TurnKey Linux Virtual Appliance Library

Email, TKL and SPAM

Chris Musty's picture

Hi all,

I just wanted to share some experiences with a web/email server I am running through the hub.
I really hope this saves some people some heartache as I have spent all evening figuring a few things out.

Firstly the purpose - I have a client with a 6000+ strong mailing list and sends emails out twice a week every third week ie Mon and Thur on the third week. This correlates with an upcomming auction they hold at the given timeframe (they are an auction house).

I have been impressed with TKLBAM and am now using it for 3 web servers backing up hourly (mostly for testing purposes but its niiice to only have to roll back 1 hour if something goes ape-sh!t). I digress.

I have used Joomla in this case and being bundled with Postfix is a nice easy walk in the park for sending out emails. I anticipated SPAM issues and set about to circumvent those by addig a TXT record in my domain zone manager. 

For a bit of back ground TXT records have been used since 2006? to prevent email spoofing and allot of ISP use this method to block SPAM, quite effectively. I did a test run without the TXT record and got 2500 returns issuing 550 errors - thats a sure sign I was being blocked. So you really need to add this record if you want to stop SPAM and blacklisting (its also called a SPF record).

The story did not end there however, I was still being blacklisted by ISP's who were getting a dodgy senders list from Trend Micro's DUL  and it wasn't until I had a very close look at the entire email source that I realised what was happening.

Then AWS limited my emails going out to 1000 per day, this was going from bad to worse!

Because I had modified the TXT record my emails were comming through as SPF Passed but the reverse DNS lookup was comming through with some huge AWS domain - ARGH! how do I change that!

Trend Micro at this point told me I was blacklisted because I had a dynamic IP - yet I have an elastic IP. Now I am yelling WTF!

Turns out its fairly simple to remedy and this simple request fixes all of the above - reverse DNS, static IP and the email limit on your account entirely.

So in conclusion, if sending bulk emails from a TKL Joomla, Drupal, Wordpress or whatever server on AWS

  • Make sure you configure the TXT record correctly I use "v=spf1 a mx -all" (this basically says allow all A and MX records listed in zone manager to be valid for sending) and ensure your FQDN is setup correctly on the server with a static IP, then ensure your A and MX records are perfect - any discrepancy and you will get an SPF Fail.
  • Make sure you "ask" AWS to be able to send as many emails as you want. While your doing this you can get them to reverse DNS an IP and list you as static with Trend Micro and other SPAM agencies.
  • Limit sending to batches, if using PHP mail function, to 50-100n then wait one minute before the next batch.
  • Windows Sucks

Any questions feel free to ask!

Jeremy's picture

Awesome post Chris!

Thanks so much for posting this Chris! I am totally sure this will be helpful for others. In fact I recall other asking about similar stuff previously but clear answers seemed to be a little light on, so great work! :)

Drew Ruggles's picture

Very Nice Write-Up. Can we get a Wiki page out of it?

Chris,

Nicely done. Supposedly, the documentation on this site is a Wiki. It would be nice to get this info incorporated in to it.

Drew

Jeremy's picture

Done!

I put it under Tutorials / HOWTOs >>  Amazon EC2: How to configure web/email server for mailout/mailing lists

How's that work for you?

PS anytime you come across stuff like that feel free to do it yourself! :)

Chris Musty's picture

next week

i will put aalll my findings into a more lucid format with instructions and examples when i get a chance next week.

Chris Musty

Director

Specialised Technologies

Jeremy's picture

Ooops...

Looks like you posted while I was copy/pasting. Feel free to edit it as you see fit.

Alon Swartz's picture

Excellent write up!

Excellent write up, and very good idea creating a wiki page. I'll be adding a link to it from the Hub's FAQ as soon as I get a chance.

Chris Musty's picture

Sloppy

After answering a question in another thread and checking what I have done here I realised I only half finished the wiki. I will remedy this asap. For now this post is the best guide!

Chris Musty

Director

Specialised Technologies

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account, used to display your avatar.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <strike> <caption>

More information about formatting options

Leave this field empty. It's part of a security mechanism.
(Dear spammers: moderators are notified of all new posts. Spam is deleted immediately)