A few questions regarding my VPS

  • Posted October 24, 2014

Please bear with me on this, but I’ll make it as brief as possible.

I’ve got a new VPS running Zpanel which seems to work fine except I’ve just learned the IP address is blacklisted by CBL and Spamhaus ZEN. This appears to be stopping my from sending mail from any account on the VPS as I get a bounceback (eventually) with a message something to the affect of “rejected due to the sending MTA’s poor reputation”.

A quick check at reveals a couple of problems with my VPS:

**1) Does not support TLS**
Your SMTP email server does advertise support for TLS.  After connecting to your mail server we issue an EHLO command to introduce ourselves and to request that your server announce which commands and protocols it supports. Your server's response did not include "250-STARTTLS" indicating TLS support.

**2) Reverse DNS does not contain the hostname**
Some receiving mail servers may use this as an indication of a possible spam source in a scoring system.  Most will not reject incoming mail solely on this basis.

So my questions are:

Will an SSL/TLS certificate solve all my problems? …and… If I put an SSL/TLS cert on the server, do all the other domains on it inherit the protection it offers (or do I need one certificate for each domain)?

Thanks in advance.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Unfortunately, if the IP is blacklisted by CBL and Spamhaus you will likely run into issues even if you set up a TLS certificate. We are actively working to improve the reputation of IP addresses, but many of these services are slow to delist an IP once it has been blacklisted.

If you’re just attempting to send outgoing mail from the server, I strongly recommend using a service like Sendgrid or Mandrill. They both offer free tiers. If that’s not an option, you can recreate your droplet in order to pick up a new IP address. The system attempts to reserve the IP for you if you create a new droplet with the same name as the old one. So in order to ensure that you receive a new IP, create the new one before destroying the old one.