Can't send e-mails due to IP address blacklisted due to "rDNS"

Question

Via Outlook I can get incoming e-mails from our 2 ntlworld accounts but can not send as our IP address has just been added to a blacklist apparently. I've checked various websites and the IP address hasn't been flagged for spamming and there's no evidence of any hack or unknown sent e-mails, nor have we been sending any great number.

One diagnostic site tells me the blacklisting is due to a change being needed by the ISP. The message is below.

"This IP has been flagged because it is dynamic or by suspect to be domestic use only.

If you are running an email service on this IP, ask ISP to change the rDNS

The removal of this IP from this blacklist depends on change of rDNS to match the FQDN of the mail server."

This did occur just before the Hub needed a reboot (as evidenced by an Amazon Firestick issue that was fixed by the Hub reset). One question is did the Hub error cause a DNS change that resulted in the black listing?

Any advice on the issue and/or next steps would be greatly appreciated.

用心棒 · Answer

JCmacc&nbsp;wrote:⋮One diagnostic site tells me the blacklisting is due to a change being needed by the ISP. The message is below.&nbsp;"This IP has been flagged because it is&nbsp;dynamic&nbsp;or by suspect to be domestic use only.If you are running an email service on this IP, ask ISP to change the&nbsp;rDNS⋮You are using an email client (Outlook) to send via Virgin Media's email server. You are not running an email server so the above blacklisting is not relevant.Check that your email client is using the recommended setting as detailed here, Email settings change - Virgin Media Community - 3369438Should the issue persist then It would be helpful to see what, if any, error code is returned by the SMTP server when sending. From a desktop or laptop device open a&nbsp;Command Shell&nbsp;in Window or otherwise the Terminal. app and enter the following where&nbsp;username:password&nbsp;is replaced with your email address and password, i.e.&nbsp;richard.branson@virginmedia.com:Y54kpX5g:curl -v smtps://smtp.virginmedia.com -u username:passwordWARNING: Do not post the resulting output here but instead review it for possible reported causes, i.e. VM&nbsp;error code; choosing to ignore this warning and posting the output here unredacted or incorrectly redacted will likely reveal your email address, password and / or public IP Address.FYI if there is no issue then you should see the following output from the curl command:⋮&gt; AUTH PLAIN&lt; 334 &gt; [Redacted]&lt; 235 2.7.0 SMTP350 Authentication successful for user [Redacted]&gt; HELP&lt; 214-2.0.0 This is cmsmtp ESMTP service help214-2.0.0 This is cmsmtp ESMTP service help&lt; 214-2.0.0 To contact postmaster send email to postmaster@virginmedia.com.214-2.0.0 To contact postmaster send email to postmaster@virginmedia.com.&lt; 214-2.0.0 For local information send email to Postmaster at your site.214-2.0.0 For local information send email to Postmaster at your site.&lt; 214 2.0.0 end of HELP info214 2.0.0 end of HELP info* Connection #0 to host smtp.virginmedia.com left intactOtherwise unsuccessful will look similar to the following; note VM error code VM320 in result:⋮&gt; AUTH PLAIN&lt; 334 &gt; [Redacted]&lt; 525 5.7.13 Authentication Denied (VM320)* Closing connection 0* TLSv1.2 (OUT), TLS alert, close notify (256):curl: (67) Login denied--&nbsp;I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn moreHave I helped? Select Mark as Helpful Answer or 🖒 Kudos to say thanks

David_Bn · Answer

Thanks for coming back to us JCmacc.
Interesting you mention the connection to the router appears to be the issue - with mobile data providing a positive outcome
We can try arranging for our Internet Security team to clean your IP address to lift the issues you've been experiencing on the broadband connection.
Check out the envelope in the top right hand corner for a private message from me
Thanks,
David_Bn

coenoby · Answer

JCmacc&nbsp;wrote:The e-mails are perfect if I use data but using wi-fi from the home Hub, the issue on e-mails being blocked when I try to send is there too.To troubleshoot that issue you need to follow the instructions that 用心棒 has set out. That will give you the error message which will help to identify exactly what is preventing you from sending emails from your VM network,In 用心棒's example the key line is:525 5.7.13 Authentication Denied (VM320)Yours will probably be different to that but it's that VM 3nn code that is needed.Post back what that line says in your case and then you will get the relevant advice on what's needed to resolve your problem.Coenoby

David_Bn · Answer

Thanks for coming back to me via private message JCmacc, and I'm pleased that this has since been resolved.
We take the feedback offered on board and will be happy to offer future support via our Community Forums for any future service issues.
All the best,
David_Bn

coenoby · Answer

JCmacc&nbsp;wrote:this has been fixed - thanks for following up though.The e-mail from VM Security suggested my IP was blocked due to suspicious activity but there's no evidence of e-mail hacks or spamming from here Adding the above for anyone else who have the same issue as it may help.Thanks for that update. Glad to hear that it has been resolved.The issue with VM blocking IP addresses as a result of "suspicious activity" has been going on for several years and that is a big question mark as to whether they should be doing that.Such blocklists are really intended to help email providers to detect potential incoming spam coming from other networks rather then preventing their own customers from sending spam.However, I would just say that when VM talk about "suspicious activity" that does not mean that your VM email account is sending sending spam or that the email account itself has been hacked.In most cases that suspicious activity is in the form of suspicious traffic that has been detected coming from your IP address as a result of malware on a smart device on your home network. Spambots can send out spam emails without any need to access your VM email account or even use your email address.In the past, posters on this forum have had their IP addresses blocked and subsequently&nbsp; discovered that malware&nbsp; on anything from Amazon Firesticks to Ring Video doorbells was responsible for the suspicious traffic. So just because you cannot see any obvious evidence it does not mean something nasty is not busy working away in the background.If I was in your situation I would run a deep AV scan on all your devices that you can. I would also have a think about any free apps that you may may have installed on any smart devices on your network since that is often the way that malware gets onto smart devices.Coenoby

Forum Discussion

Can't send e-mails due to IP address blacklisted due to "rDNS"

10 Replies

Related Content

E-mail account security

e-mail received about virgin.net account to be deleted

NTL e-mail Account

Losing my e-mail account and really panicking

e-mail