Spam blacklist problem - Bogon IP - can anyone explain this?

Our mailserver has been listed by the spam blacklist "no-more-funn" and I just can't understand why.  I have tried contacting them, but haven't had any response.

The link to lookup their database: http://moensted.dk/spam/no-more-funn/?addr=94.136.34.204

This provides the following information:

94.136.34.204 was found in NOMOREFUNN!
no-more-funn.moensted.dk -> 127.0.0.9
IP not supposed to be routed. See http://www.cymru.com/Documents/bogon-list.html Bogon List v2.0 08 APR 2003 Rob Thomas bogon list 2.0 1055973600 (Thu Jun 19 00:00:00 2003)
This IP is not supposed to be not supposed to be routed, and is probaly not your public ip. It can't be removed!
Your public ip may be: 94.136.34.204

If I look at http://www.cymru.com/Documents/bogon-list.html my IP isn't included in any of the lists.  This is my valid IP address.

Can anyone shed any more light on this problem?  Perhaps I have got something set up incorrectly on the server?
OrrolandAsked:
Who is Participating?
 
grbladesCommented:
127.0.0.9 is just a response code from the lookup of the RBL.

The problem is that the no-more-full blacklist is using a bogon database from 2003 so it is way out of date. IP addresses get allocated quite frequently and with the number of hosts on the internet forever increasing some of the unallocated IP address ranges from 2003 will certenly have been allocated by now.
0
 
ridCommented:
Where did the 127.0.0.9 IP come from? That is likely to be a non-routable address and should never be mentioned outside. Your 94... IP seems "normal". Perhaps you need to check your mail server's HELO phrase, making sure it presents itself correctly (a correct FQDN that corresponds to a RDNS lookup).
/RID
0
 
moorhouselondonCommented:
rid has, as usual, hit the nail on the head.  

Here's a bit of extra info about Bogon's

http://en.wikipedia.org/wiki/Bogon_filtering
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Register Today!
 
OrrolandAuthor Commented:
OK, I have modified the HELO and the reverse DNS of this server so that they all match.

No More Funn is still reporting the same error even though they have picked up the new DNS settings.

Is there anything else that might be causing this?
0
 
OrrolandAuthor Commented:
Is it just me or do most of these Blacklists seem to be unhelpful, uncommunicative and out of date?
0
 
OrrolandAuthor Commented:
For example, another of my IPs - which I don't even use to send email has been blocked here: http://www.five-ten-sg.com/blackhole.php?ip=88.208.248.160&Search=Search

There don't appear to be any way to contact five-ten-sg.com to get it removed.
0
 
grbladesCommented:
Most of them are quite good. Personally I just use spamhaus and spamcop as combined they catch most spam.
As for your IP address have a look at http://www.cymru.com/Documents/bogon-list.html and you see it was removed from the bogon database in July last year.

I looked up your IP address on the RBL tools page of dnsstuff.com and it did not find your IP in any other blacklists.
I will send them a mail suggesting they remove no-more-full from the list as its so out of date. Hopefully they will kick the owner and get them to fix it.
0
 
OrrolandAuthor Commented:
Many thanks for your help on this.  Much appreciated.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.

Advertise Here