US Telco Support > AT&T > AT&T Southeast > BellSouth E-mail server Blacklisted?

BellSouth E-mail server Blacklisted?

.net 007: This e-mail message was undeliverable due to the following reason:

.net 018: Each of the following recipients were rejected by a destination mail system.

Note: The reasons given by the destination mail system are included to help you determine why each recipient was rejected.

Solution:
Attempt to resend, or contact the recipient by alternate means to let them know about the issue.

Recipient:
Reason: 5.7.1 Mail from 205.152.59.69 refused see '»www.us.sorbs.net/'

As a former DSL tech, I saw this issue a few times. It's your particular IP that's blacklisted, turn your modem off for a few monutes, then let it reconnect so it will be issued a different IP, this usually resolves the issue.
--
Deep thanks to the people who defend America from those who would do us harm.

Thanks for the reply. But I have a static IP address so that won't work.

I did check my IP address on the suggested website, along with about 20 others DSL IP addresses in the same subnet, and all are listed 22 times. Since the reject message had the email server IP, and not my DSL IP, my assumption was that it must be the mail server in general.

My DSL IP address is always on the outgoing mail header along with my PC name, thus it should fail on all messages. Since I'm able to "successfully" send POP mail to the recipient via gmail and also my hosting company (not using Bell South's mail server (nor port 25) I don't think my IP address is the problem - right?

I did get a case number from the Bell South 'Senior Tech' who called me back about 3 hours after my trouble report. I am supposedly getting a callback tomorrow after they resolve the problem

My problem has been solved by finally bypassing BellSouth in both directions. Mail is much faster now, and not taking a long time to upload on a send.

I do appreciate your suggestion.

This is not your IP address being blocked, but indeed bellsouth's mail servers.

I had the same issue this week and ended up switching to the other MX entry from an nslookup on mail.bellsouth.net and all was working.

I would have no idea who to contact to get it removed, but I will keep an eye on this post for a possible contact and will provide the server I was having issues with as well (I will not be home for another week, so I will have to wait until then to figure out which server I was having the issue with) I know that it was on the SORBS blacklist and listed as having a dynamic IP address however

-Wyked
--
What is a Juggalo? I don't know, but I'm down with the clown and down for life yo!

reply to Gizguy

reply to Gizguy
Here are the entries for bellsouth mail servers:

ABOUT BLACKLIST CHECK

This test will check a mail server IP address against 147 DNS based blacklists. (Commonly called Realtime blacklists, DNSBLs or RBLs). If your mail server has been blacklisted, some email you send may not be delivered. Blacklisting is a common (although largely ineffective) way of reducing spam. If you don't know your mail server's address, start with a MX Lookup.

Checking 205.152.58.32 against 144 known blacklists...
Listed: 8 time(s)
Timeouts:4

Blacklist Name Status Reason TTL Response Time (ms)
BLARSBL Listed LISTED Return codes were: 127.1.0.1 76350 16
KROPKA-DIALUPS Listed LISTED Return codes were: 127.0.0.3 7200 516
KROPKA-FORMS Listed LISTED Return codes were: 127.0.0.3 7200 469
KROPKA-IP Listed LISTED Return codes were: 127.0.0.3 7200 437
KROPKA-LAMEAV Listed LISTED Return codes were: 127.0.0.3 7200 500
KROPKA-PROXIES Listed LISTED Return codes were: 127.0.0.3 7196 3406
KROPKA-RELAYS Listed LISTED Return codes were: 127.0.0.3 7196 3406
NETHERUNSURE Listed LISTED Return codes were: 127.0.0.2 900 250

Checking 205.152.58.33 against 144 known blacklists...
Listed: 7 time(s)
Timeouts:5

Blacklist Name Status Reason TTL Response Time (ms)
BLARSBL Listed LISTED Return codes were: 127.1.0.1 76277 16
KROPKA-DIALUPS Listed LISTED Return codes were: 127.0.0.3 7200 594
KROPKA-FORMS Listed LISTED Return codes were: 127.0.0.3 7200 3578
KROPKA-IP Listed LISTED Return codes were: 127.0.0.3 7200 3578
KROPKA-LAMEAV Listed LISTED Return codes were: 127.0.0.3 7200 437
KROPKA-PROXIES Listed LISTED Return codes were: 127.0.0.3 7200 578
KROPKA-RELAYS Listed LISTED Return codes were: 127.0.0.3 7196 3578
--
| Jazz's Line Stats | Jazz's Network | Jazz's Folding Stats |

reply to NormanS
The '»www.mxtoolbox.com ' link in my previous post may have been entered wrong. I was able to get into the site and saw the hits on the mail server listed, and other IP addresses. If you put in an address not listed you will get a message indicating 'no MX records found'.

I'll try again later in the week using BellSouth servers to the hotel in Illinois that was rejecting my email to see if BellSouth has succeeded in getting their server removed from the black list. Again it only rejected when I used the BellSouth mail servers.

reply to jazzman916

reply to Gizguy
I'm having the same problem lately. One of the most irritating things about all of this is that I am on Extreme DSL (supposedly) but for some reason in the last month or so my IP address has gone back to being dynamic. I want my static IP back because I never got emails bounced back and now about 10% of all my email is being rejected through no fault of mine.

And right now I can't find the help desk number to call and if I do call, am I going to really get any help? Waaaah....!

Just felt like whining.
--
jbooksNOSPAM@bellsouth.netremove the "nospam" from the email to email me.mhttp://www.johnsonsusedbooks.com

If you run your own mail server from your residential connection, you need the static IP address if you run an end-to-end SMTP client. AOL, among others, will not accept connections from residential dynamic accounts. Here is a log of a Telnet session:

554- (RTR:BB)  http://postmaster.info.aol.com/errors/554rtrbb.html
554- AOL does not accept e-mail transactions from dynamic or residential
554- IP addresses.
554  Connecting IP: 71.131.252.146

reply to bathswife
The FastAccess DSL Tech Support number I've been using is 888-321-2375. I'll be calling them again today to followup on case #628719 from Wednesday since email being sent from BellSouth mail servers continue to be rejected

From: Mail Administrator [mailto:Postmaster@
Sent: Friday, December 23, 2005 6:40 AM
To: name@bellsouth.net
Subject: Mail System Error - Returned Mail

.net 007: This e-mail message was undeliverable due to the following reason:

.net 018: Each of the following recipients were rejected by a destination mail system.

Note: The reasons given by the destination mail system are included
to help you determine why each recipient was rejected.

Solution:
Attempt to resend, or contact the recipient by alternate means to let them know about the issue.

Recipient:
Reason: 5.7.1 Mail from 205.152.59.72 refused see »www.us.sorbs.net/

-------------
Yet the same message sent through either gmail, or my hosting company, mail server does not get rejected.

Regardless of what you may believe is the effectiveness of using MX addresses to reject messages, it is obvious what is not effective is BellSouth's process to remove their Mail Server MX records from being Blacklisted. I never had this problem with Earthlink before I switched to BellSouth last month.

reply to Gizguy
MX records don't have anything to do with this. Why?

The servers that send mail out, the ones being blacklisted, are not the same ones used that receive mail for the bellsouth.net domain. It's the receiving servers that have an MX record, not the sending servers.

imf21aec.mail.bellsouth.net [205.152.59.69] and imf24aec.mail.bellsouth.net [205.152.59.72] are outgoing mail servers used by bellsouth customers. The do not have MX records because they do not receive mail for the bellsouth.net domain.

The two mail servers that currently do receive mail for the bellsouth.net domain are:

mx01.mail.bellsouth.net [205.152.58.33] and
mx00.mail.bellsouth.net [205.152.58.32]. These are the actual MX records for bellsouth.net.

There are dozens, if not hundreds of blacklists in use out there. And they use varying criteria for inclusion of IP addresses.

For example, every single residential bellsouth.net IP address (both dialup and DSL) is in the DUL blacklist. These inclusions have nothing to do with any evidence of any spam being sent. The logic for this list is that running mail servers on these IPs is not allowed by the ISP, so any mail coming directly from them is likely problematic. Bellsouth's use of port 25 filtering has largely reduced the usefulness of this portion of the DUL.

Some sites reject mail because the IP sending it reverses to a hostname that does not also have an MX record. This is poor practice since many large ISPs operate as described above and their sending mail server hosts do not have MX records. A site rejecting mail this way would reject 100% of all the mail sent by bellsouth's customers.

And some sites reject mail based on actual spam content, or receiving mail at unknown and unpublished addresses. This could be the result of brute force address guessing commonly used to send spam.

And there are many, many other rationales/designs for blacklists.

thanks

reply to graysonf
I am completely confused which is not all that unusual but maybe you can help me understand.

Please read through what I write carefully because I don't know the right language to try to explain what I'm confused about and I need help talking to the help desk.

What is the difference between the IP address and the server address? I thought that the IP address was what your computer showed to the public as your IP address.

All I know is that until I got accidentally moved to having a dynamic IP address I had no trouble sending email to anyone. Now that my IP address is dynamic, it's a crapshoot as to whether or not I can send email. When I power off the router from time to time (electrical storms, etc.), I am given an IP address at random by bellsouth.

If my emails start getting bounced back to me because the IP I am using is listed in nsorbs, etc.,(like last night), I know that the IP I have been dynamically assigned has been reported by someone as coming from a spammer. I then have to power off my router and power it back on and try sending the same emails again. If the IP I am assigned after powering back on is one that is "good", the email will go, if it is one that has been abused in the past by someone spamming and has been reported to nsorbs,etc., I have to keep powering off the router and powering it back on until I get a good one.

I believe it is my computer IP that is being rejected by the recipient's ISP because in the headers, the numbers listed as being rejected are exactly the numbers of the IP I've been dynamically assigned by bellsouth.

So what I think is happening here is that it is my computer's assigned IP address that is being rejected, and perhaps that is a bellsouth 'server' and I just don't know the correct lingo. That is what worries me. When I talk to the help desk, are they going to understand what I'm saying is the problem? Can you request a specific static IP address? And if so, how can you know one to ask for that has NOT been used in the past by a spammer?

When I call the help desk to get put back on static, how can I ensure that I get my old IP address back (the good one that never got emails bounced back) or one that has not previously been abused by someone?

I have been a member of spamcop for years and go through energetic spurts of turning every single spam in for a day or two before I just get too worn out so I am familiar with the problems associated with spam. I understand why some addresses are blocked by nsorbs and the other organizations like them and I don't have a problem with that. What I think is that before some glitch occurred in the BLS system that caused my account to revert back to 'dynamically assigned IP' I never had any problems sending emails. Now I do. I want my old static IP address back that was what I think of as "clean" in the sense that it hadn't been used by spammers and I never had trouble sending email to people.
--
jbooksNOSPAM@bellsouth.netremove the "nospam" from the email to email me.mhttp://www.johnsonsusedbooks.com

Your problem is not related to your IP address because you are not allowed to send mail directly from your IP address to any mail server other than mail.bellsouth.net, and the mail being rejected isn't coming from mail.bellsouth.net.

Okay, I'm going to cut and paste the entire header here and maybe you can help me understand what you are saying. The sending IP address that is listed as being rejected was my public IP address at that time dynamically assigned to me (205.152.59.67). Here is the entire header:

Recipient:
Reason: 5.5.1 Rejected, sending IP address 205.152.59.67 is blocked. Details: IP 205.152.59.67 is blacklisted (code 6), info at »blacklist.kpn-cert.nl/bailout

Reporting-MTA: dns; imf19aec.mail.bellsouth.net
Arrival-Date: Thu, 22 Dec 2005 23:43:01 -0500
Received-From-MTA: dns; ibm60aec.bellsouth.net (208.63.194.66)

Final-Recipient: RFC822;
Action: failed
Status: 5.1.1
Remote-MTA: dns; mailhost.hetnet.nl (195.121.6.164)
Diagnostic-Code: smtp; 550 5.5.1 Rejected, sending IP address 205.152.59.67 is blocked. Details: IP 205.152.59.67 is blacklisted (code 6), info at »blacklist.kpn-cert.nl/bailout
Received: from ibm60aec.bellsouth.net ([208.63.194.66])
by imf19aec.mail.bellsouth.net with ESMTP
id
for ; Thu, 22 Dec 2005 23:43:01 -0500
Received: from Karen.sip.bhm.bellsouth.net
([208.63.194.66]) by ibm60aec.bellsouth.net with ESMTP
id
for ; Thu, 22 Dec 2005 23:43:00 -0500
Message-Id:
X-Sender: harperbooks@mail.bhm.bellsouth.net
X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0
Date: Thu, 22 Dec 2005 22:42:21 -0600
To: "Ben Blomsma"
From: Karen Harper
Subject: Re: Item #6584916504
In-Reply-To:
References:
Mime-Version: 1.0
Content-Type: multipart/alternative;
boundary="=====================_83387859==.ALT"

reply to bathswife
Are you running your own mail server? From home? On your residential account? I am not familiar with the Bellsouth AUP/TOS, but, personally, I have no problem if you are doing that.

If you are doing that, then you must know a little bit about mail servers, domains, DNS records, MX records, etc. If you are not doing that, then how do you send email? Having your computer's IP address in DNSBLs is only an issue if you are running a mail server from that computer; otherwise, you are using somebody else's SMTP server for your outbound email, and it will be their server's IP address, not yours, which is subject to listing by DNSBLs.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum

reply to bathswife
205.152.59.67 is/was not your public IP address. It belongs to one of bellsouth's outgoing mail servers:

Name: imf19aec.mail.bellsouth.net
Address: 205.152.59.67

Your public IP address that was in effect when you sent the mail appears to be:

Name: adsl-63-194-66.bhm.bellsouth.net
Address: 208.63.194.66

This address was not the one used for the basis of the rejection, 205.152.59.67 was.