Solved

MS Exchange black listed with CBL

Posted on 2007-03-19
5
226 Views
Last Modified: 2010-03-06
How does one check and see what is causing a domain to be cbl listed.

I did notice there is no MX record for the mail server. Could that be the cause of the domain being cbl listed?

Thanks
0
Comment
Question by:john_s99
  • 2
  • 2
5 Comments
 
LVL 104

Expert Comment

by:Sembee
ID: 18753032
Do you receive your email directly by SMTP? If so then you need an MX record.
If you don't, then you are probably blacklisted on either lack of reverse DNS, what the machine is announcing itself as or being on a dynamic IP address.

Simon.
0
 
LVL 19

Expert Comment

by:aissim
ID: 18753051
I'm not certain, but if you go to their site and lookup your IP (http://cbl.abuseat.org/lookup.cgi) it should provide a link with some possibilities as to why it may have been listed.

Here's another good site if you want to make sure you haven't drifted onto other blacklists as well http://www.robtex.com/rbls.html
0
 

Author Comment

by:john_s99
ID: 18753187

Further to this, the x.x.x.185 is being  reported as cbl listed. Which is the router and not MS Exchange. Is it possible that a workstation is sending out spam or causing the problem of the public ip x.x.x.185 as being cbl listed. The router has nat enabled and any address within the network from x.x.x.50 to x.x.x.100 is mapped to the x.x.x.185 public ip address of the router.
0
 
LVL 19

Expert Comment

by:aissim
ID: 18753213
Very likely. I saw this just last week....a client's laptop had a worm that was sending spam - it didn't take too long for the external IP address of their firewall to get blacklisted with CBL. (the person had travelled to a branch office and got their firewall's IP blacklisted as well =)

I'd use some sort of packet sniffer on the internal network and see if any workstations are creating a lot of traffic.
0
 
LVL 104

Accepted Solution

by:
Sembee earned 250 total points
ID: 18753215
If the router has been blacklisted then that sounds like a compromised machine.
Block port 25 on the router and stop SMTP on Exchange. A compromised machine will quickly fill the logs.

Simon.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
exchane, activesync 4 21
Exchange Server 2016 Installation 2 17
exchange 2007, outlook 3 23
Exchange 2013 - Enalbe Activesyncdebuglogging not working 2 12
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question