I run a mail server on a DO droplet (postfix MTA). A few days ago, Comcast stopped accepting mail from my mail server. It appears that my server is not on their block list (I’ve tried to remove it from their block list, but they tell me it is not on it). Instead, I get the following error when sending to any Comcast address:
Action: failed Status: 5.1.0 Remote-MTA: dns; mx1.comcast.net Diagnostic-Code: smtp; 550 5.1.0 Connection is not being accepted at this time.
This seems to fail after Comcast receives the FROM (my actual domain and IP address removed):
[root@mydomain postfix]# telnet mx1.comcast.net 25 Trying 96.114.157.80… Connected to mx1.comcast.net. Escape character is ‘^]’. 220 resimta-po-26v.sys.comcast.net resimta-po-26v.sys.comcast.net ESMTP server ready EHLO mydomain.com 250-resimta-po-26v.sys.comcast.net hello [MY_IP_ADDRESS], pleased to meet you 250-HELP 250-SIZE 36700160 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-STARTTLS 250 OK MAIL FROM: chad@mydomain.com 550 5.1.0 Connection is not being accepted at this time. Connection closed by foreign host.
A web search shows that I am not the only one having this problem:
https://www.reddit.com/r/digital_ocean/comments/9rypsh/anyone_else_having_issues_sending_email_to/
All of us using Digital Ocean for our mail servers. The OP there even tried creating 2 extra droplets and found the same problem at all of them.
It appears that Comcast is refusing connections if the domain of the FROM address resolves to a Digital Ocean IP address.
Are others seeing this? Does anyone have a good work around other than taking my mail server away from Digital Ocean? Does anyone know of a way to contact Comcast to complain? As I said, I’ve tried submitting their block list form, and they just tell me my IP address is not on the block list.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
Same issue here from SFO2 data center.
Yep, same issue here, but I have a second server which is also on a DO droplet which is still sending to Comcast just fine.
The server being bounced by Comcast is in NYC3 in this NetBlock: CIDR: 45.55.0.0/16 NetName: DIGITALOCEAN-11
This one, in NYC1, can still send to Comcast: CIDR: 198.199.64.0/18 NetName: DIGITALOCEAN-5
<shrug>
I’m having the same issue. My SPF, DKIM, and DMARC settings all seem fine. I tried that webform as well and got the same response of not being blocked.
FYI, mail seems to now be going through to Comcast for me from my DO mail server. I tried submitting for help to their block form 3 times, and contacting @comcastcares on Twitter with no success. I was about to give up, and it just started working.
Interesting. So it’s not all of DO, just some of it. My server that is being bounced is in NYC1 - 208.68.39.0/24.