SORBS Blocking Hotmail Email

The message I sent from my hotmail account bounced as well. But the bounced message I saw did not list a reason for the rejection only "Delivery to the following recipients failed" followed by the address to which I had sent the message.

With the default Hotmail account settings, you won't see the reason the mesage bounced listed. To see the reason for the message rejection, you have to take the following steps while logged into your Hotmail account.

1. While checking your inbox, click on "Options", which is next to "Help" at the top of the Hotmail webpage.
2. Click on "Mail Display Settings".
3. Change the "Message Headers" setting from "Basic" to "Advanced".
4. Click on "OK".
5. Go back to your inbox and hit the Refresh button in your browser to reload the message for which you wished to determine the cause of the message being rejected.
6. Within the message you will now see a "View E-mail Message Source" link. Click on it.

You should now see something akin to the following in the message.

Final-Recipient: rfc822;test12345@moonpoint.com
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;550 5.7.1 <test12345@moonpoint.com>... Mail from 65.54.186.64 refused - see http://www.dnsbl.us.sorbs.net/

Look for the "Status" and "Diagnostic-Code" values to determine why the message was rejected. In this case, I see the message was rejected by SORBS, a blocklist I use on the system to cut down on the amount of spam reaching users of the system. I have the following line in the /etc/sendmail.mc file on the system, which results in sendmail querying the SORBS blocklist each time a message arrives on the system.

FEATURE(`dnsbl', `dnsbl.sorbs.net', `"550 Mail from " $`'&{client_addr} " refused - see http://www.dnsbl.us.sorbs.net/"')dnl

If the IP address of the system attempting to send the email is listed in the SORBS blocklist, then the mesage is rejected with the message Mail from xx.xx.xx.xx refused - see http://www.dnsbl.us.sorbs.net/ with xx.xx.xx.xx being the IP address of the sending system.

I looked up the IP address of the sending hotmail.com server, which in this case was 65.54.186.64. The SORBS system reported the following for that IP address.

Database of servers sending to spamtrap addresses

Address:	65.54.186.64
Record Created:	Thu Oct 6 23:58:40 2005 GMT
Record Updated:	Sat Feb 4 02:39:46 2006 GMT
Additional Information:	Received: from hotmail.com (bay16-f14.bay16.hotmail.com [65.54.186.64]) by desperado.sorbs.net (Postfix) with ESMTP id E9BF611436 for <[email]>; Sat, 4 Feb 2006 12:39:41 +1000 (EST)
Currently active and flagged to be published in DNS
If you wish to request a delisting please do so through the Support System.

I tried sending another message to myself from the Hotmail account a couple of hours later. It too was rejected because it was on the SORBS list, but the address of the Hotmail email server the second time was 65.54.186.58.

I didn't want to stop using the SORBS list, but I also didn't want to make it impossible for any user on the system to receive email from a hotmail.com address.

An alternative is to continue to use the SORBS blacklist, but to "whitelist" specific hotmail.com and msn.com email addresses. Email sent from msn.com addresses will also come to your server from hotmail.com servers.

If you are using sendmail to process incoming email, you can specify email addresses from which you will accept email that would otherwise be rejected by listing the sender in /etc/mail/access. You can add a line like the following to that file. Use tabs (as many as you wish) and not spaces when separating the address and the "OK".

moonpoint12345@hotmail.com           OK

The line above specifies that any email from moonpoint12345@hotmail.com will be accepted. If a message originates from that address, then the system won't check the IP address of the sending server in blocklists used by the system. If you wish to add a comment to the file regarding any address you are adding, simply start a line with the "#" symbol and put any comment you want after it on the line.

After you add an address to /etc/mail/access, you will need to regenerate the access.db file, presuming that you have specified that you are using that type of database in /etc/sendmail.mc, which is normally the default for Linux systems. If it is the case, you will have a line similar to the following in your sendmail.mc file.

FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl

makemap hash /etc/mail/access </etc/mail/access


Once you have run the makemap command, then anyone with a hotmail.com address that you have added to the access file should be able to send email to users on the system.

Note, you may also need to have delay_checks specified in sendmail.mc to delay checking the blocklists until after other checks have been made to determine whether the message should be accepted. I also have the following line in /etc/mail/sendmail.mc before the spot where I do the blocklist checks, so that the normal blocklist checks won't be done in all cases, e.g. when the sender has authenticated, etc. Note, if you modify sendmail.mc, you will need to regenerate sendmail.cf from it using m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf and then restart sendmail with /etc/init.d/sendmail restart.

FEATURE(delay_checks)dnl

After I had added my hotmail.com address to the file and run makemap, I sent another message to myself from the hotmail.com account. This time it got through. The address of the sending hotmail.com server was bay16-f1.bay16.hotmail.com [65.54.186.51], which I verified was also on the SORBS blocklist.

Refererences:

1. The /etc/mail/access and access.db files
2. Sendmail cf/README - Anti-Spam Configuration Control