: Domain blocked in spamhaus I registered a domain with bigrock.in a week ago. During my website's development phase, I sent several mails using PHPMailer to test Gmail accounts. The HTML message
I registered a domain with bigrock.in a week ago.
During my website's development phase, I sent several mails using PHPMailer to test Gmail accounts. The HTML message body contained a link to my domain name.
Other than that, I cannot remember of any other place where I have used my domain. Now today my website development was finished (kinda) . So I wanted to test it.
I ordered a VPS, set up everything properly, only to see the following message :
After searching for hours on google, I figured that the url in my mails may have been the problem. (Were they?).
So I went to Spamhause Blacklist Removal Center, here. When I submitted my domain for removal, I got the following message :
Now this is getting irritating. I am not a spammer, I send mails only for register verification and similar purposes.
Why can I not remove it from their blacklist? What do I have to do to remove it?
Again, after searching google for hours, I couldn't even find their contact email adrress.
When (if) my domain gets delisted , what should I do in order to prevent this from happening again?
UPDATE : Mxtoolbox says that DBL listed my domain to blacklist because of No IP queries
More posts by @Kaufman445
2 Comments
Sorted by latest first Latest Oldest Best
DBL wouldn't block the domain for 'several emails' and your only option is to contact them. You should also check to see if your domain has been previously owned as that could also be the case. Not being banned is simple, don't spam emails out to anyone else but yourself, DBL doesn't block for nothing well normally.
The other possibility is that your using A VPS, Cloud or Mail server on an IP address that has once been banned.. The IP address which stores/sends your emails is 67.23.166.123 which is shared with pubcrawler and is listed in the SBL which is a good thing, if its a shared server then this could also be a possiblity that someone has used your domain to send out a load of emails without your knowledge.
While it is difficult to tell what happened exactly, I can give you this:
mxtoolbox.com/blacklists.aspx
Put your domain name in and you will see you are a lot of black lists.
But not all is lost!
It appears that your domain name resolves to 127.0.0.2 which is a private IP address. I did a dig for you.
; <<>> DiG 9.7.3 <<>> anonstreet.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14368
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 3, ADDITIONAL: 4
;; QUESTION SECTION:
;anonstreet.com. IN ANY
;; ANSWER SECTION:
anonstreet.com. 38332 IN A 127.0.0.2
anonstreet.com. 38332 IN SOA s1.anonstreet.com. root.s1.anon$
anonstreet.com. 38332 IN TXT "v=spf1 a mx a:anonstreet.com i$
anonstreet.com. 38332 IN MX 5 mail.anonstreet.com.
anonstreet.com. 38332 IN NS ns1.anonstreet.com.
anonstreet.com. 38332 IN NS ns2.anonstreet.com.
anonstreet.com. 38332 IN NS s1.anonstreet.com.
;; AUTHORITY SECTION:
anonstreet.com. 38332 IN NS ns2.anonstreet.com.
anonstreet.com. 38332 IN NS ns1.anonstreet.com.
anonstreet.com. 38332 IN NS s1.anonstreet.com.
;; ADDITIONAL SECTION:
mail.anonstreet.com. 38332 IN A 67.23.166.123
s1.anonstreet.com. 38332 IN A 127.0.0.2
ns1.anonstreet.com. 172732 IN A 67.23.166.123
ns2.anonstreet.com. 172732 IN A 67.23.166.123
;; ADDITIONAL SECTION:
mail.anonstreet.com. 38332 IN A 67.23.166.123
s1.anonstreet.com. 38332 IN A 127.0.0.2
ns1.anonstreet.com. 172732 IN A 67.23.166.123
ns2.anonstreet.com. 172732 IN A 67.23.166.123
;; Query time: 85 msec
;; SERVER: 74.4.19.187#53(74.4.19.187)
;; WHEN: Wed May 14 13:32:00 2014
;; MSG SIZE rcvd: 329
This line:
anonstreet.com. 38332 IN A 127.0.0.2
and others indicates that your domain name is assigned to a non-routable private IP address. The A record must not ever be a private IP address. When the domain name is used such as in a web browser, a request is made to resolve the domain name to a routable IP address. A request is made to a DNS server which returns at minimum the IP address associated using the A record. If the IP address is non-routable or incorrect, then the original request cannot be satisfied. In your case, your A record is a non-routable IP address.
You mentioned that your host support noted that 127.0.0.2 is localhost. This is a loop-back address and cannot be used publicly such as in an A record. The localhost address is used for the server to refer to itself. This is normal and required but localhost is not routable and should not show up in the DNS entries. You need to update the A record to be your assigned IP address 67.23.166.123. I do not know what s1.anonstreet.com. is but you may also want to update this. This is not done in virtualmin. Your host should have a control panel to their DNS server. This is what you want to use.
You have a SOA record that should be removed. This is usually reserved to your host name servers. I may have to rethink on this. You will want to change your ns1.anonstreet.com to be dns1.bigrock.in and ns2.anonstreet.com to dns2.bigrock.in. I did a quick dig and this appears to be correct.
As a matter of rule, when you have a host, you do not want to allow access to the DNS (likely Bind) server on your system. You will need to populate the DNS server for proper functioning since your server will refer to it. But you do not want to make it publicly available. I always recommend that your DNS server never be used as a statement of authority (SOA) or accessible for security reasons. This is because DNS servers can often be compromised either directly or in a reflection attack. Instead, always use the host companies DNS servers for public work since they are properly secured.
I went to SpanHaus Zen and it told me that 127.0.02 is in the black list. This is common because under no condition should a non-routable private IP address be allowed access anywhere. This is what caused me to do a dig.
Get a real IP address assigned to your domain name and update your DNS. Your host should be providing this. You may have to contact support for this. Make sure that they do not assign a black-listed IP address. This is a valid request and should not be a problem. Once updated, I am sure you will be fine.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.