Solved

Spam blacklist problem - Bogon IP - can anyone explain this?

Posted on 2008-10-12
8
1,057 Views
Last Modified: 2013-12-09
Our mailserver has been listed by the spam blacklist "no-more-funn" and I just can't understand why.  I have tried contacting them, but haven't had any response.

The link to lookup their database: http://moensted.dk/spam/no-more-funn/?addr=94.136.34.204

This provides the following information:

94.136.34.204 was found in NOMOREFUNN!
no-more-funn.moensted.dk -> 127.0.0.9
IP not supposed to be routed. See http://www.cymru.com/Documents/bogon-list.html Bogon List v2.0 08 APR 2003 Rob Thomas bogon list 2.0 1055973600 (Thu Jun 19 00:00:00 2003)
This IP is not supposed to be not supposed to be routed, and is probaly not your public ip. It can't be removed!
Your public ip may be: 94.136.34.204

If I look at http://www.cymru.com/Documents/bogon-list.html my IP isn't included in any of the lists.  This is my valid IP address.

Can anyone shed any more light on this problem?  Perhaps I have got something set up incorrectly on the server?
0
Comment
Question by:Orroland
8 Comments
 
LVL 31

Expert Comment

by:rid
Comment Utility
Where did the 127.0.0.9 IP come from? That is likely to be a non-routable address and should never be mentioned outside. Your 94... IP seems "normal". Perhaps you need to check your mail server's HELO phrase, making sure it presents itself correctly (a correct FQDN that corresponds to a RDNS lookup).
/RID
0
 
LVL 31

Expert Comment

by:moorhouselondon
Comment Utility
rid has, as usual, hit the nail on the head.  

Here's a bit of extra info about Bogon's

http://en.wikipedia.org/wiki/Bogon_filtering
0
 

Author Comment

by:Orroland
Comment Utility
OK, I have modified the HELO and the reverse DNS of this server so that they all match.

No More Funn is still reporting the same error even though they have picked up the new DNS settings.

Is there anything else that might be causing this?
0
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
Comment Utility
127.0.0.9 is just a response code from the lookup of the RBL.

The problem is that the no-more-full blacklist is using a bogon database from 2003 so it is way out of date. IP addresses get allocated quite frequently and with the number of hosts on the internet forever increasing some of the unallocated IP address ranges from 2003 will certenly have been allocated by now.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:Orroland
Comment Utility
Is it just me or do most of these Blacklists seem to be unhelpful, uncommunicative and out of date?
0
 

Author Comment

by:Orroland
Comment Utility
For example, another of my IPs - which I don't even use to send email has been blocked here: http://www.five-ten-sg.com/blackhole.php?ip=88.208.248.160&Search=Search

There don't appear to be any way to contact five-ten-sg.com to get it removed.
0
 
LVL 36

Expert Comment

by:grblades
Comment Utility
Most of them are quite good. Personally I just use spamhaus and spamcop as combined they catch most spam.
As for your IP address have a look at http://www.cymru.com/Documents/bogon-list.html and you see it was removed from the bogon database in July last year.

I looked up your IP address on the RBL tools page of dnsstuff.com and it did not find your IP in any other blacklists.
I will send them a mail suggesting they remove no-more-full from the list as its so out of date. Hopefully they will kick the owner and get them to fix it.
0
 

Author Comment

by:Orroland
Comment Utility
Many thanks for your help on this.  Much appreciated.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Microsoft Outlook is not just an email client but it is full featured Personal Information Manager. But sometimes Outlook gets disconnected and you simply can’t access it. What steps can you perform before calling IT support? In this article we will…
Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now