My friend has lost the ability to send me messages. I’m using fastmail and it appears fastmail is using abusix. Consequently:
https://app.abusix.com/lookup/results?q=37.27.110.153
When I query dns, I get a different IP address that is considered clean. I have another friend using nine.testrun.org who can still message me.
It seems like the operators of nine.testrun.org need to either clear their name with abusix, or potentially investigate suspicious activity at that specific server.
Incidentally… I figured “this might be a good time to try out adding a chatmail relay to my account”.
But I was unable to do so because it’s incompatible with “show classic mail only for accepted contacts”.
Why is that? Surely chatmail has nothing to do with classic mail, why would I need to disable that?
Update: gmail is now blocking this IP too.
This requirement will be removed since version 2.41.0.
Said problems started after switching hosts, so maybe somebody forgot to update certain parts of the server configuration. Such error messages started to accumulate after the replacement, possibly contributing to being reported to more and more spam databases:
host mxs.ukr.net[212.42.75.251] said: 554 5.5.0 SPF pass is mandatory for 37.27.110.153 as ...@nine.testrun.org [un.20260211.GWmyErrPor] (in reply to MAIL FROM command)
host prefect.tmp.si[188.166.99.156] said: 550 5.7.25 Client host rejected: cannot find your hostname, [37.27.110.153] (in reply to RCPT TO command)
The only addresses that nine.testrun.org resolve to are 77.42.49.41 and 2a01:4f9:fff1:59::1. The IP address of the host which is sending mail to other hosts according to the above error is the Finnish 37.27.110.153. Both IP addresses seem to reverse resolve to the domain nine.testrun.org. This is a configuration error, because it fails the industry standard FCrDNS test, being eligible to be submitted to spam lists.
Most chatmail servers don’t have reverse DNS set up.
It’s therefore best to never use a regular email for DeltaChat unless you’re an expert, but rather only chatmail relays of which they are plenty. There are examples of Google and Microsoft randomly banning email servers too because they don’t understand traffic that is going on.
You assert that “most” of them do not. Could you perhaps list 2 as examples?
“SPF pass is mandatory” is an indication of misconfigured server. If the server requires SPF to pass and not just neutral, it cannot be used to accept messages from mailing lists with passing DKIM. SPF is a legacy authentication mechanism replaced by DKIM, it should not be required to pass.
Reverse DNS has nothing to do with authentication, it is a hack from the early 90s to work around proprietary UNIX software: draft-ietf-dnsop-reverse-mapping-considerations-06
The web page you linked to about “FCrDNS” is from sellers of DMARC analytics: https://www.suped.com/
It’s their job to make email authentication more complicated.
In any case, nine.testrun.org admins are notified and will do something.
But at the same time admins of the servers which cannot authenticate incoming mails with DKIM can also be notified to fix their setups.