Solved

Spam blacklist problem - Bogon IP - can anyone explain this?

Posted on 2008-10-12
8
1,064 Views
Last Modified: 2013-12-09
Our mailserver has been listed by the spam blacklist "no-more-funn" and I just can't understand why.  I have tried contacting them, but haven't had any response.

The link to lookup their database: http://moensted.dk/spam/no-more-funn/?addr=94.136.34.204

This provides the following information:

94.136.34.204 was found in NOMOREFUNN!
no-more-funn.moensted.dk -> 127.0.0.9
IP not supposed to be routed. See http://www.cymru.com/Documents/bogon-list.html Bogon List v2.0 08 APR 2003 Rob Thomas bogon list 2.0 1055973600 (Thu Jun 19 00:00:00 2003)
This IP is not supposed to be not supposed to be routed, and is probaly not your public ip. It can't be removed!
Your public ip may be: 94.136.34.204

If I look at http://www.cymru.com/Documents/bogon-list.html my IP isn't included in any of the lists.  This is my valid IP address.

Can anyone shed any more light on this problem?  Perhaps I have got something set up incorrectly on the server?
0
Comment
Question by:Orroland
8 Comments
 
LVL 31

Expert Comment

by:rid
ID: 22696917
Where did the 127.0.0.9 IP come from? That is likely to be a non-routable address and should never be mentioned outside. Your 94... IP seems "normal". Perhaps you need to check your mail server's HELO phrase, making sure it presents itself correctly (a correct FQDN that corresponds to a RDNS lookup).
/RID
0
 
LVL 31

Expert Comment

by:moorhouselondon
ID: 22698675
rid has, as usual, hit the nail on the head.  

Here's a bit of extra info about Bogon's

http://en.wikipedia.org/wiki/Bogon_filtering
0
 

Author Comment

by:Orroland
ID: 22700776
OK, I have modified the HELO and the reverse DNS of this server so that they all match.

No More Funn is still reporting the same error even though they have picked up the new DNS settings.

Is there anything else that might be causing this?
0
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 22701418
127.0.0.9 is just a response code from the lookup of the RBL.

The problem is that the no-more-full blacklist is using a bogon database from 2003 so it is way out of date. IP addresses get allocated quite frequently and with the number of hosts on the internet forever increasing some of the unallocated IP address ranges from 2003 will certenly have been allocated by now.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:Orroland
ID: 22701443
Is it just me or do most of these Blacklists seem to be unhelpful, uncommunicative and out of date?
0
 

Author Comment

by:Orroland
ID: 22701453
For example, another of my IPs - which I don't even use to send email has been blocked here: http://www.five-ten-sg.com/blackhole.php?ip=88.208.248.160&Search=Search

There don't appear to be any way to contact five-ten-sg.com to get it removed.
0
 
LVL 36

Expert Comment

by:grblades
ID: 22701474
Most of them are quite good. Personally I just use spamhaus and spamcop as combined they catch most spam.
As for your IP address have a look at http://www.cymru.com/Documents/bogon-list.html and you see it was removed from the bogon database in July last year.

I looked up your IP address on the RBL tools page of dnsstuff.com and it did not find your IP in any other blacklists.
I will send them a mail suggesting they remove no-more-full from the list as its so out of date. Hopefully they will kick the owner and get them to fix it.
0
 

Author Comment

by:Orroland
ID: 22701491
Many thanks for your help on this.  Much appreciated.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft has released various new features which are capable of handling various tasks. One of these tasks is ‘Migration from pop3 to Exchange Server’. Pop3 data stores various data along mailboxes like contacts, tasks, etc. So, it becomes the need…
Nearly six years ago I was hired by a company to be their senior server engineer. One of my first projects was to implement Exchange Server 2007 on a Windows Server 2008 Single Copy Cluster for high availability. That was the easy part; read on to l…
Familiarize people with the process of utilizing SQL Server stored procedures from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Micr…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now