Internal emails marked as spam

adam.sage

Member
Feb 8, 2019
32
0
11
34
Some of my internal emails are not being delivered. In the blocked notification I see the major parts of the score are from:

RCVD_IN_PBL 3.558 Received via a relay in Spamhaus PBL
RDNS_NONE 1.274 Delivered to internal network by a host with no rDNS

I checked my domain and it is not listed on any blacklist. What is going on here?
 
It appears only people outside of our network are getting blocked. My exchange server only accessible over the internet via http and https (so activesync) and all emails are being delivered to the Proxmox gateway with internal IP addresses from exchange. My Proxmox public IP is not on a blacklist. I thought the exchange server would be the IP address used for checking spam, why would Proxmox be using the client IP address?
 
Last edited:
Do I understand you correctly: Your users are sending mails from 'outside' (the internet) to the Exchange-Server through PMG?
In that case these mails are treated as though they are received from any other mail-server - and if that user happens to be using an IP which is Blacklisted (because they are sharing it with others and some spam originated from there) then they get blocked.

Usually you want your 'users' to not send their mails to your server via port 25, but rather through and TLS-encrypted, authenticated connection (usually on port 587 with the submission service) - this needs to be configured on the mailserver responsible for the mails - Exchange in your case
 
The users are outside of our network (internet), but the emails are being sent to the exchange server via outlook or smartphone which is then sending the emails through the proxmox gateway. The users are not sending to the gateway directly.
 
Some of my internal emails are not being delivered. In the blocked notification I see the major parts of the score are from:

RCVD_IN_PBL 3.558 Received via a relay in Spamhaus PBL
RDNS_NONE 1.274 Delivered to internal network by a host with no rDNS

I checked my domain and it is not listed on any blacklist. What is going on here?

This both triggers look like your sending server is not homed well to send outgoing mails. PBL is the dialup IP list, so your sending server seems to be in an IP address block, which is defined as dialup IP address and should not been used to send mails to the internet. You may try to whitelist your servers IP address, so that it get not checked by this list. Same your server seems not to have a reverse DNS record. This may also occur for IP addresses of your dialup (e.g. DSL) provider, which you shouldn't use for sending mails directly to other internet mail servers.
 
Like I said in my last reply, emails are sent through our Exchange 2013 server to the Proxmox gateway. There should be no public IP addresses involved. There must be something exchange is doing to insert the public IP address of the client in the headers, but it still doesn't make sense why only clients outside of our network are having this issue. I guess I have some digging to do if no one here has heard of this before.
 
Like I said in my last reply, emails are sent through our Exchange 2013 server to the Proxmox gateway. There should be no public IP addresses involved. There must be something exchange is doing to insert the public IP address of the client in the headers, but it still doesn't make sense why only clients outside of our network are having this issue. I guess I have some digging to do if no one here has heard of this before.

Yes, sounds really strange.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!