I cannot send email through SMTP

line72 2012-07-02 14:30:01 UTC #1

I use dreamhost as my primary mail server, and I connect using a desktop client (typically Evolution). I connect to dreamhost's smtp server using authentication (port 587, TLS on, username + password).

Recently, I have no longer been able to send email, and am getting the following response from evolution:

RCPT TO user@address.com failed: Service unavailable; Client host [xx.xxx.xxx.xx] blocked using xbl.dnsbl; http://www.spamhaus.org/query/bl?ip=xx.xxx.xxx.xx

And this one on my iPhone (when it's on my wifi):

The recipient "user@address.com" was rejected by the server because it does not allow relaying.

This appears to be a message from dreamhost's SMTP server, not from the recipient. Unfortunately, being on a home DSL network, I have very little control over my ISP, and there is little I can do about being blocked.

I would understand this scenario if I was running the SMTP server on my home computer and the recipient blocked my message. BUT, this is not what is happening. I am authenticating with dreamhost's SMTP server, yet dreamhost's SMTP server is still refusing to allow me to send email to any recipient. This seems entirely broken!

Is there anyway to resolve this, or am I stuck only being able to send email through the webmail interface?

schajee 2012-07-02 20:17:53 UTC #2

Not a solution, but just wanted to add my voice to the same issue.

Been having intermittent issues with sending emails. Easiest solution for us was to restart the modem and acquire new IP which hopefully would not be blocked. But I guess the pool is not big enough.

Now I am receiving reports on errors receiving mails as well. I am going to investigate it further, but till then maybe a solution to the above problem might be helpful.

line72 2012-07-04 00:06:15 UTC #3

Have you had any luck. I've been going back with dreamhost's tech support and they have not been helpful. They implemented a new policy (without telling any of us!) and no connections can be made to their SMTP server (even secure, authenticated), if that IP address is in spamhaus blacklist.

Why they'd do this I have no idea. They already require authentication to use their SMTP server. Why would they need to validate your IP address? I don't know about you, but my public IP is a shared address on DSL, so of course it's in spamhaus's blacklist, but there's nothing I can do about it!

This means that if you get on some wifi, you may or may not be able to send email through your dreamhost account. I find it really silly that even though you are authenticating, they may block you from accessing your paid for SMTP server if they don't like your IP!

sifaan 2012-07-10 13:16:21 UTC #4

I have tracked the problem to Dreamhost using the CBL in an unauthorized manner (preventing authenticated accounts from accessing SMTP when on a blacklisted IP); excerpts from the terms and conditions of the CBL:

"Thus, by applying the CBL to your relay server for outbound email, you will be impacting legitimate email sent properly."

"In the first case (outbound email traverses the Internet to get to your relay), you MUST NOT apply the CBL to connections that do SMTP authentication (or some other technique that proves that the SMTP connection is from your customer). These will often be the NATs for wireless POPs or airport lounges or hotels. Because of this a roaming user (or us) is relatively unlikely to be able to contact the right people to get the listing fixed properly. So the user will just be very frustrated (and mad at both you and us)."

"In concrete terms: you should offer authenticated inbound email access on port 25 or port 587 (or some other port), and you MUST ignore CBL listings of connections that have authenticated. If you only allow authenticated connections on port 587 (or other non-port 25 port), you do not need to implement CBL checking on it at all."

and finally,
"If, inspite of 3, 4, 5 or 6 above you still want to use the CBL in an unsupported fashion (eg: block blog, web, IRC access, block on full received line traverse, derive other blocking heuristics, or block MSA submissions), you must take full responsibility yourself for the decision.
This means that you must remove all mention of the CBL (or Spamhaus) from any error messages or communications the user may see, and direct all support questions to your own support infrastructure."

For full terms, see #6 and #7 at http://cbl.abuseat.org/tandc.html

Tech support has been amazing evasive, but let drop that there had been certain "recent policy changes". After tracking down that they are using CBL in an unauthorized manner, I made a separate request 33 hours ago, but still no reply to that. Within the next 24 hours (unless DH relents) I'm moving out of this place.

line72 2012-07-10 14:10:09 UTC #5

I'm continuing to send dreamhost support requests, and this new information really helps! So far they have completely avoided the problem! Please post back if you get anywhere with them, and I'll do the same.

Also, I have gotten this from them which they never publically announced:

We recently made a change to our mail server policy. All emails that try
to send through DreamHost's servers must not come from a computer or
server with an IP address on the SpamHaus blacklist...

baby 2012-07-12 19:30:26 UTC #6

I raised a ticket 2 days ago with this problem. Spamhaus' SBL entry is clear:

However, their first attempt at answering was telling me that MY ISP IP address was being blocked. After I loudly answered that it is clearly THEIR server which is being blocked, they remained silent...

If this is true, Dreamhost is in the pathetic case of using an RBL to block messages which is blocking them.

jciccare 2012-07-17 15:12:09 UTC #7

I too was unable to send SMTP mail yesterday. I'm using a Verizon MiFi 4G hotspot, which is apparently assigned a different IP from an internal Verizon IP range each time it connects. Apparently my first connection today involved an IP that was on two Spamhaus block lists: PBL (P=Policy) and XBL (X=Exploits); XBL includes CBL -- I learned this by using WhatIsMyIP.com to determine the hotspot's IP, then looking that up on Spamhaus.net. When I powered off/on, the next IP was only on Spamhaus PBL and my outgoing mail was no longer blocked. It's a workaround but unsatisfactory because (as others have noted) a mail host shouldn't be using CBL to filter outgoing mail.

patricktan 2012-07-18 01:26:51 UTC #8

Hmm, there seems a fight between DH and spamhaus. What if we switch to gmail?

sifaan 2012-07-18 02:22:02 UTC #9

If you have only a few accounts per domain, it's great. otherwise you have to pay 5$/user/month

I've bought some cheap shared hosting at justhost - fixed amount per month for unlimited email accounts, and fairly decent email sending limits (500 per hour in total), and am migrating my email there.
dreamhost has better limits (100 per hour per email address) but that's useless when the SMTP server is blocking us!

blakew93 2012-07-26 13:05:15 UTC #10

Yup. I have been fighting with their technical support for the last 24 hours over the exact same issue. I basically cut and pasted the relevant information from Spamhaus' Terms & Conditions page demonstrating that they are in violation at which point they simply stopped communicating with me. This is customer service at its worst.

sifaan 2012-07-27 07:41:43 UTC #11

more or less the same story here; apparently my support tickets have been moved to a "specific tech support team member"
whatever.

anandarb 2012-08-01 04:03:36 UTC #12

I am having the same problem and it seems like they have decided not to give any support to the existing customers anymore.The problem is regular for past one month and there's no announcement or nothing from their side to solve the problem. This is pretty much solvable but ruining our reputation daily. Please guys wake up and help!!!!!

saunivideo 2012-08-01 06:43:18 UTC #13

I'm using microsoft outlook 2010. I'm not able to send any emails too because of spamhaus. Is there anyone who can help. I'm also using dreamhost hosting facility.

I REQUEST DREAMHOST AUTHORITIES TO TAKE THIS SERIOUSLY AND SEND THE SOLUTION FOR THE PROBLEM TO US BY EMAIL. IT WOULD BE GREATLY APPRECIATED BY ONE AND ALL.

Thanks and best regards,

Ash
Sauni Video Productions

saunivideo 2012-08-10 09:51:54 UTC #14

Unfortunately, still no action has been taken. We are still encountering the same problem.

blakew93 2012-08-26 14:36:49 UTC #15

This issue still exists. What a joke.

tritical 2012-08-31 05:24:26 UTC #16

I'm having this issue as well. Twice in the last 3 weeks I've had to de-list an IP in order to get our email to send. DH guys: This is not good. Why is SMTP authentication being ignored in favor of using a block-list ?

If this issue is going to persist, I'd like to know ASAP. My partner relies on email as part of her home business, and with the holidays just around the corner, reliable email is going to be critical for her. If you cannot provide that, please let us know so we can make other arrangements.

skrayper 2013-12-05 01:53:31 UTC #17

Hi All,

I didn't read the entire thread but I did a CTRL+F for the word "optional" and didn't find it on either page, so maybe this will help at least one person.

This happened to me today on my iPhone, from the first post:

I think I figured out a solution to the problem I was having SENDing from my iPhone 5 iOS 7.0.4. Maybe it can help with some other mail clients too?

When setting up the outgoing SMTP mail server, my iPhone was saying that re-entering the username and password was Optional.

So the first time I didn't set them up. (bad)

Then I deleted the account and set everything up again, this time re-entering the username and password again in those "Optional" fields for outgoing SMTP mail.

Now sending works for me both on home WiFi and Cellular AT&T, on two accounts that were having the same issue.

Hope this helps!

LakeRat 2013-12-05 02:10:02 UTC #18

Correct. I've posted in other iDevice threads here about that. The screen in confusing because as far as the form you are filling out those fields are considered optional (an SMTP server does not have to require authentication, although these days most do), BUT Dreamhost DOES require outgoing authentication (it's a spam stopper) so if you are using dreamhost mail (and most others), yes it is in fact NOT optional.

skrayper 2013-12-05 02:34:47 UTC #19

Awesome, thanks for the confirmation!