emails to hotmail reported as garbage

I have been trying to get email working with virtualmin, but it has been difficult.

Emails sent to hotmail accounts were first rejected (my IP was listed at spamhaus, don’t know why). then I was able to remove the IP, and saw that the server was not using ssl by default. So I created the necessary certificate files, included them in the config and now I have been able to send mails through the server to hotmail. The problem is that mails are being reported as electronic garbage in the hotmail account. Is there a way of avoiding this?

Thank you

I think you can still do a couple of freebie checks with the dns report tool at If not, send me your domain name and I’ll run it through my account for you.

The most important thing to do is make sure you don’t have an open relay.

If you got on spamhaus, it’s a good bet you have (or had) an open relay. Once your IP, subnet or domain name gets a bad reputation, it’s marked for life.

Other stuff: it’s good to have valid SOA and SPF records in your zone files.

Google and Postini use SOA and SPF for their security checking. Have and addresses. Accept mail from “<>” NULL sender to accept bounces and rejects. Many of the big ISP’s require all of the above (,,,, etc.)

Hotmail seems to be the toughest blacklist to get off of. You’ll have better luck if you you yourself have a longstanding or account. Unfortunately, Hotmail’s Windows Live blacklists probably also feed the OutKook email client blacklists.

More advice:

I tried out the link and the result is:

Relay test result
All tests performed, no relays accepted.

As of, I already used it so it seems I can’t use it anymore. I’ll send my domain to you by pm.

On openspf website, they suggest that I insert this in my zone file: IN TXT "v=spf1 a mx ip4: ?all" IN TXT "v=spf1 a -all"

I have the first one, but not the second. can that be the problem?

By the way, If i send a mail to my gmail account, the mail goes to my inbox, while in hotmail it goes to garbage…

…it is hard to keep my mind working with this forum…I have to login ten times to post a topic, or to change between pages…

I can’t figure out how to send you a pm, so my domain goes right here…
hostingspirit dot org

thank you

Yes, this forum suxors. Your best bet on this domain is to A)close and clear your browser cache B)delete your cookies C)always use and not

I’ve just recently added my ns2.

Before today, I was just using ns1, the servers are just being used for testing purposes only…

So that cannot be the problem, unless hotmail cares about the fact that I only had ns1 working…and that nameserver is working fine, I took the measures suggested by dnsstuff on how to secure it.

do you think that the problem is related in anyway to the fact that ns2 is not properly configured? or is there any other possibility?

thank you

do you think that the ns2 is causing the problems? or that the fact that I didn’t have ns2 configured properly was making hotmail send my emails to the junk folder?

I could really use some hint on how to solve this problem…

Open DNS servers

ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn’t happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are:

Server xxx.xx.28.11 reports that it will do recursive lookups.

Fixing BIND

* Open named.conf with a text editor
* Use a line &quot;recursion no;&quot; in the &quot;options&quot; clause (or in the &quot;view&quot; clause)
* If you need to enable recursion for your local network, you can use a &quot;allow-recursion { ADD_LIST_OF_YOUR_IP_RANGES_HERE; }&quot; line in the &quot;options&quot; section.
* [Use caution; BIND files are easy to break]
* For complete hardening, see 

No NS A records at nameservers
WARNING: Your nameservers do not include any corresponding A records when asked for your NS records. They probably are not returning the A records when asked, which can prevent some other DNS servers from contacting your DNS servers. They should do this if they are authoritative for those A records (in BIND, you should not use ‘minimal-responses yes;’). The problem record(s) are:

Nameserver xxx.xx.28.11 did not provide any IPs

Lame nameservers
ERROR: You have one or more lame nameservers. These are nameservers that do NOT answer authoritatively for your domain. This is bad; for example, these nameservers may never get updated. The following nameservers are lame:

Missing nameservers 2
ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: