Picking over the various bits and pieces of this, and just to be clear.
When you send from the main relay with the IP address ending in 102, that drops into a hotmail account inbox without going to spam, yes? But if you relay through it from Roadrunner address ending in 202 it junks it?
First question I would ask, before even looking at the SMTP stuff is this; during your testing (and we all do this in error) did you inadvertently click on the 'not junk' option in Hotmail for tests from the relay itself? What I would do is use fresh hotmail, gmail, yahoo and gmx accounts and test again - just to be absolutely sure no manual/auto whitelisting has taken place. This will only work reliably for the first test mail you send - so make it realistically like anything you will normally be sending. I'm going to PM you a couple of email addresses to send tests too as well, that way I can see the headers as I want them in private.
Moving to your posted headers - and I've removed them from the quoted chunk so you retain the power to edit your earlier post and delete them:
Quote:
Originally Posted by trist007
PTR are probably the culprit
|
From a DNS perspective, PTR is fine for both machines. They both resolve back and forth as they should. The only slight reservation on this is that clearly the second host has generic and dynamic type PTR. Really that should not matter as it is natural for remote smtp clients on dynamic addresses to connect to SMTP servers to send mail. I do note that the RR address concerned is listed in the SORBS blocklist. I'm not aware of Hotmail using SORBS in their decision making process, but it's not entirely impossible that it plays a part - or. Don't even waste your time trying to get delisted if that address is dynamic. I won't go into the politics because I rather like Michelle Sullivan and SORBS on ethos alone, but getting de-listed is notoriously difficult.
Quote:
Originally Posted by trist007
Also another thing, when I send mail directly from IP1 it sends as d.....net yet when I send from IP2 it sends as d....d....net. The only way I've found to fix this is to edit the myhostname in /etc/postfix/main.cf in IP2 from d....d....net, however I was thinking it would affect it, but I'm coming to think that it doesn't.
|
Potentially it very much could but it depends on the whole line of the first 'received from' header. As Postifx goes you get three bits of info: Let me expand a little with an example:
Received: from foo.com (mail.bar.com [1.2.3.4])
This says that 'the remote server HELO'd/EHLO'd with 'foo.com', it connected from 1.2.3.4 and the reverse (ptr) for 1.2.3.4 was 'mail.bar.com'). What is important is the 'helo' hostname - which can be quite different - *can* be keyed on when checking for potential spam. Some systems can use simple header checks for this, others make use of SPF on this (and the 'from' domain too) - so don't rule this out. Personally if your relay machine had reverse DNS that said it was called 'mail.foo.com' I'd make sure it helo'd with a hostname of 'mail.foo.com'. Consistency is the key and while this may not be playing a big part in the Hotmail issue, it may be combining with other issues to just trip the score. Also, it may play problems with other freemail providers. It's not unusual to see the HELO hostname different from reverse PTR, but in the golden game of email deliverability I personally would want that correct.
Quote:
Originally Posted by trist007
Are any forward regular dns checks made as well? Like to see if d.....net resolves to a non internal IP?
|
It depends on the receiving system but in many cases, yes. Some systems check for valid A records in non dynamic address space, MANY systems check the address of the AUTH name servers. I note one of yours is on a RR residential IP and I'd be really surprised if a couple of well known anti-spam devices did not bang the score up if you mentioned your domain name in the body of a mail, given that it appears in one or more blocklist(s). That said, it should not be *the* issue causing your problem as you can successfully deliver mail direct from the relay on its own. I mention it as it may cause you trouble later on - or be combining with other small issues to tip over the scales.
I'd also mention your SPF record. Yes, it permits both IP's to send. Personally, until I had this issue sorted I'd change the end of it from '-all' to '~all'.
I'll PM you some test email addresses - if you can fire off a full test to all of them I may just spot something in concrete if that's any use to you.
EDIT
Can't PM you by the look of it, so I'll send email to the domain if that's OK.
There is also the option to 'hide' headers in postfix with something like this (I'll use internal examples)
Quote:
FILE: /etc/postfix/maps/header_checks
#hide internal IPs added by postfix on the way out
/^Received:.*\[127\.0\.0\.1/ IGNORE
/^Received:.*\[10\.24\.55\.1/ IGNORE
/^Received:.*\[192\.168\.0\./ IGNORE
|
Then link that into main.cf with a line like this at the bottom:
header_checks = regexp:/etc/postfix/maps/header_checks
Naturally you could tell this to ignore the RR dynamic address if you get my drift.