Virgin Media Virgin Media Community

JCmacc · ‎06-02-2024

Via Outlook I can get incoming e-mails from our 2 ntlworld accounts but can not send as our IP address has just been added to a blacklist apparently. I've checked various websites and the IP address hasn't been flagged for spamming and there's no evidence of any hack or unknown sent e-mails, nor have we been sending any great number.

One diagnostic site tells me the blacklisting is due to a change being needed by the ISP. The message is below.

"This IP has been flagged because it is dynamic or by suspect to be domestic use only.

If you are running an email service on this IP, ask ISP to change the rDNS

The removal of this IP from this blacklist depends on change of rDNS to match the FQDN of the mail server."

This did occur just before the Hub needed a reboot (as evidenced by an Amazon Firestick issue that was fixed by the Hub reset). One question is did the Hub error cause a DNS change that resulted in the black listing?

Any advice on the issue and/or next steps would be greatly appreciated.

JCmacc · ‎06-02-2024

Update: Virgin Media online help sends me to Gadget Support who tell me there's no issue with Virgin Media as I can access and send e-mails from the Web based App.

They can change settings to allow Outlook to work but it will cost me a £9.99 per month charge. This despite it's Virgin Media themselves who have blocked my IP address according to the error message I get when I try to send via Outlook.

This can't be right.

用心棒 · ‎06-02-2024

@JCmacc wrote:
⋮
One diagnostic site tells me the blacklisting is due to a change being needed by the ISP. The message is below.

"This IP has been flagged because it is dynamic or by suspect to be domestic use only.
If you are running an email service on this IP, ask ISP to change the rDNS
⋮

You are using an email client (Outlook) to send via Virgin Media's email server. You are not running an email server so the above blacklisting is not relevant.

Check that your email client is using the recommended setting as detailed here, Email settings change - Virgin Media Community - 3369438

Should the issue persist then It would be helpful to see what, if any, error code is returned by the SMTP server when sending. From a desktop or laptop device open a Command Shell in Window or otherwise the Terminal. app and enter the following where username:password is replaced with your email address and password, i.e. richard.branson@virginmedia.com:Y54kpX5g:

curl -v smtps://smtp.virginmedia.com -u username:password

WARNING: Do not post the resulting output here but instead review it for possible reported causes, i.e. VM error code; choosing to ignore this warning and posting the output here unredacted or incorrectly redacted will likely reveal your email address, password and / or public IP Address.

FYI if there is no issue then you should see the following output from the curl command:

⋮
> AUTH PLAIN
< 334 
> [Redacted]
< 235 2.7.0 SMTP350 Authentication successful for user [Redacted]
> HELP
< 214-2.0.0 This is cmsmtp ESMTP service help
214-2.0.0 This is cmsmtp ESMTP service help
< 214-2.0.0 To contact postmaster send email to postmaster@virginmedia.com.
214-2.0.0 To contact postmaster send email to postmaster@virginmedia.com.
< 214-2.0.0 For local information send email to Postmaster at your site.
214-2.0.0 For local information send email to Postmaster at your site.
< 214 2.0.0 end of HELP info
214 2.0.0 end of HELP info
* Connection #0 to host smtp.virginmedia.com left intact

Otherwise unsuccessful will look similar to the following; note VM error code VM320 in result:

⋮
> AUTH PLAIN
< 334 
> [Redacted]
< 525 5.7.13 Authentication Denied (VM320)
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (67) Login denied

--
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Select Mark as Helpful Answer or 🖒 Kudos to say thanks

JCmacc · ‎06-02-2024

On the server settings - all the recommended and up to date settings are on Outlook on my Phone (as it's relatively new so recently configured). The e-mails are perfect if I use data but using wi-fi from the home Hub, the issue on e-mails being blocked when I try to send is there too.

David_Bn · ‎08-02-2024

Thanks for coming back to us @JCmacc.

Interesting you mention the connection to the router appears to be the issue - with mobile data providing a positive outcome

We can try arranging for our Internet Security team to clean your IP address to lift the issues you've been experiencing on the broadband connection.

Check out the envelope in the top right hand corner for a private message from me

Thanks,

David_Bn

coenoby · ‎08-02-2024

@JCmacc wrote:
The e-mails are perfect if I use data but using wi-fi from the home Hub, the issue on e-mails being blocked when I try to send is there too.

To troubleshoot that issue you need to follow the instructions that @用心棒 has set out. That will give you the error message which will help to identify exactly what is preventing you from sending emails from your VM network,

In 用心棒's example the key line is:

525 5.7.13 Authentication Denied (VM320)

Yours will probably be different to that but it's that VM 3nn code that is needed.

Post back what that line says in your case and then you will get the relevant advice on what's needed to resolve your problem.

Coenoby

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

JCmacc · ‎08-02-2024

Hi David,

this has been fixed - thanks for following up though.

In response to my submission of a "netreport" form (flagged up in the error message I got when trying to send e-mails) Virgin Security removed the block on my Hub's IP address and the issue has been resolved.

The e-mail from VM Security suggested my IP was blocked due to suspicious activity but there's no evidence of e-mail hacks or spamming from here and given the number of people with legacy addresses (ntlworld, blueyonder etc) on the forum with the same issue at the same time, it seems beyond coincidental. There must be a change that has been made somewhere by Virgin.

The online VM help pushed me to Gadget Support who demanded a rolling £9.99 per month contract to fix issues with my internet settings - an incorrect fix that would not have worked and inappropriate charge for a change made to my VM Hub by VM as Gadget Support are supposed to deal with issues on personal equipment unrelated to VM.

Adding the above for anyone else who have the same issue as it may help.

David_Bn · ‎08-02-2024

Thanks for coming back to me via private message @JCmacc, and I'm pleased that this has since been resolved.

We take the feedback offered on board and will be happy to offer future support via our Community Forums for any future service issues.

All the best,

David_Bn

coenoby · ‎08-02-2024

@JCmacc wrote:
this has been fixed - thanks for following up though.
The e-mail from VM Security suggested my IP was blocked due to suspicious activity but there's no evidence of e-mail hacks or spamming from here
Adding the above for anyone else who have the same issue as it may help.

Thanks for that update. Glad to hear that it has been resolved.

The issue with VM blocking IP addresses as a result of "suspicious activity" has been going on for several years and that is a big question mark as to whether they should be doing that.

Such blocklists are really intended to help email providers to detect potential incoming spam coming from other networks rather then preventing their own customers from sending spam.

However, I would just say that when VM talk about "suspicious activity" that does not mean that your VM email account is sending sending spam or that the email account itself has been hacked.

In most cases that suspicious activity is in the form of suspicious traffic that has been detected coming from your IP address as a result of malware on a smart device on your home network. Spambots can send out spam emails without any need to access your VM email account or even use your email address.

In the past, posters on this forum have had their IP addresses blocked and subsequently discovered that malware on anything from Amazon Firesticks to Ring Video doorbells was responsible for the suspicious traffic. So just because you cannot see any obvious evidence it does not mean something nasty is not busy working away in the background.

If I was in your situation I would run a deep AV scan on all your devices that you can. I would also have a think about any free apps that you may may have installed on any smart devices on your network since that is often the way that malware gets onto smart devices.

Coenoby

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

JCmacc · ‎08-02-2024

Hi Coenoby,

I've run virus and malware checks and there's been no recent addition to any smart devices (e.g. Firestick only runs standard Apps like Prime, Netflix etc). Also, online checks didn't list my IP address as having any spamming issues.

Doesn't 100% rule something out, but as I said, if it's a malware issue then its a big coincidence others with legacy pre-VM e-mail addresses all have hit a similar malware issue at a very similar time.

Virgin Media Virgin Media Community

Virgin Media Virgin Media Community

Can't send e-mails due to IP address blacklisted due to "rDNS"