A hosting client tested an email with mail-tester.com, too, and I see that it shows:
-3.888 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr 2)
-3.888 is a big hit to take! But I've googled and not finding anything on HELO_DYNAMIC_IPADDR2 other than a bunch of examples, and articles from 2009 that don't seem relevant.
Any suggestions on what I can do to fix this problem?
iamlost
6:03 am on Dec 10, 2020 (gmt 0)
HELO_DYNAMIC_IPADDR2 usually trips on an email sent from a dynamic IP address.
A dynamic email address is a common flag raising spam score.
csdude55
6:37 am on Dec 10, 2020 (gmt 0)
I read that in the old articles, but I'm not sure what it means. Are you saying that the sending server has a dynamic IP, or that the computer/device that the sender was using had a dynamic IP?
iamlost
5:53 pm on Dec 10, 2020 (gmt 0)
Working from minimal data :)
Basically HELO_DYNAMIC_IPADDR2 is saying that an upstream relay has identified the sender as using a numeric HELO address.
Often this is a result of the sender’s naming convention or defaulting to generic pattern; see Generic rDNS [spfbl.net].
dstiles
10:24 am on Dec 11, 2020 (gmt 0)
Look at the email's header and pull out the last sending IP - the one nearest the top that is preceded by "Received: from" (obviously not the one that says received from your server). Check out that IP for its owner, rDNS etc. If it's an ISP it's almost certainly dynamic - or possibly static (a single fixed user) that may or may not be a valid sender, depending on the DNS setup.
I have a static IP - the same one for years - but I had the ISP add rDNS etc to identify it as a mail server at one of my domains. The mail sent from it tests fine and is accepted by other mail servers.
SumGuy
1:42 am on Dec 13, 2020 (gmt 0)
A lot of spam-ranking scoring systems can get the determination wrong that you're sending mail from a dynamic IP. A lot of consumer or residential ISP's also have business customers who (a) pay more for their cable or DSL connection and (b) sometimes want a static IP so they can operate their own web and mail server. I do that, for example. The spam scoring systems will probably only look at the ISP and follow some rule (probably set by a human) that ISP-X serves residential customers hence any port-25 SMTP traffic originating from that ISP's customer base will be direct-to-mx spam from trojanized / infected home computers (don't know if cell phones are candidates for spam-sending botnets like PC's are).
There are lots of things you can do when you operate a legit mail server operating from an ISP that is mostly known for residential service - like having SPF and DKIM records in your DNS records.
tangor
2:59 am on Dec 13, 2020 (gmt 0)
like having SPF and DKIM records in your DNS records.
Recent chat with newest host corrected that aspect (they run the mail server, not on mine).
Might be time for a support ticket?
SumGuy
3:50 am on Dec 13, 2020 (gmt 0)
If your mail server is running on a hosted service then that provider should not be classified as having dynamic IP's. Maybe the hoster has a bad reputation? I'd check the IP of your mail server against some DNSBL lists and see if anyone ranks it as spammy.
dstiles
11:07 am on Dec 13, 2020 (gmt 0)
Dynamic IPs should not be a problem unless they send mail directly to a mail server using port 25.
The accepted process is to send your mail from a dynamic IP using Port 587 (or possibly 465), which should be an encrypted port specifically set up to accept mail from customers. That mail server requires a logon from the sender. If a dynamic IP that has no valid rDNS tries to send mail anywhere on port 25 they are rightly denied.
IF you have a static IP you can arrange with your ISP to set up an rDNS entry for a valid host.domain.tld in order to have a mail server working from that IP. Depending on the neighbourhood, the IP may run into generic dynamic blacklist problems but many blacklists will open holes for the circumstance. It works for me.
