[Email] Reverse DNS 관계

외국계 메일 서버는 Reverse DNS 가 되지 않는 Email 서버를 유해 서버로 판단하고 Drop 한다. 

이 경우 다음과 같은 리턴 메일을 받을 수 있다.

    **********************************************

    **      THIS IS A WARNING MESSAGE ONLY      **

    **  YOU DO NOT NEED TO RESEND YOUR MESSAGE  **

    **********************************************

The original message was received at Tue, 17 Jan 2017 16:08:17 +0900 from [10.22.12.97]

   ----- Transcript of session follows ----- ... while talking to abc.com.:

>>> STARTTLS dialogue

<<< 550 Service unavailable; Client Host [123.123.123.123] blocked using Trend Micro RBL+. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=123.123.123.123

451 4.4.1 reply: read error from abc.com.

<kkk@abc.com>... Deferred

Warning: message still undelivered after 30 minutes Will keep trying until message is 5 days old

http://www.mail-abuse.com/cgi-bin/lookup?ip_address=123.123.123.123

을 조회하면 

IP: 123.123.123.123

Reputation: Bad

Listed in: DUL

Feedback: Request to be removed from the global blocked list

와 같은 결과를 얻는다.

Request to be removed from the global blocked list 를 수행하는데 Reverse DNS 가 등록되어 있지 않으면 다음과 같은 회신을 받는다.

123.123.123.123 is listed on the Trend Micro Dynamic User List (DUL) because it appears to be an IP address not clearly labeled as static.

This email is designed to help you solve the problem. 

If you are an ISP, you can

1. Add the rDNS of this IP to clearly indicate static.

ex: mail.mail-abuse.com (O)

   99-47-70-150.dynamic-IP.mail-abuse.com (X)

2. Add a statement in WHOIS information indicating the space is

   statically assigned.

If you are an end user, please check your email configuration  (STEP 1 below). If that does not stop the IP from being blocked, you can contact your ISP for further action (STEP 2 below).

STEP 1: CHECK YOUR EMAIL CONFIGURATION

Here are two things to check about your mail configuration:

Email Client

============

Check that the Outgoing Mail Server (SMTP) setting on your email client (such as Outlook Express or Mail) is using the outgoing mail server for your ISP. Most ISPs require that you use their mail server to avoid spamming incidents.

Email Server or Proxy Server

============================

If you run a mail server on your computer, or if your local network uses a proxy server, set the SMTP Gateway setting on the mail server or proxy server to your ISP's outgoing mail server. This will force your mail server or proxy server to send all outgoing mail to the ISP first, and then the ISP will relay it to its final destination.

====

Note: If you are a RoadRunner business customer, you may need to contact your ISP to get your business IP marked as static. They will then let Trend know of the change.

STEP 2: CONTACT YOUR ISP

If the step above does not solve the blocking issue, the rDNS for the IP may need to be corrected to clearly indicate it is a static IP.

Trend's Spam Investigations team can work with your ISP to solve the problem. You can find the correct email address to use when contacting your ISP to use by going to the following web page and typing in your IP address:

http://ip-lookup.net/

Then click on the Domain owner info (Whois /Abuse) link and look for an email address. You can use this address to contact your ISP and ask them to work with Trend Micro.

The ISP can start this process by sending an email from their Domain owner email address to dul@mail-abuse.com.

Thank you for contacting Trend Micro and we hope this email has helped you to resolve the IP blocking issue.

Kind regards,

Spam Investigation Team

Trend Micro, Inc.

https://ers.trendmicro.com/

즉, 고정 IP로 Reverse DNS 를 등록해야 한다는 것이다.

Reverse DNS 는 사용하고 있는 회선의 사업자(ISP)에게 요청해야 한다.

또한 고정 IP 인 경우에만 가능하다.

KT의 경우 http://dms.kornet.net 에 계정 신청하고 게시판에 등록하여 신청하여야 하는데 여기 홈페이지가 무지 예전에 만들었는지 브라우저 호환성 문제 등이 많이 발생한다. KT 의 경우 02-764-5566로 전화를 겸하는 것이 빠르다.

Reverse DNS 가 등록되면 http://ip-lookup.net/ 에 IP를 조회하면 host 에 해당 DNS가 보인다.

이 상태에서 다시 요청하면 처리될 것이라는 메일을 받는다.

Thank you for contacting Trend Micro. Your message regarding WWW remove for 123.123.123.123 has been assigned a ticket ID of [MAPS #123456].

Please include that string in the Subject: header of any future correspondence with Trend Micro.

Single IP Removal Requests

==========================

If you are requesting that a single IP address be removed from the DUL, please wait for a follow-up response from the Trend Micro Spam Investigations (SI) team.

Most requests are handled automatically within 1 hour of being submitted to Trend. 

NOTE: If you do not agree with the automated response, then please email a response back to us and the ticket will be handled by a human being for followup.

Please remember, the fastest response is received when you use the IP Lookup Tool to check an IP and submit a

request: http://www.mail-abuse.com/cgi-bin/lookup

ISP Updates and Removal Requests

================================

If you are an ISP or IP space owner providing us with an update to your assigned IPs, we try to provide a first response back to you within 1 working day. 

Other Requests

==============

If your request is not covered above, we will work on the ticket and contact you as needed to resolve the issue.

Thank you!

Trend Micro Spam Investigations Team

DNS 변경은 여러 서버의 캐쉬등이 영향을 미칠 수 있으므로 시간이 조금 걸릴 수 있다. 하루는 지나야 안정적으로 확인이 가능할 듯.

다음 이메일을 보내도 되더라.

From: Prince via RT [mailto:dul@mail-abuse.org] 

Sent: Wednesday, January 18, 2017 4:17 PM

To: qahuni@abc.com

Subject: [MAPS #874836] DUL Removal for 123.123.123.123

Hi,

IPs are already removed.

Note it may take up to 24 hours for the changes to fully propagate out to all our customers. Please let us know if you have any questions.

Kind regards,

Spam Investigation Team

Trend Micro Inc.

--------------------------------------------------------------------------------------

From: 홍길동 [mailto:qahuni@abc.com] 

Sent: Wednesday, January 18, 2017 2:23 PM

To: 'dul@mail-abuse.org'

Subject: DUL Removal for 123.123.123.123

The RDNS for 123.123.123.123 has been applied to rDNS. I would like to request removal of this IP from the DUL.