MX records and blocked email

M

Matthew Bradley

Active Member
Reaction score
106
Location
Winder, GA
We have a few clients who still have their email hosted through cheap hosting companies and they constantly have problems with their mail being rejected because the host provider gets put on spam blacklists. Since these clients aren't willing to change hosting providers (they have long term commitments apparently), would moving to Office365 and changing MX records solve this problem? I wasn't sure what IP is getting flagged - the domain IP itself or the mail server being used to send / receiving email.
 
Not sure about Office365 but I would have thought that the domain server would figure in it somewhere - no doubt someone with more experience will be able to answer that one.

I found that one website on my VPS server hadn't been updated properly and had been hacked. It started causing other customers emails to be put on spam lists because the server address had been identified as a spammer. Thankfully it was caught quickly, the site taken off and everything resumed back to normal. Goodness knows what would happen with a cheap shared hosting server.

If the customers have cheap and cheerful hosting, then they have to weigh up "long term commitments" versus service interruptions because of the cheap setup.
 
It's a matter of getting the records setup properly. The problem with low end providers is they do not allow things like SPF records, etc. Moving them to an O365 hosted solution will solve that problem. You can move the email separately from any web hosting.
 
Markverhyden said:
It's a matter of getting the records setup properly. The problem with low end providers is they do not allow things like SPF records, etc. Moving them to an O365 hosted solution will solve that problem. You can move the email separately from any web hosting.
Click to expand...

That's what I was wondering. I just didn't want to go through the hassle of moving their mail over to office365 only to have their email still spam listed because the domain itself was blacklisted.
 
Matthew Bradley said:
That's what I was wondering. I just didn't want to go through the hassle of moving their mail over to office365 only to have their email still spam listed because the domain itself was blacklisted.
Click to expand...

Blacklists typically work by IP address, so when their cheap host is blacklisted it's the IP address that is used to send all of the mail out that gets the red flag. Move them to Office 365 they will appreciate the increased inbound SPAM filtering that is provided by that service as well.
 
You can check blacklists at mxtoolbox.com. It will show you the IP address which is likely a compromised server. One of the many websites being shared on the web server is spamming. It's like living in a bad neighborhood. You yourself might be a solid citizen but you live next to a guy selling crack and the hooker across the street. So it's no wonder when you tell people your address they don't want to come visit you.

Switching to O365 will clean up that issue as well as give you all the major business grade benefits that O365 can provide.

Office 365
  • emails available offline and online
  • sent items/deleted items fully synchronized and visible on all devices
  • mail system independent from web hosting and 99.9% uptime guaranteed
  • supported by most current mobile devices
  • 1 hour response time from support team
  • calendar, contacts, and notes all fully synchronize
  • items (e.g. calendar, contacts, or inbox) can be shared among colleagues
  • Addons like archiving
  • Encryption
  • Office Pro Plus on 5 devices for each user.
  • Onedrive
  • Sharepoint
  • Flow
  • Delve
  • Skype for Business
 
Matthew Bradley said:
That's what I was wondering. I just didn't want to go through the hassle of moving their mail over to office365 only to have their email still spam listed because the domain itself was blacklisted.
Click to expand...

It's more than just records. If their website has been hacked and a rouge email server installed all the records in the world will not fix that.

But many of these cheap sites use virtual hosting with several sites on one IP. So one site is poisoning them all.
 
If you actually control the DNS, you can set up SPF records without much difficulty - basically all they'll say is "IP address 1.2.3.4 is an authorized source for email from this domain." Unless the host controls the DNS, SPF records aren't under the control of the host. In fact, even if you move the email elsewhere (e.g. to Office365 hosted Exchange) you will probably still want to set up SPF records.

However, that probably won't make much difference to your current situation. If it's a shared web host and they're running email on the same box then all that needs to happen to get blacklisted is for one or two other accounts on that same hosting box to be compromised and start sending spam. That could be a website compromise or it could be a compromised email account - all that will matter is that it's traffic coming from that IP.

Running an email server in-house is also an option, but it's not really one I'd recommend unless it's a pretty good-sized client where the per-user cost of O365 or other hosted Exchange would start to approach the cost of installing, updating, maintaining, etc. an in-office server. There are ways to do it less expensively with open-source options like Kolab or third-party options like MDaemon, but when you add up the extra labor and the potential drawbacks it starts to look like "OK, we can save you $200/month by dropping Exchange, but it'll be harder to connect phones to your email, you may have some delivery problems, and you may not have things like shared calendars, etc. unless you're using the webmail interface."

Oh, and self-hosted means they'd have to have a static IP, get reverse DNS (PTR records) configured for it with the carrier, and get that IP removed from the blocklists that simply aggregate all of the IP ranges allocated by carriers to clients (e.g. one of the SORBS lists).

If you're using something like Spamhero for spam filtering, you may also be able to use them as an outbound "smarthost" or set up your email clients to go out through them. This may require an additional fee on top of your regular subscription.
 
1. Check blacklists for the email server
2. Setup SPF record
3. Contact hosting company to help with setting up DKIM record
4. Setup DMARC record

If there are issues with 1 or 3, GSuite or O365 might be their only reasonable option.
 
You must log in or register to reply here.

Similar threads

Rosco
ssl and google workspace issue
Replies
2
Views
322
NviGate Systems
NviGate Systems
Blue House Computer Help
[REQUEST] Edit: Forwarding email to new Google Workspace accounts before re-pointing MX records.
Replies
5
Views
736
Blue House Computer Help
Blue House Computer Help
thecomputerguy
I cannot possibly see how this MX record swap is going to work...
Replies
2
Views
640
thecomputerguy
thecomputerguy
thecomputerguy
What is the correct solution for a vendors SMTP usage to us?
Replies
5
Views
651
Sky-Knight
Sky-Knight
thecomputerguy
Client moved from O365 to Gsuite and got a O365 bounce back?
Replies
6
Views
1K
thecomputerguy
thecomputerguy
Back
Top