Outgoing Mail stucks in queue

From the error message it looks like the receiving server is dropping the connection, the problem is not on your end. They could be having network problems or your server's IP address could be blacklisted. Check your IP address at spamhaus.org and see if it's listed. Outgoing mail will remain in the queue for up to a week if your server can't send it to the receiving server, then it will bounce back to the sender.

You're operating within an IP address space that isn't permitted mail servers by your ISP, or your reverse DNS is incorrect, or both. (Various ISPs will add their dynamic IP address ranges into the blacklists, and some other entities (businesses, etc) will add their subnets that don't contain mail servers into the blacklists, too.)

In addition to outbound mail sent to other servers being treated as spam and dropped, inbound mail from a number of servers will also fail; it'll be dropped before the messages are sent to this server.

As the spam mess continues to be a problem, additional mail servers will enable and use these checks, too.

Your options are to host your mail server somewhere else or to use a mail-hosting service, or to upgrade your access through your ISP, or to see if another ISP will enable a static IP address and authorize a relay for your server; some form of a tunnel from the current constrained ISP to an ISP that is amenable to your hosting a mail server through them.

Based on previous discussion of other mail-related issues (and IIRC), you apparently don't have access to a static IP and mail servers through your current ISP. Which limits your choices.

Your forward and reverse DNS translations have been verified and are correct, your primary and secondary MX records are also correct, and your primary mail server IP address is not listed in Spamhaus. All good there.

This would imply a stale DNS translation or some sort of a configuration error at the recipient server or anti-spam service, or (as happens fairly regularly) the listings entities you're checking with are buggy, or could potentially be operating with some sort of other or differing interests in this process.

In the case of that UCEPROTECT error, that indicates you're in a "bad neighborhood" for spam and abuse. There's not much you can do about that, unfortunately, other than re-hosting elsewhere.

As one potential option for the first diagnostic, consider dispensing with that secondary MX record as a test, and see if that might be tripping up these checks. That host name includes a particular substring within the string that can trigger some of these filter tests. Wait (86400) for the DNS caches for that host name to clear before testing this.

Alternatively, you can host your mail server somewhere else or to use a mail-hosting service, or see if another ISP will enable a static IP address and authorize a relay for your server.

Split-horizon DNS? (Do you really need to do that? That's bucket of pain that's best avoided.) Use a subdomain or a second domain for your internal network, if you can. That way, you dom't have to track internal and external DNS settings, and you know what's inside your network perimeter, and what's outside. (This does presume you have an external firewall that can reflect traffic, if you're using NAT.)

I would remove the secondary MX record, however that's been set here. I don't know how your ISP establishes that setting. It's usually a control panel somewhere.

As for outsourcing mail services? MacHighway, BlueHost, and various other SMTP providers all have similar offerings. Once you sort out cpanel or whatever the hosting provider uses, these are simple to manage and maintain. (And you can potentially also use these folks as a relay service, if the hosting terms of service allow that.)

As for relay services, the folks at OpenDNS reportedly have an SMTP relay service as a commercial offering, but I have not needed to use that service. There are other similar services around.

There are very likely also Greek and EU-area service providers, if you don't want to tangle with an international host.

Kostas B wrote:

Since all major Greek ISPs are listed in UCEPROTECT or some other service, can you suggest some other SMTP providers?

You should contact your ISP or whoever is providing your server IP addresses and let them know that their address blocks are blacklisted. It is ultimately their responsibility to get them delisted.

You can set your mail server to relay outgoing mail through another SMTP server in Server Admin.

You can't blindly relay through some other SMTP server without some kind of agreement from them. Therefore no one can tell you specifically where you should go.

However, in most cases, any ISP would generally accept mail from their customer's systems, so I'd expect that your ISP's mail servers would be the best starting point.

You should be able to use your ISP's SMTP server, or possibly a service like gmail or Yahoo! if they allow SMTP relaying.