Getting blocked by Unknown RBL (realtime spam black/block list) - 88.blacklist.zap

bizcrown101 used Ask the Experts™
Some users of our Exchange server have been unable to send to a few different domains this week. They received the following message: on 10/20/2006 9:36 AM
            There was a SMTP communication problem with the recipient's email server.  Please contact your system administrator.
            < #5.5.0 smtp;550 Service unavailable; Client host [208.178.XXX.117] blocked using 88.blacklist.zap; Mail From IP Banned>

(I have changed the email addresses and IP addresses in the message above except for 88.blacklist.zap)

I am familiar with RBLs and have run our mail server's IP through several multi-rbl lists checkers such as and We're only listed in BLARSBL ( which appears to be a list that nobody actually uses.

I've googled for 88.blacklist.zap and found NOTHING. I've also searched for blacklist.zap and found other people reporting bounced emails similar to mine, but resulting from a list called ip.blacklist.zap. Thus far I haven't found any information about any real rbl named 88.blacklist.zap or ip.blacklist.zap.

The server also passed the open relay test at

So my question is, what is actually causing these emails to be returned with this particular message? Can anyone identify this blacklist.zap and help me take actions to stop emails from bouncing back?

Thanks in advance!
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

blacklist.zap is a name sometimes used for an internal blacklist
Expert of the Year 2007
Expert of the Year 2006

Google blacklist.zap and you get many more results.
That IP address range belongs to Global Crossing, so there is a good chance you have got caught in someone's subnet blacklist.
You need to speak to the recipient to find out why you are listed.



Could there possibly be a private blacklist sitting somewhere between our mail server and several different mail recipient mail servers? I find it quite peculiar that two completely different mail servers would blacklist our IP and give us the exact same 88.blacklist.zap blacklist response.

Also, what is the significance of the IP address belonging to Global Crossing? Are they well known for letting spam originate from their IP range?
Expert of the Year 2007
Expert of the Year 2006
There are certain spam blacklists that will block an entire subnet. They will even attempt to blacklist an entire ISP. The logic behind that is to catch as many innocent people as possible, so that the innocents complain to the ISP and the ISP kicks the spammer off their network.

As the IP address is assigned to a major ISP in their static range, you aren't being caught in the dynamic address list information. As you hexed out the rest of the IP address it is impossible to see if you were listed in any other blacklists - so it could be the subnet block.

You may well be caught by the same blacklist being used by multiple recipients. It is almost certainly a private blacklist, so you have no other option but to contact the recipient and ask why the messages are being blocked.

My company is going through this right now.  I did a little investigation worked and found out that my client uses Frontbridge (hosted Exchange Service).  I called Frontbridge and they confirmed the error with "88.blacklist.zap."  They also explained that they have implemented a new SPAM filter.  You should give them a call.  Your recipient may not know that they use Frontbridge because their service is resold by ATT, Sprint, etc.  You can get their support number from

Expert of the Year 2007
Expert of the Year 2006

Frontbridge is a Microsoft service.

I was gettin the same error "88.blacklist.zap" to discover that the client is using ATT (and presumably frontbridge).  I found a e-mail address of to report false_positives's and we'll see how it goes.

Thanks for the tips above, it's helped me narrow down where the problem is much quicker.
I tried the email last Friday and I have not heard back yet.  So I called yesterday and was on hold for 20 minutes.  The tech support rep. said they are open 24/7 so you can call any time.
So did you get the issue resolved for your network?  Did they say what the 88.blacklist.zap was? Whether it was an internal only list or based off some obsure RBL?  

What was the final result after 20 minutes?
They gave me a ticket number and said it would be fixed within 24 hours.  I am going to call them today to make sure that the process of removing my server from their block is moving.



AndrewDuey & cambria_is:

Thank you MUCH for the responses! I ended up calling the Exchange Hosted Service Support line at (866) 291-7726. After about 15 minutes on hold, and some funky french "please hold" messages, I was able to request my IP removed from the frontbridge blacklists. I recieved no ticket number or anything, so I'll just have to periodically send some test emails to the problem recipients in order to find out if we're still on the blacklist.

I would give the two of you points if I hadn't already accepted an answer.

Thanks again!
As of noon (PST) yesterday, I was off the list.  Yeah their hold music is funny.


Update: I was contacted by the bridgehead support team and notified that our exchange server's IP address is now on their safelist.


I appreciate your patience. We have Safelisted IP 208.178.XXX.117 and the change will be in production within the hour.

I believe this issue is now resolved and I will now be closing this case.  If you would like this case reopened please reply to this email for further troubleshooting and the case will reopen automatically.

Please let us know if you have any further questions.


Technical Support
I got the same response from bridgehead support.  They  declined to remove our entire IP subnet but did add our exchange server to their while list which was what we really needed.  

cambria_is:  Thanks for the tips, they really helped us out.


Frontbridge spam support/delisting email if anyone needs it is:
Hello Sampath Namberi,

This IP [] has been reviewed and was removed from the block list.  Note that there is a small period of 1-2 hours after delisting is granted until all of our servers propagate with the new change.

As long as the majority of traffic from this IP to our customers is not filtered as spam, messages will be allowed to flow uninterrupted through our network.  If it is discovered to be spamming again in the future, relisting is likely to occur, and the IP will be more difficult to have removed from the list.

We will now be closing this case.  If you have any further concerns, please let us know.


Elizabeth Coleman
Tier 1 Technical Support
(Hours: Sat-Weds 15:00-23:30)
Forefront Online Protection for Exchange (FOPE)  |  Exchange Hosted Archive (EHA) Ticket Assistance: 1146581446
24x7 Phone support: 1-866-291-7726

Still the Email is failing and same NDR is created.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial