Checking Email Blacklist and Getting Delisted

What do you do when your email server has been blacklisted and you are unable to send emails to certain domains? It’s best to be proactive and not get on the blacklists in the first place, but in the unfortunate event you do get blacklisted, here are some notes.

Checking Blacklists

First thing is we need to see which lists we are on. There are a couple of services that check multiple blacklists

https://mxtoolbox.com/blacklists.aspx

https://blacklistchecker.com/

These should give you an idea of which ones we need to go request a delisting.

att.net (yahoo.com, bellsouth.net)

AT&T is tricky as they don’t have an online site to show if you are blacklisted or not. They don’t seem very responsive and it can take awhile.

https://www.att.com/esupport/postmaster/

Send an email to “abuse_rbl@abuse-att.net” with your Mail Server IP address, the domain and ask to be delisted. You should get an auto-reply and then they usually will do something about it in 24-48 hours

More information below

https://pinpointe.com/blog/how-to-check-att-blacklist-request-ip-removal/

Other Blacklist

These are all fairly straight forward to check out. Some of them you will need to enter in an email, or maybe set up an account, others are as simple as requesting the IP to be delisted.

http://www.sorbs.net/menu.shtml

https://www.spamcop.net/

https://barracudacentral.org/rbl/removal-request

Send an Email with Node.JS

In this post, we will be using Node.JS and the nodemailer library to send email. We need to have an email account with an email provider to send email. Gmail or some other email provider should work.

Prerequisites

First lets install some tools

sudo apt install nodejs npm

Now lets install nodemailer

npm install nodemailer

Writing the Code to Send Email

Now that we have nodemailer installed, we can write or copy our code. Create a file called maill.js and make it look similar to the following.

// We can pass in the email text as an argument
const emailText = process.argv.slice(2);
// Or we can just have it as a variable
// const emailText = "NodeJS test email message."
console.log("args " + args)

const nodemailer = require("nodemailer");

const transporter = nodemailer.createTransport({
  host: "mail.emailserver.com",
  port: 465,    //  If your email server does not support TLS, change to 587
  secure: true, // If you are using port 587, change to false.  Upgrade later with STARTTLS
  auth: {
    user: "smtpuser@emailserver.com",
    pass: "notpassword)",
  },
});

const mailOptions = {
  from: 'user@emailserver.com',
  to: "touser@email.com",
  subject: 'Test Email using NodeJS',
  text: `${emailText}`
};

transporter.sendMail(mailOptions, function(error, info){
  if (error) {
    console.log(error);
  } else {
    console.log('Email sent: ' + info.response);
  }
});

Update the following variables

  • host: to your host email server
  • user: to the email user that is sending email. It should have an account on the email server
  • pass: password for your email user that is sending the email
  • from: email address that is sending the email
  • to: email account(s) you are sending email to
  • subject: subject of your email

Now we can proceed to send email

Sending Email

We can now run the code by saving our file and running it directly with NodeJS

nodejs ./mail.js "This is the body text for the email"

Hit Return and look for the email. If something went wrong, it should throw an error.

You can change the emailText variable if you would rather have the message body inside the code.

Code Explanation and Notes

A little explanation on the code.

The second line “const emailText = process.argv.slice(2);” is used to pass in a command line argument to use as the text for the body of the email. You can delete the line and uncomment line 4 if you would rather use a variable inside the code.

Your email server should support using SSL/TLS on port 465. If it does not, you may need to use STARTTLS which uses port 587, and then set secure to false. STARTTLS should upgrade the connection to be encrypted. But it’s opportunistic. You can read more about STARTTLS, SSL/TLS here https://mailtrap.io/blog/starttls-ssl-tls/

You can change the “to: ” in the mailOptions object to an array of email addresses to send the email to multiple people at once.

to: ["email1@email.com", "email2@email.com", "etc"],

Enable TLS 1.1 and 1.2 on Windows 7

Windows 7 does not support TLS 1.1 or 1.2 by default. This can be an issue if you are still trying to use Outlook 2010 on Windows 7.

Fortunately there is a way that we can enable TLS 1.1 and 1.2.

First we need to verify that we have the correct Windows update in place. Download the appropriate download and double click it to run.

For 64 bit systems download the update from here

http://download.windowsupdate.com/c/msdownload/update/software/updt/2016/04/windows6.1-kb3140245-x64_5b067ffb69a94a6e5f9da89ce88c658e52a0dec0.msu

or for 32 bit systems

http://download.windowsupdate.com/c/msdownload/update/software/updt/2016/04/windows6.1-kb3140245-x86_cdafb409afbe28db07e2254f40047774a0654f18.msu

After the update is finished, create a new text file (AKA PowerShell Script) with the following contents.

$arch=(Get-WmiObject -Class Win32_operatingsystem).Osarchitecture
$reg32bWinHttp = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
$reg64bWinHttp = "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
$regWinHttpDefault = "DefaultSecureProtocols"
$regWinHttpValue = "0x00000a00"
$regTLS11 = "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client"
$regTLS12 = "HKLM:SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client"
$regTLSDefault = "DisabledByDefault"
$regTLSValue = "0x00000000"

Clear-Host
Write-Output "Creating Registry Keys...`n"
Write-Output "Creating registry key $reg32bWinHttp\$regWinHttpDefault with value $regWinHttpValue"

IF(!(Test-Path $reg32bWinHttp)) {
    New-Item -Path $reg32bWinHttp -Force | Out-Null
    New-ItemProperty -Path $reg32bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
}
ELSE {
    New-ItemProperty -Path $reg32bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
}

IF($arch -eq "64-bit") {
    Write-Output "Creating registry key $reg64bWinHttp\$regWinHttpDefault with value $regWinHttpValue"
    IF(!(Test-Path $reg64bWinHttp)) {
        New-Item -Path $reg64bWinHttp -Force | Out-Null
        New-ItemProperty -Path $reg64bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
    }
    ELSE {
        New-ItemProperty -Path $reg64bWinHttp -Name $regWinHttpDefault -Value $regWinHttpValue -PropertyType DWORD -Force | Out-Null
    }
}

Write-Output "Creating registry key $regTLS11\$regTLSDefault with value $regTLSValue"

IF(!(Test-Path $regTLS11)) {
    New-Item -Path $regTLS11 -Force | Out-Null
    New-ItemProperty -Path $regTLS11 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
    }
ELSE {
    New-ItemProperty -Path $regTLS11 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
}

Write-Output "Creating registry key $regTLS12\$regTLSDefault with value $regTLSValue"

IF(!(Test-Path $regTLS12)) {
    New-Item -Path $regTLS12 -Force | Out-Null
    New-ItemProperty -Path $regTLS12 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
    }
ELSE {
    New-ItemProperty -Path $regTLS12 -Name $regTLSDefault -Value $regTLSValue -PropertyType DWORD -Force | Out-Null
}

Write-Output "`nComplete!"

Save the file as “tls-reg-edit.ps1”

If saving it using notepad, change Save as type: All files (*.*)

Open a PowerShell. Change directories “cd” to the location you saved the above script to. ie. cd Downloads

Run the script with the follow command. Note you will most likely need to hit Y to allow the scripts to run.

Set-ExecutionPolicy Bypass -Scope Process ; .\tls-reg-edit.ps1

After the script runs, you’ll need to reboot your computer.

The script and information was taken from the following link. Thanks cPanel!

https://docs.cpanel.net/knowledge-base/security/how-to-configure-microsoft-windows-7-to-use-tls-version-1.2/

There is also more information at the following Microsoft link.

https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392

How to Send an Email using Telnet

We’ll be using telnet to connect to a mail server and send ourselves an email.

The parts in bold are the commands to enter.

[bob@linux ~]$ telnet mail.website.com 25
Trying mail.website.com...
Connected to mail.website.com.
Escape character is '^]'.
220-mail.website.com ESMTP Exim 4.85 #2 Mon, 09 May 2022 22:12:59 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
HELO domainto.sendfrom.com
250 mail.website.com Hello domainto.sendfrom.com [192.168.1.2]
MAIL FROM: <bob@incredigeek.com>
250 OK
RCPT TO: <bob@incredigeek.com>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
Subject: Test Message

This is a test

.
250 OK id=5a1g7i-1347MT-1p
QUIT
221 mail.website.com closing connection
Connection closed by foreign host.

Further links to read

https://github.com/maildev/maildev/issues/212

Adding Email Disclaimer for Entire Domain on WHM/cPanel

Email Disclaimer

Altermime is a small utility that allows you to append a disclaimer to all outbound emails on a cPanel server.

1. Installing altermime

You should be able to copy and paste the following commands in. You’ll need to be root.

cd /usr/local/src/ 
wget pldaniels.com/altermime/altermime-0.3.10.tar.gz 
tar xvfz altermime-0.3.10.tar.gz 
cd altermime-0.3.10 
make 
make install

2. Setup Disclaimer Text

Create two disclaimer files. One is text and the other is for HTML.

Text file

nano /usr/local/etc/exim/textdisclaimer

Add your disclaimer text.

-------------
incredigeek.com

HTML File

Create the HTML disclaimer file with

nano /usr/local/etc/exim/htmldisclaimer

And add your disclaimer HTML to the file. Example:

<p>
-----
<br />
  <a href="http://www.incredigeek.com">incredigeek.com </a>
</p>

3. Modify Exim Configuration

Now that we have the disclaimer files set up, we can move on to configuring Exim so the disclaimer text gets added to every email sent out.

Open up WHM and go to Exim Configuration Editor -> Advanced Editor

Exim Advanced Editor

A. Configuring Routers Configuration

Find the ROUTERS CONFIGURATION section. We will add some configuration in the “Section: PREROUTERS

Add disclaimer to Single Domain

Paste in the following to add the disclaimer to a single domain. Replace “incredigeek.com” with your domain.

disclaimer:
driver = dnslookup
domains = ! +local_domains
transport = ${if eq {$sender_address_domain}{incredigeek.com}{disclaimer_smtp}{remote_smtp}}
no_more
Add Disclaimer to Single Domain

Add Disclaimer to Entire Server (Optional)

If you would rather apply the disclaimer to the entire server, use the following.

disclaimer:
driver = dnslookup
domains = ! +local_domains
transport = disclaimer_smtp
Add Disclaimer to Entire Server

B. Configure Transports Configuration

Once we have that added we can find the “TRANSPORTS CONFIGURATION” section and under the first “Section: TRANSPORTSTART” add

disclaimer_smtp:
driver = smtp
transport_filter = /usr/local/bin/altermime  --input=- --disclaimer=/usr/local/etc/exim/textdisclaimer --disclaimer-html=/usr/local/etc/exim/htmldisclaimer
size_addition = 1
Add Disclaimer to TRANSPOTSTART

That should be everything that you need. Send a test email to an external email account to verify that it works.

Note that it looks like sending an email locally to email addresses on the same domain or to yourself bypass the filter and do not get the disclaimer added.

The following links were helpful for getting this set up.

https://forums.cpanel.net/threads/howto-footer-disclaimer-in-outgoing-mails.98465/

https://pldaniels.com/altermime/

How To tell if an email on a cPanel server has been read from the command line

All of the emails in the email directories contain one of the following at the end of the filename

$ ls cur/ | cut -d: -f 2 | sort | uniq -c
54 2,               <- Not Read
12 2,ab             <- Not Read
83 2,S              <- Read
61 2,Sab            <- Read

The first two “2, and 2,ab” mean that the message has not been read. The bottom 2 “2,S and s,Sab” mean that the message has been read or “seen?”. Guess that is what the S is for. Not sure what ab is for.

Exim View Email Message by ID

View Email Header

You can view an email message in Exim with the following command and options.

exim -Mvh email-id

Example output

# exim -Mvh 1jTAsw-0101m5-TH
mailnull 47 12
<>
1591431138 0
-received_time_usec .007773
-ident mailnull
-received_protocol local
-body_linecount 109
-max_received_linelength 98
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
larry@incredigeek.com
155P Received: from mailnull by cpanel.server.co with local (Exim 4.93)
id 1jTAsw-0101m5-TH
for larry@incredigeek.com; Sat, 06 Jun 2020 03:12:18 -0500
045 X-Failed-Recipients: bob@incredigeek.com
029 Auto-Submitted: auto-replied
068F From: Mail Delivery System Mailer-Daemon@cpanel.server.co
025T To: larry@incredigeek.com
064 References: 0.0.7.15D.1D63BD03648840.0@slot0.cn-sinosure.com
098 Content-Type: multipart/report; report-type=delivery-status; boundary=1121689138-eximdsn-67139566
018 MIME-Version: 1.0
059 Subject: Mail delivery failed: returning message to sender
057I Message-Id: E3ghaTA-001qN5-Hn@cpanel.host.com
038 Date: Sat, 06 Jun 2020 03:12:18 -0500

View Message Body

You can view the message body with the -b option

exim -Mvb email-id

Example

exim -Mvb email-id 1jTAsw-0101m5-TH
--1231463132-eximdsn-21535482
email message
--1231463132-eximdsn-21535482--

imapsync – NO [OVERQUOTA] Not enough disk quota

msg INBOX/4624 {75129} couldn't append  (Subject:[Email message]) to folder INBOX: Error sending '55 APPEND INBOX (\Seen) "25-Aug-2017 09:12:05 -0600" {75129}': 55 NO [OVERQUOTA] Not enough disk quota (0.001 + 0.000 secs).

To resolve the above problem, check the following

  1. Email mailbox allocated size
  2. cPanel account user Quota

The above problem was due to the fact that the cPanel User Quota was maxed out. Increasing the space allocated to the account resolved the problem.