 52793870 interface MailInterface (192.168.60.50) address 201.210.173.13 reverse dns host 201-210-173-13.genericrev.cantv.net verified no
Wed Aug 5 14:37:35 2009 Info: ICID 52793870 REJECT SG BLACKLIST match sbrs[-10.0:-2.0] SBRS -10.0

So based on this, the host address 201-210-173-13.genericrev.cantv.net (201.210.173.13) will NOT be placed in the WHITELIST sender group because it's simply not in there. You can address this in two ways:
1 - add a general entry for all SUBDOMAINS of cantv.net to this sender group: .cantv.net
cantv.net only matches hosts like test.cantv.net and mail.cantv.net. the leading . gives you all subdomains as well like server.mydomain.cantv.net and so on.
2 - add a specific IP address or range of IP addresses to the sender group: 201.210.173.13 or 201.210.173.

there you go!

andrew

MarcoV_ironport · ‎08-07-2009

Thanks Andrew,

I have added the .

Now I have to wait but I will let you know when it works.

-Marco