Solved

sendmail/firewall IP is black listed in CBL-XBL Spamhuas - any solution?

Posted on 2008-10-25
3
1,220 Views
Last Modified: 2013-12-18
Our Live IP is blocked by cbl.abuseat.org.
Well, I am using sendmail server as a mail server (MTA) on RHEL5. Our main firewall is sending the smtp traffic with the IP same as live IP of sendmail server. sendmail server configuration is fine according to CBL links below
http://cbl.abuseat.org/hostname.html
http://www.cpqlinux.com/hostname.html
http://cbl.abuseat.org/helocheck.html
http://cbl.abuseat.org/namingproblems.html
Here is the output of helocheck
----- The following addresses had permanent fatal errors -----
<helocheck@cbl.abuseat.org>
    (reason: 550 HELO for IP XX.XXX.XX.XXX was "MAIL.MYDOMAIN.COM")
both nslookup and reverse lookup are fine.
The MX entry is the same as MAIL.MYDOMAIN.COM in a hosting company where MAIL.MYDOMAIN.COM is regeistered as a subdomain of MYDOMAIN.COM.

We send all emails from a script that collects information from DB server and then send all emails from sendmail server (MAIL.MYDOMAIN.COM).

Well, as we are using linux machines so i cant expect that they are infected with viruses and trojans. Our company business is like that we send thousands of emails to all our clients in all over the world.
Well, I am not sure but can someone help me to understand that may be one of the following can be the cause of this?
1.  the emails we sent to customer are e.g.  [ From: abc@mydomain.com], emails are sent from mail.mydomain.com (sendmail server). Is this can be the issue? as sending email source (mail.mydomain.com/firewall) IP is different from mydomain.com. So whenever somewhere in middle of the way emails are checked then the reverse NS Lookup of mail server (mail.mydomain.com) points different IP than that is in the From address of email@mydomain.com?

2. Any relay issue?

3. We dont receive emails on sendmail server so can it be the reason that whenever any ISP receive emails from this server it cant get back to it?

I am trying to fix this issue from last three four days. Can someone help me to sort out this issue?


0
Comment
Question by:samengr
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
nabeelmoidu earned 500 total points
ID: 22806270
It needn't be your email server. Do you have outbound port 25 allowed from any of your non-sendmail machines ? Any virus in any one of them could be the reason your ip is blacklisted. if its teh first time, you can ask them to manually remove it.but ensure you take steps to first isolate the spammer in your network.

0
 

Author Comment

by:samengr
ID: 22806682
Thanks for reply. No other machine is allowed to send smtp traffic from firewall. The thing that is confusing me that can it be the sender domain (mail.mydomain.com) is different from the "From" address of email (abc@mydomain.com) because both parent and subdomain have the different IPs? If the other MTA verifies it with the reverse NSLookup then they will find it from different source and that means the sender MTA is defferent from the mail From address. so they can mark as spam and again IP will be black listed.
Well, I changed the outgoing firewall IP, changed the servers configuration, moved the sendmail to another linux machine but still after 4-5 hours IP is in the spamhaus  black list.

0
 

Author Comment

by:samengr
ID: 22806789
I am also getting some bounce back emails that you are not allowed to send emails to some specific domains, and your emails can not reach to the particular users/domains. most of them are yahoo, tiscali, and hotmail addresses.

0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New-MailboxSearch Powershell Command and step by step approach to Search and Extract Emails form Exchange 2013 Journaling server.
Easy CSR creation in Exchange 2007,2010 and 2013
Familiarize people with the process of utilizing SQL Server views from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Access…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question