25f4a7503b
The 3 IPs (mta02-04 / .91-.93) retired after the May 30-31 over-volume blast are NOT on any DNSBL (Spamhaus/Barracuda/SpamCop/SORBS all clean) and have clean PTRs + SPF/DKIM/DMARC -- the damage was provider-internal reputation, which recovers with slow clean sending. scripts/ip_rehab.py sends a tiny ramping trickle (10/IP/day -> cap 60) of genuine CAN-SPAM-compliant compliance check-in mail to clean business-domain, never-bounced recipients via dedicated heavily-throttled postfix transports rehab02/03/04 (30s/msg, bound to .91/.92/.93). Routing uses an X-PW-Rehab-IP header + header_checks FILTER to override the transport_maps randmap warmup rotation (verified: mail routes via rehab transports, status=sent). Daily cron pw-ip-rehab. After ~2-3 weeks of clean sending the IPs can be reallocated.
8 lines
657 B
Text
8 lines
657 B
Text
# IP reputation rehab for .91-.93 (mta02-04), retired after the May 30-31
|
|
# over-volume blast so they can be reallocated. Sends a small daily-ramping
|
|
# trickle (10/IP day0 -> +10/day -> cap 60/IP) of genuine compliance check-in
|
|
# mail to clean business/ISP-domain, never-bounced recipients via the heavily-
|
|
# throttled rehab02/03/04 postfix transports (30s/msg, bound to each IP). This
|
|
# rebuilds provider-internal reputation. Logs to /opt/performancewest/logs
|
|
# (deploy-owned -- a /var/log redirect would make cron silently fail).
|
|
30 8 * * 1-5 deploy cd /opt/performancewest && python3 scripts/ip_rehab.py >> /opt/performancewest/logs/pw-ip-rehab.log 2>&1
|