Member Avatar for dkersten

OK, please bear with me as I am not an expert here.
I have a new Linux server that is mainly used to run my companies proprietary software.
In the software is the capability to send various reports and things like statements and invoices in PDF format using email. The software sends the info to sendmail, and sendmail mails it out. Simple enough, but we hit a big problem: our mail is being detected as spam and filtered out.

Here is the scenario: I have a domain name for my company. For privacy sake lets call it abc123.com (my apologies if this is a real domain). I have a company that hosts my website and email for my employees. Unfortunately, that company has a poor spam filter, so I also subscribe to a third party spam filter. My MX records for my email point to the third party spam filter, and they in turn direct the mail to my host. This works exceptionally well for spam as I went from 200-300 per day per user (over 100 users) to 2-3 per day per user with almost zero lost emails.

OK, so that being said, when I send mail with my Linux server, it goes out the same internet IP address as my PC (All computers, client or server, use the same gateway and same static IP). The application takes the email that I set up in the applications user file and puts that in the reply-to (ie dkersten@abc123.com). However, if I send the mail to myself, it never arrives. So I started looking in to possible problems. The linux server uses my ISP's SMTP relay. I tried to use my email hosts SMTP but it requires authentication, and I cannot authenticate with sendmail (that I know of). So I use the SMTP relay offered by my ISP.

Now let me interject an oddity here. When my backup is complete on the linux server, it emails me telling me what happened in the backup. I get these emails just fine. However, if I inspect the header, I see it originates from root@localhost. Then the IP is 127.0.0.1. Then the IP is my static IP and it goes on from there. I had to whitelist root@localhost.localdomain on my spam service to get these to come through.

So when I send using my company software, it never gets to me, but it was getting just about everywhere else (ie we tried hotmail, gmail, yahoo, and all worked). So I talked to my spam service, and they told me it failed 3 things: reverse dns, mailfrom, and occasionally base64. Now I cannot do anything about base64 as the application uses that format for creating the mail, and I have no control over the application. There is no reason that this should be a factor, and oddly enough the spam filter company said it only occasionally failed that test. So I set about correcting the first 2 problems.

After a lot of advice, I contacted my ISP and my web host, and did a few things: First I set up and A record for system.abc123.com and gave it my static IP address. Then my ISP set up a reverse DNS for my IP to point to system.abc123.com. They also set up a PTR record. Now I dont really know what any of this is, I was just doing what they said to do. I used system.abc123.com because I cannot use abc123.com since then all my mail sent to dkersten@abc123.com on the linux server would go to a mailbox on the linux server, and I need it to go out to the internet, to my spam filter, then to my inbox.

So now that I had a valid A record, and a reverse dns, I proceded to set up my sendmail. I did a hostname system.abc123.com on the linux server, and changed the sysconfig to system.abc123.com. In sendmail, I vi-edited the sendmail.mc file and included
MASQUERADE_AS(`system.abc123.com')
FEATURE(masquerade_envelope)

The email still fails the reverse dns test, and I don't know why. If I do a name lookup for either the domain (system.abc123.com) or the IP address I get the appropriate response. I have tested this on 4 different ISPs and also on 2 different web name lookups. So for some reason the emails are still showing as coming from an invalid domain.

Now here is some more info:
I think the email envelope shows it comes from username@localhost still.. the username for my Linux users is NOT the same as their email address. In my case I think the header is starting as davek@localhost. I cannot whitelist @localhost because its not a valid domain.
If I try to add MAQUERADE_DOMAIN(system.abc123.com) then nothing goes anywhere.

I have read about other things to add to the sendmail.mc but have not tried it.. I do not know my sendmail version but the OS is red hat 5.0 enterprise.

Basically, I need this mail to show as coming from a valid domain so it doesnt get filtered out. Right now I have lost the ability to send reports within the company, and now I have some vendors that are no longer receiving purchase orders.

I used to run a Unixware 7.1.3 server and never had any of these problems.

I do NOT want to use the Linux sendmail for any incoming mail at all, just to send mail. If anyone can help with the problem, please do. My Linux guru is stumped, and so am I. My spam service is totally of no help, and the mail is definately stopping there. Now I cannot even send to my hotmail account as they are thinking that I am a spammer now. I can get 1 email through to hotmail once a day, sometimes. Please help.

  • 2 Contributors
  • 2 Replies
  • 90 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by dkersten
Member Avatar for allen-sally

Hi, I had a similar problem in my office email account and I realized that the efficiency of present spam filters has gone down significantly. I read an article about a new technology called ReceiverNet from Abaca. ReceiverNet technology characterizes each protected user based on the percentage of spam they receive and then uses those reputations to rate the incoming message flow. I changed my spam filtering system to Abaca’s Email Protection Gateway and it blocked spam mails and allowed important mails . For more information, log on to http://abaca.com/.

Member Avatar for dkersten

I guess I see it the other way around: The spam service I use is very aggressive. I forsee spam filters all becoming this aggressive in the future, and I want to be prepared. With Sendmail, my outgoing emails are showing an envelope that starts with davek@localhost as the sender, then shows the sender as davek@system.abc123.com, and the reply to as dkersten@abc123.com. This is the reason that it is failing the MailFrom and RDNS tests.
I have a hard time thinking that changing to a spam filter that does not use these tests is the way to go. And then what happens when my customers or manufacturers start using an aggressive spam filter? Am I supposed to tell them not to?
I loaded a different mail server program onto the Linux Server, and do not have this problem at all.. it does not show the mail originating from user@localhost, and hence does not fail those tests, and the mail comes through fine. I am looking in to modifying my software now to use this mail server as opposed to sendmail, but at a large expense. I am convinced because of this mail program working fine that there is something in the sendmail setup I am missing that would correct this problem. I just cannot find it.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.