If you’re trying to use your Plesk’s SMTP service to allow sending e-mail, you might run into the following error: rblsmtpd: <IP ADDRESS>: 451 http://www.spamhaus.org/query/bl?ip=<IP ADDRESS>.
The cause of this error, is the enabled option to check for DNS blacklists. It’ll find that the user’s (often dynamic) IP address isn’t allowed to send e-mail to the Plesk’s SMTP service. A common cause for this, is the use of the “zen.spamhaus.org“, which is a combination of SBL, XBL and PBL blacklists.
And the PBL blacklist, has the following warning-message in the FAQ.
Caution: Because the PBL lists normal customer IP space, do not use PBL on smarthosts or SMTP AUTH outbound servers for your own customers (or you risk blocking your own customers if their dynamic IPs are in the PBL). Do not use PBL in filters that do any ‘deep parsing’ of Received headers, or for other than checking IP addresses that hand off to your mailservers.
Disabling the zen.spamhaus.org will cure this issue. You can enable the xbl.spamhaus.org;sbl.spamhaus.org DNS blackhole list to get a combination of XBL and SBL blacklists, without PBL.
This does, however, have another drawback. Enabling the remaining DNS blackhole lists, will prevent (authenticated) e-mail communication over port 25. Meaning you still can’t send e-mail.
Bummer. But fixeable.
Enable the Message Submission option, on the Plesk page Server > Mail.
This will make the SMTP service also available on port 587, configured to allow Authenticated SMTP connections with disregard of the DNS Blackhole list. The only drawback is it can’t be used in combination with the zen.spamhaus.org (which is why we changed it in the first place).
Outlook should then be configured to send e-mail over port 587, instead of the default port 25.
Go to Tools > Account Options and doubleclick the account you’re using. Go to More Settings and proceed to the tab “Advanced“. There, you can change the Outgoing mailserver (SMTP) port to 587.
Seems like a lot of work, but it appears to be the only way to use the SMTP service in Plesk, in combination with a DNS Blackhole list and dynamic IP ranges.
Thanks for this. I have one quick question. If I check “Enable message submission” will this open smtp on 587 and 25 or just 587? Thanks, Nate
It will open both, so normal SMTP traffic on port 25 is still possible, port 587 is just enabled with a less strict filter.
Great article. Thank you. Greetings from Germany. :o)
Pingback: Rubén Ortiz » Evitar el SPAM en Plesk
Nice article in plain English! Unfortunately my PLESK does not have the “enable message submission” option (Plesk 8.01) and hence even using sbl.spamhaus.org results in no SMTP ability at all. Further to that is seems as if email does not get delivered either. I know this may be an upgrade issue, what version of plesk should I upgrade to? Is this a difficult process? Many thanks!
@Andrew: if you’re still using the 8.x branch of Plesk, it’s safe to upgrade to the latest 9.2 release, your license will automatically upgrade – there’s no harm. There are quite a few UI changes that will be confusing, and the update can take up to 5 hours if you’re on a slow server (but the sites + e-mail remain operational). You can update through Plesk, using the “updater” button.
This was originally written for Plesk 8.6, I’m not entirely sure how this suites the 9.2 branch.
Thank you,
very interesting article