A few questions regarding my VPS

Please bear with me on this, but I’ll make it as brief as possible.

I’ve got a new VPS running Zpanel which seems to work fine except I’ve just learned the IP address is blacklisted by CBL and Spamhaus ZEN. This appears to be stopping my from sending mail from any account on the VPS as I get a bounceback (eventually) with a message something to the affect of “rejected due to the sending MTA’s poor reputation”.

A quick check at reveals a couple of problems with my VPS:

**1) Does not support TLS**
Your SMTP email server does advertise support for TLS.  After connecting to your mail server we issue an EHLO command to introduce ourselves and to request that your server announce which commands and protocols it supports. Your server's response did not include "250-STARTTLS" indicating TLS support.

**2) Reverse DNS does not contain the hostname**
Some receiving mail servers may use this as an indication of a possible spam source in a scoring system.  Most will not reject incoming mail solely on this basis.

So my questions are:

Will an SSL/TLS certificate solve all my problems? …and… If I put an SSL/TLS cert on the server, do all the other domains on it inherit the protection it offers (or do I need one certificate for each domain)?

Thanks in advance.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Unfortunately, if the IP is blacklisted by CBL and Spamhaus you will likely run into issues even if you set up a TLS certificate. We are actively working to improve the reputation of IP addresses, but many of these services are slow to delist an IP once it has been blacklisted.

If you’re just attempting to send outgoing mail from the server, I strongly recommend using a service like Sendgrid or Mandrill. They both offer free tiers. If that’s not an option, you can recreate your droplet in order to pick up a new IP address. The system attempts to reserve the IP for you if you create a new droplet with the same name as the old one. So in order to ensure that you receive a new IP, create the new one before destroying the old one.