Clarification on SPF / email authentication

I will try to keep the saga short and sweet:

As of today, I cannot send email to a specific domain.

The bounce message is so:

SMTP error from remote mail server after end of data:
    host []: 554 Service unavailable; Client host [] blocked by;

Both my webhost and Comcast (my ISP) deny responsibility for the problem. Webhost says it’s Comcast’s fault for having a blanket policy of not letting anyone use any SMTP server but theirs. Comcast says that the PBL only declares ownership of the IP and wouldn’t affect delivery, so it must be a configuration problem with my webhost’s SMTP servers… blah blah blah.

In any case, my webhost says I should just use Comcast’s SMTP server for outgoing mail (I’m using Outlook 2007) instead of theirs. I say, won’t this cause authentication / SPF problems?

His response:

I don’t “trust him” for a variety of reasons (their support has been less than stellar since they bought out my original webhost, whom I miss dearly), not just the fact that anyone who starts with “trust me” most likely can’t be trusted. :stuck_out_tongue: Also, I cannot parse what he’s trying to say, starting with “since…” as I have no idea what the antecedent of “it” is, and the rest of it is painfully tortured syntax.

So, bottom line: will using Comcast’s SMTP server cause delivery or authentication issues when I send email? I use my domain/email for business, so it’s rather important that it works.

It looks to me as though the domain you are sending from has got on a spam blacklist used by the domain you are sending to.

That aside, however, why not try what the tech told you to do? It should be the work of moments to reset your SMTP server in Outlook, and if it does not work, or causes other problems, you can switch back just as quickly. Tech support is not always wrong.

Yes, spamhaus is the aforementioned PBL (policy blacklist) which the two of them dispute whether it’s causing the block or not.

You can see the details by going to the URL in the bounce message:

Why I don’t just do it? Cuz authentication problems may not send me a bounce message, it may just filter my emails as “not trusted.” Therefore, I am sending email to clients/potential clients that never reaches them and I never know about it. Which is a problem, of course.

Granted, I haven’t read up on SPF/email authentication in a couple years. Things have probably changed, maybe radically, so I’m asking for someone more up-to-date on it to fill me in.

Your sending IP address is in address block Spamhaus assigns all those IP addresses to Comcast, and the PBL only validates email in that address range that originates from the Comcast SMTP server.

The Originating IP address for your message is - this is a Comcast address, so I assume it is the IP address of your PC (you say your ISP is Comcast in the OP). The supplied hostname is - so I guess your webhost is, who have a MX record of (

My guess is that your email client is misconfigured, and you are trying to send SMTP directly to the rejecting SMTP server. If it is configured to use your domain SMTP (which should resolve to there may be a problem using that and Outlook 2007 is trying a direct connect. Try using the Comcast SMTP server.

As for SPF, that is a configuration option on your domain DNS record - you can update it to include the Comcast SMTP server as a valid source.