Hughesnet Community

554 5.7.1

cancel
Showing results for 
Search instead for 
Did you mean: 
ccpanel
New Member

554 5.7.1

When sending email out of eudora on hughes internet service, all emails to both yahoo.com and gmail.com get bounced.

 

these are legit emails to family.

single, original emails, not forwards, not spam.

 

there is no outgoing signature, no attachments(service is SLIGHTLY faster than dialup)

 

this happens irregardless of address book or direct typing.

 

a bit of goggling and I see that hughesnet.com has an atrocious rating and is most likely blacklisted on those servers.

 

It is also possible and likely that hughes/eudora might be using TLSv old version instead of new.

 

https://knowledge.broadcom.com/external/article/155061/smtp-code-554-571-and-the-message-is-rej.html

Possible scenarios:

  • The IP address has been included in a Real-Time Blacklist due to Spam coming from your domain.
  • Your domain or IP address has been blacklisted by the recipient.

 

this site;

http://multirbl.valli.org/lookup/hughesnet.com.html

clearly shows huighesnet is blacklisted on 3 servers, failed on 1, listed on 1 other.

This assumes if theres 1 fault, there must be others.

and since neither gmail or yahoo are even available to be checked-they are probably blacklisting too.

 Testing other domainas yeilded zero fails.

 

this site

https://mxtoolbox.com/problem/mx/dmarc-policy-not-enabled?page=prob_mx&action=mx:hughesnet.com&showl...

says "No DMARC Protection" and all I know about that is goggle... but apparently hughes doesnt have the right settings.

 

https://mxtoolbox.com/SuperTool.aspx?action=mx%3ahughesnet.com&run=toolpage

 

when I check the ip;

https://www.spamrats.com/lookup.php?ip=********

Does IP Address comply with reverse hostname naming convention... Failed!

RATS-Dyna - On the list. Worst Offender Alert.

This is a Worst Offender Alert and this means that not only this IP address, but the whole class 'C' is also on the indicated SpamRats List. Usually this means the whole range has the same issue of naming conventions or no reverse DNS AND that many IP's from this Class C have been used in Spam Attacks, Dictionary attacks or other forms of attacks, as detected by Mail Servers in the Data Collection Grid. You will NOT be able to use the removal form to remove your IP Addresses. If you have recently been assigned the IP Addresses, or have changed what these IP Addresses are used for, you can use the contact form and ask for a reclassification, but you will have to provide full disclosure, including whois for the ip addresses, your affiliation with the company that owns them, and a description of what the IP's were previously used for, and what they will be used for, in order for a Spam Auditor to consider reclassification. Remember, the majority of the IP's in this space WERE detected as being involved in some form of attack or abusive behaviour, so you had better have a good reason to ask for removal, and you need to own or control the IP addresses, as evidenced by ARIN whois.

 

  • We are sorry that we cannot remove your IP address at this time. This IP Address appears to be designated as a 'dynamic' IP Address.
  • Only the ISP or company that has control over the IP Address may request a removal.
  • Being listed on SpamRats should not affect you in any way, or your ability to send email through your email provider. If it does, and you get a bounce message, it is much more likely that this is a problem with your email client configuration.
  • Please contact your ISP to address this issue.

 

this is from a computer of a virus free 80 year old lady(mom)

 

 

1 ACCEPTED SOLUTION

Too much information posted here, so I'll just deal with the pertinent issue:

1. HughesNet has many users on a contracted email server, so DKIM isn't going to be feasible.

2. They have a DMARC policy and a published SPF record in the DNS record, it's just set up to soft fail for anything not in their passable IP spec.

 

The problem is the soft fail. They know about it. They also know about the TLS issue. As I said, they use a subcontracted email server, so they're at their mercy.

 

If this is a problem, I recommend getting your own gmail (or other free email account) and use that instead.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.

View solution in original post

5 REPLIES 5
ccpanel
New Member

heres the redacted full fail email bounce;

 

On Sunday, November 1, 2020, 07:09:02 PM CST, *> wrote:
 
 
SMX-Results: classifications=clean
x-binding: postmig.hughes.net
X_CMAE_Category: 0,0 Undefined,Undefined
X-CNFS-Analysis: v=2.1 cv=eeudB+wH c=1 sm=0 tr=0 
a=7EUpco2kou8R3+YclCVmDA==:117 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 
a=s5jvgZ67dGcA:10 a=KGjhK52YXX0A:10 a=afefHYAZSVUA:10 a=pGLkceISAAAA:8 
a=RjnGT0qymAG9YVMVa8kA:9 a=_8t50pCI6oYA:10 a=pOfvU1qiAAAA:8 
a=h7xUtXWKvlL9-eM2ISsA:9 a=HwP9BBoVAAAA:8 a=K-v-2zaBAAAA:8 a=hEh3JUyyAAAA:8 
a=JOTxZxH5rwjyr02B3CUA:9 a=GYYCrG5mmoTx1AJ-63yv:22 
a=wkYxKhw-HeU8SOjXaEtz:22 a=q2aDPwXDRxExA5do78dt:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results: mx01.hughes.cmh.synacor.com 
header.from=postmaster@hughes.net; sender-id=softfail
Authentication-Results: mx01.hughes.cmh.synacor.com 
smtp.mail=@smtp02-forward-2.daemonmail.net; spf=neutral; sender-id=neutral
X-Best-Tracker:
X-Virus-Scanned: Debian amavisd-new at mxwin07.daemonmail.net
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=10
    tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001]
    autolearn=ham autolearn_force=no
From: Mail Delivery System <postmaster@hughes.net>
To: w*g
Subject: Mail Delivery Failure
Date: Wed, 21 Oct 2020 11:58:39 -0400
 
This message was created automatically by the mail system (ecelerity).
 
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
 
>>> *@gmail.com (reading confirmation): 550 5.1.8 Invalid mailbox
Reporting-MTA: dns; smtp.hughes.net
Arrival-Date: Wed, 21 Oct 2020 11:58:39 -0400
 
Remote-MTA: dns; 129.213.66.119
Diagnostic-Code: smtp; 550 5.1.8 Invalid mailbox
Final-Recipient: rfc822; *@gmail.com
Action: failed
Status: 5.1.8
Last-Attempt-Date: Wed, 21 Oct 2020 11:58:39 -0400
------ This is a copy of the headers of the original message. ------
 
Return-Path: <w*g>
x-binding: smx_relay
X-Authed-Username: d29vZHNvbjE5MjdAaHVnaGVzLm5ldA==
X_CMAE_Category: 0,0 Undefined,Undefined
X-CNFS-Analysis: v=2.1 cv=CqEfCiMD c=1 sm=0 tr=0 
a=TNn/E7rXHaBL7SaPLGSxeA==:117 a=TNn/E7rXHaBL7SaPLGSxeA==:17 
a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=8nJEP1OIZ-IA:10 
a=HwP9BBoVAAAA:8 a=a0xGtHLcbs11TVhAxx0A:9 a=wPNLvfGTeEIA:10 
a=wkYxKhw-HeU8SOjXaEtz:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
Authentication-Results: smtp02.hughes.cmh.synacor.com 
header.from=wo*rg; sender-id=neutral
Authentication-Results: smtp02.hughes.cmh.synacor.com 
smtp.mail=w*rg; spf=neutral; sender-id=neutral
Authentication-Results:  smtp02.hughes.cmh.synacor.com 
smtp.user=w*@hughes.net; auth=pass (LOGIN)
Received-SPF: neutral (smtp02.hughes.cmh.synacor.com: 67.45.112.32 is 
neither permitted nor denied by domain of customclassics.org)
Received: from [67.45.112.32] ([67.45.112.32:60007] 
helo=M-PC.customclassics.org)
    by smtp.hughes.net (envelope-from <w*rg>)
    (ecelerity 2.2.3.49 r(42060/42061)) with ESMTPA
    id D7/92-31042-9AA509F5; Wed, 21 Oct 2020 11:58:37 -0400
X-Sender: w*@hughes.net@mail.hughes.net
X-Mailer: QUALCOMM Windows Eudora Version 6.0.1.1
Date: Wed, 21 Oct 2020 08:51:44 -0700
From: w*n <w*g>
Subject: Re: W*n T-shirt
In-Reply-To: <CAM6bGPxWwbcr7CTk5q6q68StFFFmAhFjD9Yu89Mc+6aXSwS+JA@mail.g
  mail.com>
  <CAM6bGPxWwbcr7CTk5q6q68StFFFmAhFjD9Yu89Mc+6aXSwS+JA@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"; format=flowed
Content-Transfer-Encoding: quoted-printable
 

and of course-the emails attempted are full legit emails.

 

also-when sending to teh yahoo, it said -failed to login and wouldnt send.

 

successfull sends to other domains before, during, and after other fails.

This IP has been flagged because it is dynamic or by suspect to be domestic use only.

If you are running an email service on this IP, ask ISP to change the rDNS.

The removal of this IP from this blacklist depends on change of rDNS to match the FQDN of the mail server.

 

 

apparently hughesnet doesnt do this;

 

 

  • Sign messages with DKIM. Gmail doesn't authenticate messages signed with keys that use fewer than 1024 bits.

  • Publish a SPF Record.

  • Publish a DMARC policy.

Too much information posted here, so I'll just deal with the pertinent issue:

1. HughesNet has many users on a contracted email server, so DKIM isn't going to be feasible.

2. They have a DMARC policy and a published SPF record in the DNS record, it's just set up to soft fail for anything not in their passable IP spec.

 

The problem is the soft fail. They know about it. They also know about the TLS issue. As I said, they use a subcontracted email server, so they're at their mercy.

 

If this is a problem, I recommend getting your own gmail (or other free email account) and use that instead.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.