If your email is not being delivered, you need to determine why the email is getting blocked. The log messages for emails can indicate the reason for the email failure. In some instances, the delivery failure can be triggered by a third-party IP reputation service (for example, Spamhaus) used by the destination SMTP host.

• These reputation services provide a lookup service that indicates whether the IP address of the SMTP sender is considered to be trustworthy. In most cases, you will simply find Cato IPs located within Spamhaus' Policy Block List (PBL) which indicates that any SMTP traffic coming from these IPs should require SMTP authentication before allowing email to be accepted. This is expected behavior and does not indicate any kind of reputation issue with Cato IP ranges.
• IPs should ONLY be removed from the PBL if the intent is to run an outbound mail server on that PBL-listed IP, in this case, the Cato IP address. For more information, visit Spamhaus PBL.
• To confirm the backlisting by the reputation service, visit the specific website and check if the Cato IP address is listed there. For example, Spamhaus has an online IP reputation checker for this purpose.
• If the Cato egress IP address is listed on any of the blacklists, you can request from the service to remove the IP address. Most websites like Spamhaus will have a simple online form that can be submitted to have the IP removed.

Verifying DNS PTR Record

Verify the egress IP for the SMTP traffic has a DNS PTR record (reverse DNS) associated with it. If the egress IP address does not have a DNS PTR record, contact Cato Support. 

Verifying SPF Records

Verify if any SPF records exist for the email domain. An SPF record is a way to advertise which IP addresses are allowed to send an email for a given domain. Other SMTP servers can reference the record and if they receive traffic from an IP not on that list, they might reject the email.