Because of our network setup, outgoing email goes through a single IP.
This leads to (from a failure report by our exim server):
logcheck-users@???
SMTP error from remote mail server after RCPT TO:<logcheck-users@???>:
host lists.alioth.debian.org [217.196.43.134]:
550-policyd-weight said: Mail appeared to be SPAM or forged. Ask your
550-Mail/DNS-Administrator to correct HELO and DNS MX settings or to get
550-removed from DNSBLs; MTA helo: biostat.ucsf.edu, MTA hostname:
550 upstrm185.psg-ucsf.org[38.99.193.74] (helo/hostname mismatch)
My outbound mail (at least--maybe others) also seems to end up
classified as spam sometimes, and this name mismatch (HELO name
biostat.ucsf.edu does not match the reverse DNS on external IP) might
contribute to that. alioth.debian.org is the only remote server I have
noticed that consistently refuses our email outright.
The admins of the alioth server have indicated they are unwilling to
relax the restriction because of spam. I have seen some opinions that
such a restriction is too strict, but we seem to be stuck with it.
I think this addition to our SMTP transport will fix the problem for the
alioth server:
helo_data = ${if match_domain{$host}{*.alioth.debian.org}{upstrm185.psg-ucsf.org}{$primary_hostname}}
Is there a better solution? Will the previous modification work?
I don't think changing the DNS info for our external IP [38.99.193.74]
is possible, because all our outbound traffic from all machines goes
through it.
Thanks.
Ross Boylan