One of the mail servers I’m administrating has problems deliving emails to addresses at @Hotmail.com, @live.com and @msn.com.
That’s quite irritating especially when all of the other major mail servers, Yahoo Mail, Gmail etc. do accept my qmail server messages in their Inbox.
Every email that is addressed to for example hotmail.com is returned back to my sender folder with the message:
Remote host said: 550 SC-001 Unfortunately, messages from 83.170.105.141 weren't
sent. Please contact your Internet service provider since part of their network is
on our block list. You can also refer your provider to
http://mail.live.com/mail/troubleshooting.aspx#errors.
Right after my mail server delivery problems were reported by one of my colleagues, the first step I took was check if my mailserver is listed in some of the major email blacklist databases on the address:http://www.mxtoolbox.com/blacklists.aspx
By opening the above url in a browser and putting a server IP, I was unpleasently notified that my mail server let’s call it with the fiction name mail.server.com is existing in the Spamcannibal blacklist dabase . Spamcannibal as most of the blacklist databases.
To completely reassure myself my server host IP is in spamcannibal, I’ve used spacannibal’s website whois on the urlhttp://www.spamcannibal.org/cannibal.cgi.
Of course this proofed one more time I’m listed in spamcannibal… Thanksfully spamcannibal has a contact form which can be used to delist an IP address from their blacklist right from their website.
After a day of waiting my server IP was removed from spamcannibal blacklist and therefore using the mxtoolbox.com’s website mail server blacklist checker I’ve assured myself the mail server is no longer in the most notable spam blacklist on the net.
I’ve gave another try to deliver an email to my hotmail mail account myaccount@hotmail.com . The mail delivery was unsuccesful again, the qmail failure notice daemon returned my sent email to my myaccount@hotmail.com once again with the error of:
Hi. This is the qmail-send program at mail.server.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<myaccount@hotmail.com>:
Connected to 65.55.92.136 but sender was rejected.
Remote host said: 550 SC-001 Unfortunately, messages from 83.170.105.141 weren’t
sent. Please contact your Internet service provider since part of their network is
on our block list. You can also refer your provider to
http://mail.live.com/mail/troubleshooting.aspx#errors.
— Below this line is a copy of the message.
….
The situation by so far was that I knew for sure my qmail mail server IP is not listed in major spam black lists, but still i couldn’t say for sure that there was no minor blacklist where my ip figurates, neither I was completely sure about the exact requirements microsoft expects from my mail server.
Some of the presumed reasons which could think of could be the cause the hotmail mail delivery failure errors were as follows:
1. My mail server IP had no correct A domain name record or a PTR record
2. My mail server was missing a correct SPF record
3. My dedicated server ISP has some blacklisted dedicated server IPs which belong to the same IP range as the mail server
I’ve walked through each of the 3 expected reasons that might cause the failure but it appeared that my mail server was configured to fullfil each of the 3 aforementioned requirements.
To assure myself each of the failure reasons were untrue I issued the commands:
linux:~# host mail.server.com
mail.server.com has address 1.2.3.4
linux:~# host 1.2.3.4
1.2.3.4.in-addr.arpa domain name pointer mail.server.com.
linux:~# host -t TXT mail.server.com
mail.server.com descriptive text "v=spf1 mx ptr mx:server.com mx:mail.server.com mx:mail2.server.com -all"
Also I used the kitterman.com‘s SPF Query Validation tool located on http://www.kitterman.com/spf/validate.html to make sure my mail server SPF record is correct.
Another way to check if a mail server SPF records are correct is by sending a test email to for gmail.com and check in the email headers.
(To check the email headers in Thunderbird you can press ctrl+U)
When the email source appears look for the field Received-SPF: pass (google.com:….
If the field says pass this means your mail server SPF is fine, if it reads uknown or something different this means it’s not fine.
Next you will have to call your ISP and have a tech conversation with the tech support.
As nothing of the above assumed possible failure was checked and I was sure the email server is not affected by them
Further on logically enough I’ve pointed my browser to the http://mail.live.com/mail/troubleshooting.aspx#errors which which was prescribed in the reject email returned from hotmail’s mail server.
On that URL I red the meaning of the Remote host said: 550 SC-001 , Here is what it says:
550 SC-001 Mail rejected by Windows Live Hotmail for policy reasons.
Reasons for rejection may be related to content with spam-like characteristics
or IP/domain reputation. If you are not an email/network admin please contact
your Email/Internet Service Provider for help.
Ain’t helpful is it??! Well I think Microsoft has a tradition of unhelpful manuals and documentation since the yearly days so that hotmail mail server error code explanation wasn’t that unexpected 😉
As I was out of ideas, I joined irc.freenode.net and asked for help in #exim irc channel.
Thanks God, there was a guy with an alias cannonball who gave me a good hints which I followed.
First he suggested that I see and join Microsoft’s (Smart Network Data Services) they’re located on https://postmaster.live.com/snds/index.aspx
Thanksfully the Smart Network Data Services could be accessed with my hotmail mail account, credentials, but after logging in to give me a real access to the site content I had to confirm, I’m a legit person and provide an legit email address where I can receive the confirmation.
As this went by in the https://postmaster.live.com/snds/addnetwork.aspx I had to use the buttons Requert Access, View IP Status and View Data to check the status of my mail server IP address 1.2.3.4
After all this struggle in 1. Requesting Access to my IP, View IP Status and View Data I finally found out the guess what unexpected fact that Microsoft’s mail servers has blacklisted my mail server IP Address!, How unexpected was that, heh ?!
So to sum up all this effort of registering in Microsoft SNDS gave me not any further clue on what I can change in my qmail mail server installation to make the user emails deliver to @hotmail.com.
After a bunch of investigation on the net, I’ve found another post which discussess issues with the 550 SC-001 error reason for a failed mail server deliveries to microsoft mail services.
Thanks God the post I’ve found pointed out that Microsoft has an Eform for delisting / removing spam black listed mail server IPs not able to deliver to hotmail and live.com
Click over the link above and you will be pointed to Microsoft’s annoying Eform for IP removal from their spam blacklist
The form needs to be filled and after that you can start praying to God to be merciful and push up Microsoft to have a good will and remove your IP from their mail spam blacklists.
The form filling takes about 20 minutes, there are plenty of information you will have to fill in the form but try to be as concrete as possible!
All the form fields are with (*) – asterisk and therefore are a required fields. After I filled up the irritating form, I’ve faced the horror of Microsoft’s Captcha!!!
Honestly I haven’t seen a more bad captcha in my life, I can’t read anything on it, neither I can perceive what word or number it is nor I can grasp whether the captcha shown letter is lower or capital… it’s really a terrible CAPTCHA I tell you! so beware and try to put all your patience in while filling it in.
What made it even worser this damned Microsoft’s IP removal form was the fact that it doesn’t work at all with Opera and Epiphany browsers.
I tried initially to use Epiphany and Opera to post the shitty form but it was no go, it could not post!!!
Thank you Microsoft for making your form a platform incompatible, I know you’re really good in that!
I finally launched IceWeasel (Firefox) and filled in the boring form once again and Thanks God this time it was properly posted as you read below:
Sender Information for Hotmail Delivery
E-mail SupportE-mail Support
Thank you for submitting your issue to Support.
Your Support Ticket Number:1151722088
For reference, please print this page or write down your support ticket number. Use this number when communicating with Support about this issue.
To make sure that you can receive a reply from Microsoft, add the “microsoft.com” domain to your e-mail “safe list”. If you do not receive a response in your “inbox” within 24 hours, check your “bulk mail” or “junk mail” folders.
Print the page? 😉 I guess Microsoft are not very green company as they suggest you to print it out ? 😉
Now I’m stuck into waiting and hoping that my removal request will be regarded and in a couple of days of time I’ll either hear a word from Microsoft’s tech support or directly get unbanned from their spam black list…. Pfuuu
How to add OpenID functionality to WordPress Comments / What is OpenID?
Tuesday, February 14th, 2012I've recently decided to add Comment as OpenID functionality to my wordpress blog. The reasons to do that is that I myself have today created an OpenID account. Already million of people have OpenID account without even knowing. Most major search engines and social websites like Google, Yahoo, Live Journal, Hyves, Blogger, Flicker, MySpace automatically creates an OpenID account for newly registered users.
It is up to the user to check with each of the aforementioned providers what is the URL of their OpenID account.
Even though OpenID popularity is steadly rising, I'm sure there are still plenty of users who did not heard, used or noticed OpenID yet.
So What the heck is OpenID?
For all those who still haven't heard about it, OpenID is a universal web site login system With just one "unified" OpenID account the user can login to multiple websites with no need to create multiple accounts across each and every different website on the internet.
The only requirement for the user to be able to use OpenID is that the website in question to have (support) for OpenID credential and the user to have existing OpenID account.
Therefore using one single OpenID you can sign in as a certain user to multiple websites on the internet with no need for annoying registration process to each and every new website you encounter. Another benefit OpenID gives to the user is that you don't have to memorize or keep notes of a tens or thousands of different login accounts across the many different websites on the net.
Using OpenID also saves the user from troubles with forgotten password or username as just one OpenID login is used to login you everywhere.
For WordPress blogging platform the Russian Igor Korolev, has written a wordpress plugin – comments-to-wordpress . This plugin adds support for OpenID authentication in WordPress comments.
Here is how to OpenID to WordPress:
1. Download the comments-with-wordpress plugin and unzipAs of writting of this article latest comments-to-wordpress plugin is ver. 1.4.
Download the plugin to blog path directory lets say, /var/www/blog/wp-content/plugins/ and unzip:
# cd /var/www/blog/wp-content/plugins
# wget http://downloads.wordpress.org/plugin/comments-with-openid.zip
...
# unzip comments-with-openid.zip
...
I've also done a mirror for download of comments-with-openid 1.4 here
2. Enable Comments with OpenID wp plugin
Next the plugin has to be Enabled, just like any other wordpress plugin via admin menus:
Plugins -> Inactive -> Comments with OpenID (enable)
Once the plugin is enaabled it is necessery to add some code with a text editor in file /var/www/blog/wp-content/themes/default/comments.php
Small noet to make here: If you're not using the default WordPress theme (like I do), you will have to edit the /themes/your-theme-name/comments.php instead.
Inside the file look for the form input fields:
<p> <input type="text" name="author" ....
...
<p> <input type="text" name="email" id="email" ....
...
<p> <input type="text" name="url" id="url" ....
...
Before the html tags code:
Paste the following code:
<?php comments_with_openid(); ?>
Save the comments.php file and you Identification for new comments with OpenID will appear in your wordpress Comments form.
The OpenID plugin will add a number of service OpenIDs to choose between like you can see in my blog's plugin section or the screenshot below:
The URL https://www.google.com/accounts/o8/id is just a sample and showed because I clicked on the Google icon. If you have a Google profile you can check the exact ID and use it as URL there. Simply if your browser is logged in Gmail and you have Google profile. OpenID should work. As you can see the plugin supports a number of services which already support OpenID auth, the list of services can be easily extended by adding minor changes in …/plugins/comments-with-openid/comments-with-openid.php
There is also another wordpress plugin with the openid name – http://wordpress.org/extend/plugins/openid/
Downloading and enabling the other openid plugin also adds support for OpenID login in your http://your-url.com/wp-admin/ login page.
Installing the OpenID plugin is needed especially if you're a blogger blogging on 5 or 10 different topic oriented blogs, once downloading and installing the OpenID plugin will allow you to login across the blog ring without loosing time or bothering to remember different passwords across all the blogs. Here is a screenshot of the /wp-admin wordpress login page with the OpenID wp plugin enabled:
As of time of writting according to http://openid.net/get-an-openid/what-is-openid/'s website there are over 50000 major websites on the net already accepting OpenID login.
Of course as every technlogy OpenID is not perfect and along with its convenience in some cases it could impose security hole. OpenID opponents claim under some circumstances OpenID is prone to forgery, XSS (cross site scripting) and XSFR attacks. Everyone who is about to use OpenID should be also aware of the great security risk it impose if one OpenID account gets stolen through sniffing, this could mean multiple websites can be accesses with the one single OpenID by the malicious user and a lot of confidential data owned by the user can be revealed or deleted …
With this said I think OpenID is not a recommended login technology for Windows users, as windows is famous for being vulnerable to so many Viruses and Spyware/Malware etc..
With non-free software OSes like MS Windows, the user never cannot for sure if the system is infected, hence using OpenID to transfer credentials over the internet or store an OpenID SSL/(TLS) certificate to identify in websites is TOO DANGEROUS!
Hope this article was helpful. Cya
Tags: authentication, Auto, benefit, code, Comment, Draft, file, functionality, google, hyves, igor korolev, Journal, login, login accounts, major search engines, need, openid, password, php, platform, plugin, popularity, quot, Russian, Search, support, tens, text, type, universal web, url, username, wget, what the heck, Wordpress, writting, Yahoo
Posted in System Administration, Web and CMS, Wordpress | 2 Comments »