I give most explications because i need response : all mail from outside arrive to scrollout server and then are transferred to my email server all mail from inside are sended out from my email server via scrollout server It seems that scrollout analyze messages from inside to outside. It is a problem because some mails are tagged as spam !!! And it is false !!! How can I solve this problem ?
Hi, How to set log for mail.log rotate every week with file size 500M and keep 5 copy? Does anyone notice this? My mail.log keep bigger and it's rotate. Please advise. Thanks.
Hello, My scrolloutf1 certificate is about to expire. What will happen if I let it expire? I do not have access to CLI since old IT employee did not give the password. Or, can I renew it via GUI? please help.
By default, it will block spam email. For further detail, you can check from log /var/log/mail.log.
Just found it. /etc/amavis/conf.d/05-node_id and /etc/mailname
I think explore where to change it. Seems developer also not sure where to change it.
Hi, How to prevent scrollout to stop to analyze emails from my users when they send a outbound mail ? It seesms that trust network is not for this ... Regard -- Hervé HÉNOCH RSI Tél. : +33 4 90 27 57 44 h.henoch@isc84.org h.henoch@isc84.org /250, chemin de Baigne-Pieds – 84 000 Avignon/ /www.institut-sainte-catherine.org/ http://www.institut-sainte-catherine.org/
Hi, Please refer from image. I need to change it. Please advise where i need to change.
Good day everyone. Please help me. Old IT guy got banned and I'm left with the mail server including scrolloutf1 gateway. im new to this. I have problem. As per checking, the certificate is about to expire next week. I cannot access the server cli as old IT forgot pass or just ddnt want to give to us. Now, can i renew certificate only in gui? If yes, please teach me how. Will be much appreciated.
Hi, I have a licensed Bitdefender Endpoint Security Tools which is the commercial name for the latest endpoint security solution for this vendor. It runs on win, mac, ... and linux. I would like to use it alongside clamav as it have some additionnal security modules like real-time cloud analysis, remote analysis and sandbox detonation, ... I tried to integrate it but failed; maybe the returned codes are unknown to Scrollout F1. Could someone help me integrate BEST with Scrollout F1 alongside calamv...
dear Marius Intrestingly I added my IP to the Firewall allo list and it was fine from then onwards However I followed your advice, so its double save so or so - thanks for your support KR Oliver On 04.01.2021 at 07:37, in message /p/scrollout/discussion/1102835/778babadffc89435430d045eb636cfc7d12df1ac.discussion@scrollout.p.sourceforge.net, "Marius Gologan" mariusegologan@users.sourceforge.net wrote: Most probably the issue is caused by fail2ban blocking your IP. You can whitelist in /etc/fail2ban/jail.local...
Most probably the issue is caused by fail2ban blocking your IP. You can whitelist in /etc/fail2ban/jail.local ignoreip = add your IP (in CIDR format) here.
replace xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx with [your first IP]-[your last IP]
thanks
Sorry - I found the problem solution while writing the above --> if you are not using the "default private IP Ranges such as 10.x.x.x. or 192.168.x.x. or 172.16.x.x you have to add your IP Range as Trusted Range as follows sudo iptables -A INPUT -p icmp -m iprange --src-range [your ip Rang in format xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx] -j ACCEPT. sudo iptables -A INPUT -p tcp -m multiport --dports 22,25,80,443,143,993,465,587 -m iprange --src-range [your ip Rang in format xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx]...
Sorry - I found the problem solution while writing the above --> if you are not using the "default private IP Ranges such as 10.x.x.x. or 192.168.x.x. or 172.16.x.x you have to add your IP Range as Trusted Range as follows sudo iptables -A INPUT -p icmp -m iprange --src-range [your ip Rang in format xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx] -j ACCEPT. sudo iptables -A INPUT -p tcp -m multiport --dports 22,25,80,443,143,993,465,587 -m iprange --src-range [your ip Rang in format xxx.xxx.xxx.xxx-xxx.xxx.xxx.xxx]...
Details a) I can ping the host b) Its working - sending / receiving mails c) Its ubuntu 18.04 d) Disabling the Firwall in "Scrollout" helps - the question is- where is the config for this? KR
Dear All I do not know why and when this started, but I cannot login from "external" of the VM soon after reboot. If I am fast enough, I get the Login Page and the Scrollout Logo, but nothing more, right after reboot. Once this happens, the WebServer is irresponsive from this moment onwards, when connecting from anything else than the localhost. And yes - the webserver and service seams to be running - i can login from Srollout F1 Console and everything is there and works fine. First guess - Firewall...
Hi, thanks for reply , so on Scrollout side we cannot in this case validate recipients? We are get a ton of emails with nonsensical names @domain - apart from the config change in zimbra is there anything else we can do? Regards, Andrew
Hi, I suspect Zimbra is not returning the response in the necessary/expected format. I had a similar problem with a commercial gateway solution and decided to activate SMTP recipient verification in zimbra. That will return an error in the webmail client when a recipient (in the list) doesn’t exist. su zimbra zmprov mcf zimbraMtaSmtpdRejectUnlistedRecipient yes zmmtactl restart zmconfigdctl restart Regards, Marius.
Hi, I suspect Zimbra is not returning the response in the necessary/expected format. I had a similar problem with a commercial gateway solution and decided to activate SMTP recipient verification in zimbra. That will return an error in the webmail client when a recipient (in the list) doesn’t exist. Regards, Marius.
We can connect with LDAP admin software, we inserted the same parameters in Scrollout but it does not seem to connect. We are getting "Lookup::LDAP code NOT loaded" Scrollout was updated Release: 2018-04-08 This is our config: domain = ourdomain.net server_host = 10.40.0.4 server_port = 389 version = 3 search_base = scope = sub query_filter = (&(|(objectClass=inetOrgPerson)(objectclass=group)(objectclass=person)(objectclass=contact)(objectclass=user)(objectclass=publicFolder)(objectclass=msExchDynamicDistributionList)(objectclass=zimbraDistributionList)(zimbraM...
I've also moved over to proxmox and I assume it's a quite rattling correct alternativ :-) and I've choosen to guide them by using buying the network edition for ninety nine€ so that they optimistically courses maintain to keep their product.
I found out that the MXToolbox tool is apparently buggy at best and you will want to use something else. I ended up using this one: https://www.sparkpost.com/email-tools/authentication-checker/
I am having the exact same issue. Did you find a solution?
Hi everyone! I'm new here, I need a help with this spam, how can I block it without block the extension or real Macros :'(
Hello to all! I have several instances of Scrollout F1, but only one on the VPS. And this VPS instance makes me crazy...I do not know why, but after installation, it seems to be mynets parameter not working. Iptables does not use these addresses to create chains for safe connections, amavis blocks all emails from these addresses as spam(on any level except 10) and amavis not signing letters with DKIM. I can see my trusted IP's in the postfix and amavis configs, but something going wrong. Please help...
Is the public key seen in allkeys already in base64 ready for DNS ?
Is the public key seen allkeys in base64 ready for DNS ?
Hi, I have found DKIM keys in /var/www/dkim. I'm trying to use these keys on OVH DNS but what are the key type and algorithm hash used ... And a stupid question : is the public key, the key we can see on outbound screen in field p ? Regard
Hi all Exist there a relation between quarentine under "ROUTE" and levels under "SECURE" ? If i don't configure anything at the quanrantine and levels are configured, i will receive spams ? Please i need clarifications Thanks
So apache is not needed for scrollout?
Yes, please try to stop apache. Nginx can't stat because of it. If everything is back to normal, uninstall apache. From: Cyprian Urbaniak urbaniak1981@users.sourceforge.net Sent: Monday, July 27, 2020 9:01 AM To: marius.gologan@gmail.com Subject: [scrollout:discussion] ERR_CONNECTION_REFUSED Hi, thanks for your reply. Here are the results: root@ScrollOut:~# netstat -nat | grep LIST tcp 0 0 127.0.0.1:10030 0.0.0.0: LISTEN tcp 0 0 0.0.0.0:465 0.0.0.0: LISTEN tcp 0 0 127.0.0.1:10001 0.0.0.0: LISTEN...
Hi, thanks for your reply. Here are the results: root@ScrollOut:~# netstat -nat | grep LIST tcp 0 0 127.0.0.1:10030 0.0.0.0: LISTEN tcp 0 0 0.0.0.0:465 0.0.0.0: LISTEN tcp 0 0 127.0.0.1:10001 0.0.0.0: LISTEN tcp 0 0 127.0.0.1:10002 0.0.0.0: LISTEN tcp 0 0 109.69.8.51:53 0.0.0.0: LISTEN tcp 0 0 74.82.42.42:53 0.0.0.0: LISTEN tcp 0 0 91.239.100.100:53 0.0.0.0: LISTEN tcp 0 0 89.233.43.71:53 0.0.0.0: LISTEN tcp 0 0 77.88.8.1:53 0.0.0.0: LISTEN tcp 0 0 77.88.8.8:53 0.0.0.0: LISTEN tcp 0 0 23.253.163.53:53...
Hello everyone, I throw a bottle at the sea. I am looking for someone who would be able to give me a key For exchange 2019 svr for a personal use only. hoping for a positive return good holiday to you. Best regards Le 22 juil. 2020 à 16:11, Remmelt Luijendijk remmeltl@users.sourceforge.net a écrit :  Some more info: Verdict: At least one of your mail servers supports insufficiently secure parameters for Diffie-Hellman key exchange. Technical details: Mail server (MX) Affected parameters Security...
Some more info: Verdict: At least one of your mail servers supports insufficiently secure parameters for Diffie-Hellman key exchange. Technical details: Mail server (MX) Affected parameters Security level relay-zuydgroep.zuydgroep.com. DH-2048 insufficient Test explanation: We check if the public parameters used in Diffie-Hellman key exchange by your receiving mail servers (MX) are secure. The security of elliptic curve Diffie-Hellman (ECDHE) ephemeral key exchange depends on the used elliptic curve....
Hi, Try to see what process is using port 80. netstat -nat | grep LIST Look for process using 0.0.0.0:80, stop the service (in the right collumn) and run the command above again to see if it stopped. If not, kill its PID (near to the service name). kill -9 PID From: Cyprian Urbaniak urbaniak1981@users.sourceforge.net Sent: Thursday, July 16, 2020 5:20 PM To: marius.gologan@gmail.com Subject: [scrollout:discussion] ERR_CONNECTION_REFUSED hi marius, could you help me? i cannot access the gui page....
hi marius, could you help me? i cannot access the gui page. root@ScrollOut:~# tail -n10 /var/log/nginx/error.log 2020/07/16 15:58:10 [emerg] 3389#0: bind() to 0.0.0.0:80 failed (98: Address alr eady in use) 2020/07/16 15:58:10 [emerg] 3389#0: bind() to [::]:80 failed (98: Address alread y in use) 2020/07/16 15:58:10 [emerg] 3389#0: bind() to 0.0.0.0:80 failed (98: Address alr eady in use) 2020/07/16 15:58:10 [emerg] 3389#0: bind() to [::]:80 failed (98: Address alread y in use) 2020/07/16 15:58:10...
Update, sorry, the problem by our firewall.
Recently, I cannot save senders in menu Secure > Senders (https://scrollout_server_ip/lists.php) The post request didn't have any response (status code: 408) Log in /var/log/nginx/access.log: Admin [15/Jul/2020:19:11:46 -0700] "POST /lists.php HTTP/2.0" 408 0 "https://x.x.x.x/lists.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0" The permission seem ok: I check these file but found nothing: /var/log/php7.0-fpm.log /var/log/syslog Please help.
Hi, For the Dutch government there is a security check for mail servers. But I’m stuck at one point and need some support to reach the 100% score. Testresult: https://en.internet.nl/mail/zuydgroep.com/
I agree. It would be very useful.
We are detecting that some providers have returned error 552 5.2.0 Invalid 7-bit data (in reply to end of end DATA command). This was detected on comcast.com which has caused delivery problems for some users. Any ideas on how to fix it? Thank you in advance
That worked for me, Thank you
Hi After moving VM to Physical Server mail start working, but unable to add domains to whitelist getting error Can not save data! Collector may be in progress writing the files, I done following steps from very old posts.Please check if you have a this file: /etc/amavis/sndr Add this permissions: chown www-data.root /etc/amavis/sndr But still same error
details forwarded/ Thank you in advance.
Is nothing wrong in the logs. I can have a look via ssh. If you are ok with that, send me an email at marius.gologan-at-gmail.com with the IP and credentials.
done, Jun 18 19:06:11.436 [8513] dbg: gpg: found /usr/bin/gpg Jun 18 19:06:11.436 [8513] dbg: gpg: importing default keyring to /etc/spamassassin/sa-update-keys Jun 18 19:06:11.490 [8513] dbg: gpg: [GNUPG:] IMPORT_OK 0 5E541DC959CB8BAC7C78DFDC4056A61A5244EC45 Jun 18 19:06:11.515 [8513] dbg: gpg: [GNUPG:] IMPORT_RES 1 0 0 0 1 0 0 0 0 0 0 0 0 0 0 Jun 18 19:06:11.516 [8513] dbg: gpg: release trusted key id list: 5E541DC959CB8BAC7C78DFDC4056A61A5244EC45 0C2B1D7175B852C64B3CDC716C55397824F434CE Jun 18...
It seems that something is broken in spamassassin. Try this twice and see if there is any strange error regarding .pm (perl) packages. sa-update -D
It seems that something is broken in spamassassin. Try this twice and see if there is any strange error regarding .pm (pearl) packages. sa-update -D
In console I am getting below two errors mx3 postfix/error[20594]: 49ng9c0GCmzgdFM: to=.XXX@XXXXX.com relay=none, delay=93, delays=0.62/93/0/0, dsn=4.4.2, status=deferred (delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while sending end of data -- message may be sent more Jun 18 17:32:08 mx3 amavis[5559]: (05559-04) (!)SA TIMED OUT, backtrace: at /usr/lib/x86_64-linux-gnu/perl/5.24/IO/Handle.pm line 202.\n\teval {...} called at /usr/lib/x86_64-linux-gnu/perl/5.24/IO/Handle.pm...
Hi, Do you have any logs that indicate the reason for which are not delivered? Maybe you have a limit for messages on the server, for a single source. Marius. From: Gopi Nath nathgopi@users.sourceforge.net Sent: Thursday, June 18, 2020 1:55 PM To: marius.gologan@gmail.com Subject: [scrollout:discussion] Outgoing mails stuck Hi, We just strt using Scrollout FI, It works well for one day, after that out going mails are start holding in queue, every time i need to restart the server to release queued...
Hi, We just strt using Scrollout FI, It works well for one day, after that out going mails are start holding in queue, every time i need to restart the server to release queued mails. Please help.
I'm using it and it's the best solution of bsuiness. You can read reviews of this product.
I ran into an issue today where we started getting e-mails from a new range of IPs from addresses hosted with Office 365, etc. I was able to update /etc/postfix/postscreen_access.cidr with the new IP ranges and solve the problem. However, it would be easier if I could just specify spf.protection.outlook.com somewhere and not have to manually update it next time they swap the blocks of IPs they're using. Where would I specify that in Scrollout's version of postfix? Thanks for the help!
Ok, so I'm answering my own question. The answer is yes, using MMDB format works as well. As of 04/2020, the current updated version of Scrollout F1 isn't filtering and scoring countries at all, even with the old database format present in /usr/share/GeoIP/. My current level for the Geographic Filter is set to 3. In the file /etc/mail/spamassassin/local.cf there are two sets of rules for each country: one using URICOUNTRY and other using RELAYCOUNTRY. The only plugin being loaded was "Mail::SpamAssassin::Plugin::URICountry",...
Hi all, I'd like to know if it is possible to leave the subject from SPAMMY messages like they are, without prepending any tag on it. If the designed field isn't filled, it still will insert the tag "Spam: " on those messages. The reason for this is that my downstream server will rely on header tags to direct those messages to the Junk folder, and the user won't have to edit the subject if they reply an eventual false-positive message. Thank you and have a nice day!
Hi. About the GeoIP country info used on Scrollout F1, I'm assuming it uses the data provided by MaxMind, as there are legacy databases files on "/usr/share/GeoIP/". So if that is in fact the only database used on SF1 policies, it seems to be very outdated, even because MaxMind changed their database format, licensing, and their free version of GeoIP is now GeoLite2. Not only that, now they require a valid user for downloading updated database releases. So, my question is: even if I downloaded the...
TO RESET THE SCORE FOR AM.IP_BAD_<ip-address> RUN: redis-cli -n 1 FLUSHDB</ip-address>
X-Envelope-Sender: SRS0=8sKm=37=yandex.com=testmike@gw.xxx.com X-ME-Bayesian: 44.593204 Return-Path: SRS0=8sKm=37=yandex.com=testmike@gw.xxx.com how can I config mail come from testmike@yandex.com
<meta content="text/html; charset=utf-8" http-equiv="Content-Type"><meta content="Microsoft Word 15 (filtered medium)" name="Generator"><style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99;...
Hi, Try the steps for firefox from this article. HSTS is kept in browsers. https://cheapsslsecurity.com/blog/hsts-chrome-firefox-clear-hsts-settings/
Hello, I am running into that issue, so that Firefox does not connect to my scrollout anymore ("server has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site) I use an official SSL cert of GoGetSSL which also comes with the intermediate certs. I have added the cert data (private key and cert) through the web interface of the Scrollout server. I also tried to add the Cert only, add...
Hello all Is possible ignore levels for a specific domain? I vant to receive allwais from a @dmain.com but maintain levels for all other domains. How can I do it? Zanx
Scrollout F1 does support TLS and the SMTP STARTTLS command. By default it will use a self-signed certificate. You can install your own purchased SSL/TLS certificate if you purchase one from a trusted certificate authority.
You could disable the Scrollout RBL, and instead use a very reputable RBL from Barracuda Networks: Barracuda RBL. It has a very low false-positive rate. They have one of the best free RBL to use in the world. The domain name to use for the Barracuda RBL is: b.barracudacentral.org About: http://www.barracudacentral.org/rbl Statistics: http://www.barracudacentral.org/data/spam Register for free access: http://www.barracudacentral.org/account/register How to use: http://www.barracudacentral.org/rbl...
Hi Marius, You were correct. I was not querying the records correctly. They appear to be functioning properly. Thank you for your reply.
Dear All, Do you know how to change the timezone in scrollout? Thanks in advance! Edwin
Me puedes explicar los paso para hacerlo?
Hola Acabo de configurar un servidor con Debian 10, realice varias modificaciones para que pudiera funcional al 100% Requiere revisar configuracion de Clamv, php-fpm, fail2ban, reglas iptables. debes revisar muy bien los log
Hi I have upgraded to Debian 10(Buster) and mailflow seems to work fine, but when i try to access the web interface i get: 502 Bad Gateway nginx/1.14.2 What should i check?
I sent a test mail to ping@tools.mxtoolbox.com from my mailsystem, it passed through the scrolloutf1 as planned, added the key as it should. It passes all the test, except the body hash test.
let say we have one domain abc.com, that have MX record setup to 10.20.30.40 (just for example ...) and then we have router that forward all the valid ports fot ScrolloutF1 ... so we have that setup ... so we have INTERNET -> ROUTER -> Scrollout F1 ... so he receive email for joe@abc.com ... and we have 3 different servers in DMZ that are setup to receive SMTP from trusted ScrollOUT F1 ... so how to setup Scroll to go thru all servers, lets say 2 or 3 and ask them do they have petar@abc.com, if ==true...
Ok, found a typo, but it's odd that a lot of tools gives a tcp connect, but an nmap scan fails. Thoug I think it's working now.
I thought it worked, but actually I don't see any firewall being active???
Perfect, thankyou! Still works :-)
Hi, How did you check? Querying zones without values won't return results. You need to check IPs or domain names. Test: 127.0.0.2.reputation-ip.rbl.scrolloutf1.com (A or TXT) Marius.
In the documentation located here I have found the following DNS BLs. I have checked each one, and it seems that all of them are unavailable, not responding to DNS BL queries via DNS protocol. Will these DNS BLs be returning to service, replaced, or have they been taken offline permanently? reputation-ns.rbl.scrolloutf1.com reputation-domain.rbl.scrolloutf1.com reputation-ip.rbl.scrolloutf1.com bl-ip.rbl.scrolloutf1.com wl-ip.rbl.scrolloutf1.com bl-domain.rbl.scrolloutf1.com wl-domain.rbl.scrolloutf1.com...
Increase the level of header and attachement filter will resolve it.
Increase the level of header and attachement filter will resolve it.
hi, i have is problem, white list not work ,, "unassigned amavis[16608]: (16608-09) Blocked SPAM {DiscardedInternal}, LOCAL [193.168.1.2]:52628 [193.168.1.2] empresas@pichincha.com" not incoming mail to collector or quarantine inbox,, please helpme
Spelling error: echo '/usr/bin/convert -interlace "$@"' >> /usr/bin/gfinter should be changed to: echo '/usr/bin/convert -interlace "$@"' >> /usr/bin/gifinter
I've also moved over to proxmox and I think it's a pretty damn good alternativ :-) and I've choosen to support them by buying the community edition for 99€ so they hopefully continue to maintain their product. Regarding DKIM, have a look at https://wiki.debian.org/opendkim
I've been screwing around with this for a bit. If you really want gifinter back here are my unfiltered notes. This is not a formatted step by step. I copied, pasted, and hit the code tag where appropriate. Read it first and use your head. If you plow through it line by line you'll repeat at least one of my mistakes. Also, this doesn't do anything other than get gifinter back where Fuzzy wants it. That will stop the errors from dropping in your log. It may not actually restore any lost functionality....
I've been screwing around with this for a bit. If you really want gifinter back here are my unfiltered notes. This is not a formatted step by step. I copied, pasted, and hit the code tag where appropriate. Read it first and use your head. If you plow through it line by line you'll repeat at least one of my mistakes. Also, this doesn't do anything other than get gifinter back where Fuzzy wants it. That will stop the errors from dropping in your log. It may not actually restore any lost functionality....
I've been screwing around with this for a bit. If you really want gifinter back here are my unfiltered notes. This is not a formatted step by step. I copied, pasted, and hit the code tag where appropriate. Read it first and use your head. If you plow through it line by line you'll repeat at least one of my mistakes. *** download and compile giflib 5.0.0: cd /usr/src wget https://sourceforge.net/projects/giflib/files/giflib-5.x/giflib-5.0.0.tar.gz tar xvfz giflib-5.0.0.tar.gz cd giflib-5.0.0 ./configure...
Secure / Levels / Rate Limits In this is the setting that checks name servers you can disable it by setting it to level 10 or you can whitelist the offending IP or domain name
Anyone. Its getting anoying that the spamfilter works like a shit...
It is strange that pmg proxmox does not support DKIM Domain Key by default.
We have an issue where a contractor of ours (who appears to be using Scrollout F1) is not receiving our emails. The bounceback message lists the IP that is getting a match on the Spamhaus PBL, however here's the thing--that IP address isn't our mail server, nor anything that's ever been used as our mail server. The IP that is listed in the NDR is our secondary public DNS server. This listed IP (207.179.96.x) isn't even in the same IP block as our MTA that's delivering mail to them (69.89.126.x),...
We have an issue where a contractor of ours (who appears to be using Scrollout F1) is not receiving our emails. The bounceback message lists the IP that is getting a match on the Spamhaus PBL, however here's the thing--that IP address isn't our mail server, nor anything that's ever been used as our mail server. The IP that is listed in the NDR is our secondary public DNS server. This listed IP (207.179.96.x) isn't even in the same IP block as our MTA that's delivering mail to them (69.89.126.x),...
We have an issue where a contractor of ours (who appears to be using Scrollout F1) is not receiving our emails. The bounceback message lists the IP that is getting a match on the Spamhaus PBL, however here's the thing--that IP address isn't our mail server, nor anything that's ever been used as our mail server. The IP that is listed in the NDR is our secondary public DNS server. This listed IP (207.179.96.x) isn't even in the same IP block as our MTA that's delivering mail to them (69.89.126.x),...
We have an issue where a contractor of ours (who appears to be using Scrollout F1) is not receiving our emails. The bounceback message lists the IP that is getting a match on the Spamhaus PBL, however here's the thing--that IP address isn't our mail server, nor anything that's ever been used as our mail server. The IP that is listed in the NDR is our secondary public DNS server. This listed IP (207.179.96.x) isn't even in the same IP block as our MTA that's delivering mail to them (69.89.126.x),...