iiNet blocking relayed emails
7 December 2020
If you have an email alias/relay set up at Chirp and a mailbox hosted by iiNet you may have noticed in recent weeks that some or all of your emails are not getting through.
The issue appears to be that iiNet are relying on the (broken by design) SPF protocol which says that emails are only allowed to be sent directly from pre-authorised mail servers.
In the case of an email relay, this is not the case:
- an email is sent to you(at)your-domain.com;
- it arrives at our mail server (mail. chirpinternet.eu); and
- is forwarded (relayed) to your mailbox;
If the mail server handling your mailbox is poorly configured, it thinks that mail.chirpinternet.eu is responsible for sending the original email without authorisation (i.e. spoofing) so the email is rejected:
----- Transcript of session follows -----
... while talking to asav.iinet.net.au.:
<<< 554 Your access to this mail system from XXX.XXX.XXX.XX has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
554 5.0.0 Service unavailable
The simplest solution would be for iiNet to implement a white-list, but in all probability they won't, because even while broken, SPF still allows ISPs to block a lot of spam emails.
Your other options include: