Hi,
So for those of us implementing MTA blacklist checks against incoming mail (because we want the world to be a better, spamless place). It creates a problem by not allowing RBL blacklisted IP to send mail to our MTA's.
It appears that the Victron VRM registration and 'Forgotten Password' emails are sent using the Mailchimp 'Mandrillapp' paid plugin, however this is also a favourite of the worlds spammers too.
As a consequence a large number of the IP's used by Mailchimp (Mandrillapp) are listed in DNSBLs, RBL's etc.
This means if a properly configured, secure, spamfighting MTA receives mail from a blacklisted IP it will return a 554 response (Service not available) to that blacklisted mail sender, like below:
Jun 16 14:55:19 megatron postfix/smtpd[238486]: NOQUEUE: reject: RCPT from mail180-37.suw31.mandrillapp.com[198.2.180.37]: 554 5.7.1 Service unavailable; Client host [198.2.180.37] blocked using sbl.spamhaus.org; Error: open resolver; https://check.spamhaus.org/returnc/pub/172.69.193.5/; from=<bounce-md_30161135.666eeec3.v1-234f74cf37db4fd4a95b93589adde893@mandrillapp.com> to=<xxxxxxx@xxxxxxxx.xxx.xxx> proto=ESMTP helo=<mail180-37.suw31.mandrillapp.com>
rDNS for IP 198.2.180.37 mail180-37.suw31.mandrillapp.com OK IP Addresses (A or AAAA records) for mail180-37.suw31.mandrillapp.com 198.2.180.37 At least one IP address of the DNS lookup for mail180-37.suw31.mandrillapp.com matches the original IP OK DNSBL Blacklist Test Summary 238 of 238 tests done. Results Not listed: 224 Blacklisted: 9 Brownlisted: 0 Yellowlisted: 0 Whitelisted: 0 Neutrallisted: 0 Failed: 5
You can see the IP used by mandrillapp for my password reset was at that point on 9 blacklists
The mandrill app doesn't report to the paying 'client' that the mandrillapp IP is blacklisted, but rather drops the recipient email address for all future sending requests from the clients application as a previously bounced address NOT that their sending IP has been blacklisted as it's been used by the worlds finest spammers using the mandrillapp service.
This means you'll never receive another Victron Email from that mandrillapp ever again! No registration emails, password resets etc.
So, how does one then navigate this issue? How do you get your password reset if Mandrillapp won't send you the email, or if it does, may use a blacklisted IP that should get rejected by many mailservers who are implementing anti-spam strategies? (Mandrillapp does do some IP rotation, so sometimes you will get lucky, but not their next attempt with another blacklisted IP for me, see below, they just stuck with this one, got 5 x 554 responses and marked the email as bounced)
rDNS for IP 198.2.135.18 mail135-18.atl141.mandrillapp.com OK
IP Addresses (A or AAAA records) for mail135-18.atl141.mandrillapp.com 198.2.135.18 OK At least one IP address of the DNS lookup for mail135-18.atl141.mandrillapp.com matches the original IP OK DNSBL Blacklist Test Summary 238 of 238 tests done. Results Not listed: 226 Blacklisted: 7 Brownlisted: 0 Yellowlisted: 0 Whitelisted: 0 Neutrallisted: 0 Failed: 5
Hopefully Victron will be ditching Mandrill in favour of their own application mailserver used only by them, with a clean IP........ Hello Amazon AWS SMS with reserved IP.....
Anyone know a direct email for support in this regard, that is to say either get my email activated or password reset so I can access VRM?
