A few questions regarding my VPS

October 24, 2014 1.2k views

Please bear with me on this, but I'll make it as brief as possible.

I've got a new VPS running Zpanel which seems to work fine except I've just learned the IP address is blacklisted by CBL and Spamhaus ZEN. This appears to be stopping my from sending mail from any account on the VPS as I get a bounceback (eventually) with a message something to the affect of "rejected due to the sending MTA's poor reputation".

A quick check at http://mxtoolbox.com/ reveals a couple of problems with my VPS:

**1) Does not support TLS**
Your SMTP email server does advertise support for TLS.  After connecting to your mail server we issue an EHLO command to introduce ourselves and to request that your server announce which commands and protocols it supports. Your server's response did not include "250-STARTTLS" indicating TLS support.

**2) Reverse DNS does not contain the hostname**
Some receiving mail servers may use this as an indication of a possible spam source in a scoring system.  Most will not reject incoming mail solely on this basis.

So my questions are:

Will an SSL/TLS certificate solve all my problems?
If I put an SSL/TLS cert on the server, do all the other domains on it inherit the protection it offers (or do I need one certificate for each domain)?

Thanks in advance.

1 Answer

Unfortunately, if the IP is blacklisted by CBL and Spamhaus you will likely run into issues even if you set up a TLS certificate. We are actively working to improve the reputation of IP addresses, but many of these services are slow to delist an IP once it has been blacklisted.

If you're just attempting to send outgoing mail from the server, I strongly recommend using a service like Sendgrid or Mandrill. They both offer free tiers. If that's not an option, you can recreate your droplet in order to pick up a new IP address. The system attempts to reserve the IP for you if you create a new droplet with the same name as the old one. So in order to ensure that you receive a new IP, create the new one before destroying the old one.

  • Thanks,

    To save me setting everything up again, if I create a new droplet with the latest backup of my existing VPS (because all my sites and Zpanel are already setup on it) I should get a new IP address?

    And if I then test the IP and it's not blocked by CBL and Spamhaus ZEN then everything should be cool?

    Repeat this process until I get an IP that is not blocked?

  • That's correct. :)

  • Thanks kamaln7.

    That's both good news and depressing at the same time. Hopefully I stumble on a good IP sooner than later.

Have another answer? Share your knowledge.