?
Solved

sendmail/firewall IP is black listed in CBL-XBL Spamhuas - any solution?

Posted on 2008-10-25
3
Medium Priority
?
1,229 Views
Last Modified: 2013-12-18
Our Live IP is blocked by cbl.abuseat.org.
Well, I am using sendmail server as a mail server (MTA) on RHEL5. Our main firewall is sending the smtp traffic with the IP same as live IP of sendmail server. sendmail server configuration is fine according to CBL links below
http://cbl.abuseat.org/hostname.html
http://www.cpqlinux.com/hostname.html
http://cbl.abuseat.org/helocheck.html
http://cbl.abuseat.org/namingproblems.html
Here is the output of helocheck
----- The following addresses had permanent fatal errors -----
<helocheck@cbl.abuseat.org>
    (reason: 550 HELO for IP XX.XXX.XX.XXX was "MAIL.MYDOMAIN.COM")
both nslookup and reverse lookup are fine.
The MX entry is the same as MAIL.MYDOMAIN.COM in a hosting company where MAIL.MYDOMAIN.COM is regeistered as a subdomain of MYDOMAIN.COM.

We send all emails from a script that collects information from DB server and then send all emails from sendmail server (MAIL.MYDOMAIN.COM).

Well, as we are using linux machines so i cant expect that they are infected with viruses and trojans. Our company business is like that we send thousands of emails to all our clients in all over the world.
Well, I am not sure but can someone help me to understand that may be one of the following can be the cause of this?
1.  the emails we sent to customer are e.g.  [ From: abc@mydomain.com], emails are sent from mail.mydomain.com (sendmail server). Is this can be the issue? as sending email source (mail.mydomain.com/firewall) IP is different from mydomain.com. So whenever somewhere in middle of the way emails are checked then the reverse NS Lookup of mail server (mail.mydomain.com) points different IP than that is in the From address of email@mydomain.com?

2. Any relay issue?

3. We dont receive emails on sendmail server so can it be the reason that whenever any ISP receive emails from this server it cant get back to it?

I am trying to fix this issue from last three four days. Can someone help me to sort out this issue?


0
Comment
Question by:samengr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
nabeelmoidu earned 1500 total points
ID: 22806270
It needn't be your email server. Do you have outbound port 25 allowed from any of your non-sendmail machines ? Any virus in any one of them could be the reason your ip is blacklisted. if its teh first time, you can ask them to manually remove it.but ensure you take steps to first isolate the spammer in your network.

0
 

Author Comment

by:samengr
ID: 22806682
Thanks for reply. No other machine is allowed to send smtp traffic from firewall. The thing that is confusing me that can it be the sender domain (mail.mydomain.com) is different from the "From" address of email (abc@mydomain.com) because both parent and subdomain have the different IPs? If the other MTA verifies it with the reverse NSLookup then they will find it from different source and that means the sender MTA is defferent from the mail From address. so they can mark as spam and again IP will be black listed.
Well, I changed the outgoing firewall IP, changed the servers configuration, moved the sendmail to another linux machine but still after 4-5 hours IP is in the spamhaus  black list.

0
 

Author Comment

by:samengr
ID: 22806789
I am also getting some bounce back emails that you are not allowed to send emails to some specific domains, and your emails can not reach to the particular users/domains. most of them are yahoo, tiscali, and hotmail addresses.

0

Featured Post

Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question