Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

sendmail/firewall IP is black listed in CBL-XBL Spamhuas - any solution?

Posted on 2008-10-25
3
Medium Priority
?
1,242 Views
Last Modified: 2013-12-18
Our Live IP is blocked by cbl.abuseat.org.
Well, I am using sendmail server as a mail server (MTA) on RHEL5. Our main firewall is sending the smtp traffic with the IP same as live IP of sendmail server. sendmail server configuration is fine according to CBL links below
http://cbl.abuseat.org/hostname.html
http://www.cpqlinux.com/hostname.html
http://cbl.abuseat.org/helocheck.html
http://cbl.abuseat.org/namingproblems.html
Here is the output of helocheck
----- The following addresses had permanent fatal errors -----
<helocheck@cbl.abuseat.org>
    (reason: 550 HELO for IP XX.XXX.XX.XXX was "MAIL.MYDOMAIN.COM")
both nslookup and reverse lookup are fine.
The MX entry is the same as MAIL.MYDOMAIN.COM in a hosting company where MAIL.MYDOMAIN.COM is regeistered as a subdomain of MYDOMAIN.COM.

We send all emails from a script that collects information from DB server and then send all emails from sendmail server (MAIL.MYDOMAIN.COM).

Well, as we are using linux machines so i cant expect that they are infected with viruses and trojans. Our company business is like that we send thousands of emails to all our clients in all over the world.
Well, I am not sure but can someone help me to understand that may be one of the following can be the cause of this?
1.  the emails we sent to customer are e.g.  [ From: abc@mydomain.com], emails are sent from mail.mydomain.com (sendmail server). Is this can be the issue? as sending email source (mail.mydomain.com/firewall) IP is different from mydomain.com. So whenever somewhere in middle of the way emails are checked then the reverse NS Lookup of mail server (mail.mydomain.com) points different IP than that is in the From address of email@mydomain.com?

2. Any relay issue?

3. We dont receive emails on sendmail server so can it be the reason that whenever any ISP receive emails from this server it cant get back to it?

I am trying to fix this issue from last three four days. Can someone help me to sort out this issue?


0
Comment
Question by:samengr
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
nabeelmoidu earned 1500 total points
ID: 22806270
It needn't be your email server. Do you have outbound port 25 allowed from any of your non-sendmail machines ? Any virus in any one of them could be the reason your ip is blacklisted. if its teh first time, you can ask them to manually remove it.but ensure you take steps to first isolate the spammer in your network.

0
 

Author Comment

by:samengr
ID: 22806682
Thanks for reply. No other machine is allowed to send smtp traffic from firewall. The thing that is confusing me that can it be the sender domain (mail.mydomain.com) is different from the "From" address of email (abc@mydomain.com) because both parent and subdomain have the different IPs? If the other MTA verifies it with the reverse NSLookup then they will find it from different source and that means the sender MTA is defferent from the mail From address. so they can mark as spam and again IP will be black listed.
Well, I changed the outgoing firewall IP, changed the servers configuration, moved the sendmail to another linux machine but still after 4-5 hours IP is in the spamhaus  black list.

0
 

Author Comment

by:samengr
ID: 22806789
I am also getting some bounce back emails that you are not allowed to send emails to some specific domains, and your emails can not reach to the particular users/domains. most of them are yahoo, tiscali, and hotmail addresses.

0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
Why do some people recommend buying business VoIP from an ISP? What are the benefits to my company? What are the costs?
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question