UCEPROTECTL1

popowich

EQ Forum Admin
Staff member
Hello,

If you are on the UCEPROTECTL1 RBL then most likely :

  • Your reverse DNS does not exist
  • Your reverse DNS does not have matching forward DNS
  • Your mail server is an open relay
  • A mail server or client that your mail server relays for is spamming
 

stefan

New Email
My IP is on UCEPROTECTL1. When i check my IP with them i get this error:

WARNING: Your ReverseDNS points to a CNAME-Record.
This violates RFC 2181 Section 10.2
Please request your Admin or Provider to fix this.

I have contacted my server support to fix the ReverseDNS so it points to A-record and i got confirmation that they did the job but i am still on Level 1 with Uceprotect?!

Here are my results for dig -x command:
Code:
dig -x 174.142.61.201

; <<>> DiG 9.6-ESV-R4-P3 <<>> -x 174.142.61.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56856
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;201.61.142.174.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
201.61.142.174.in-addr.arpa. 27985 IN	PTR	mail.emailmarketing.rs.

;; AUTHORITY SECTION:
61.142.174.in-addr.arpa. 27985	IN	NS	ns2.iweb-hosting.com.
61.142.174.in-addr.arpa. 27985	IN	NS	ns1.iweb-hosting.com.

;; ADDITIONAL SECTION:
ns1.iweb-hosting.com.	13483	IN	A	174.142.253.4
ns2.iweb-hosting.com.	13483	IN	A	67.205.116.4

;; Query time: 11 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Fri Dec 23 16:59:38 2011
;; MSG SIZE  rcvd: 165

Do you have some advice what else is needed to be done??
 

popowich

EQ Forum Admin
Staff member
For the forward DNS try changing your mail record from a CNAME to an A record.

It currently is :

;; ANSWER SECTION:
mail.emailmarketing.rs. 0 IN CNAME emailmarketing.rs.
emailmarketing.rs. 14400 IN A 174.142.61.201

Try making it :

;; ANSWER SECTION:
mail.emailmarketing.rs. IN A 174.142.61.201

At this time you're not listed, but the above change should clear your "high risk" warnings about CNAME's in your email related DNS records.


Reverse DNS (PTR) exists and claimes to be: mail.emailmarketing.rs

WARNING: Your ReverseDNS points to a CNAME-Record.
This violates RFC 2181 Section 10.2
Please request your Admin or Provider to fix this.

This IP is NOT registered at ips.whitelisted.org. More Information about whitelisted.org can be found here.
 

stefan

New Email
I don't get it. My hosting department told me that they have changed the DNS to A record!? How do you check how it is actually setup? I have tried with dig -x command but it seems i don't get actual settings.
 

popowich

EQ Forum Admin
Staff member
Hello,

You can check that the change has been made with this command:

> dig mail.emailmarketing.rs

The current zone file still says :

mail.emailmarketing.rs. 0 IN CNAME emailmarketing.rs

Ask them to change it to:


mail.emailmarketing.rs. 14400 IN A 174.142.61.201


Feel free to send them the link to this discussion if needed to help explain the change that you are requesting.
 

stefan

New Email
They've made some changes, but now i can't access my email accounts from my computer?
And they are not so helpful enough. It seems i will have to fix this out myself... Do you know what went wrong?
 

stefan

New Email
Hmm, i did some changes now by myself and got email working remotely again. Could you please make deep check if everything is correct with my server settings?
 

popowich

EQ Forum Admin
Staff member
Yes, it appears that made the CNAME to A record change correctly and your mail server is accepting incoming smtp connections :


;; ANSWER SECTION:
mail.emailmarketing.rs. 14371 IN A 174.142.61.201


> telnet 174.142.61.201 25
Trying 174.142.61.201...
Connected to 174.142.61.201.
Escape character is '^]'.
220-cl-t201-060cl.privatedns.com ESMTP Exim 4.69 #1 Fri, 30 Dec 2011 00:59:42 +0100
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
 
Top