Hacker News new | past | comments | ask | show | jobs | submit login

I have had very few troubles sending outbound email directly, however there was one email provider that always rejected me because they were blocking all of DigitalOcean's IP space. This provider was quite niche, but it still bothered me.

My solution was to set up SMTP relaying based on the recipient ___domain. So nearly all my email can still be sent direct, but I have a list of domains that get routed through mailgun.com (or you could use SES or whatever).

More info here: https://github.com/docker-mailserver/docker-mailserver/issue...




> there was one email provider that always rejected me because they were blocking all of DigitalOcean's IP space.

This would be me. DO traffic is overwhelmingly hostile traffic. It's like Psychz or MCColo got massively scaled up.

OVH is a close 2nd. Amazon was a solid third, beginning in 2019. Not sure if they still are.


I've also blocked tens of thousands of ips from DO, and AWS on several web sites. Mostly for attempts at logging into wordpress admin accounts, some were spammers I'm guessing were using vpns that sometimes go through them. Those and tens of thousands from brasil, and several other countries.

There was a time when I looked at sending in reports -

and a time when I asked someone in the wp plugin directory who had a detector-like plugin to have it spit out a chunk of fields that would be ready to fill in the amazon complaint form and to do a cidr lookup to port over to iptables.. but that never got made.

This was all made worse when maxmind went registration needed and ruined the most effective security plugin for wordpress I'd been depending on for years.

I've noticed an increase in the microsoft ips I'm blocking these days to.

for now I don't mind doing an ip lookup when I can block 64,000 ips or more at a time I find it's a solid win.


You work at Mega? Nice to meet you!

Is there anything I can do to get whitelisted? How can I contact you?

Not a huge deal if not, I've implemented the workaround already. But to be whitelisted after a chance meeting on HN would be a nice way to finish this story.


I always wondered why there isn’t a config option in MTAs that tries to route an email over different other MTA‘s submission port and tries until delivered. I mean a automated setup not static rules you mention. This would make self hosted setups so much easier. The chance that someone blocked your cloud server‘s IP address 4 years ago and never bothered removing it is high.


My "favorite" story is a certain not to be named French university which was polite enough to inform me that they block all email from .org domains.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: