• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 769
  • Last Modified:

ISP Blacklisted

One of our email client's ISP's assigned IP address is blacklisted. The Email client's Header include the IP address of client computer, which is blacklisted and can't send email to other domains.

Is there any way around? because He can restart router and get a different IP from ISP but as this is not the fix. He might get another blacklisted IP at another reboot.



0
GuildOfDruids
Asked:
GuildOfDruids
  • 5
  • 4
  • 3
  • +2
1 Solution
 
MariusSunchaserCommented:
Well, you should approach your client's ISP and tell him about this problem.
Ask his ISP to make a reservation in the DHCP server for your client's MAC address with a good IP.
0
 
nappy_dCommented:
When you say "the client computer IP address", is this the not routable IP or do you all of your computers have Public IPs or is this the IP of your email server?

What email server are you using?
0
 
GuildOfDruidsAuthor Commented:
I host the client emails, which is exchange server with X.X.X.X IP address. but the client' public IP address Y.Y.Y.Y which is assigned by ISP is blacklisted. so whenever he try to send email the outlook/thunderBird, attach the this blacklisted IP with the email headers, and as the Mailservers check the header and test all the header IP addresses with blacklisted so it reject the email.


Is there any way to fix it?
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
nappy_dCommented:
++++++++++++++++++++++++++++++++++++++++++++PLEASE ANSWER ALL QUESTIONS BELOW+++++++++++++++++++++++++++++++++++++++++++

OK but is the IP a public IP or a private IP that is shown. Go here:
Also,

Is the computer or user on your LAN or remote?

Have you checked their computer for bots, viruses and malware?
0
 
MariusSunchaserCommented:
Why do you want to solve a problem that it's not your own?
If the ISP assigned a blacklisted IP, they need to assign a good one. If one of your users did something to get it blacklisted, then you should check the IP, see where it is listed, go to each list and un-list it.
I don't think you want to do that and to explain why is your IP listed there if it's not the fault of your users.
Here is one of the sites where I check the IPs:
http://www.dnsbl.com/
0
 
GuildOfDruidsAuthor Commented:
nappy_d

--> My email server IP is not blacklisted, I have checked in the website you mentioned.

--> The client IP is the Public IP which is routable.

--> Spamhaus-ZEN            LISTED      Detail
Return codes were: 127.0.0.10      1800      891

--> This is the IP block which is assigned by ISP http://www.spamhaus.org/pbl/query/PBL234472


I hope it covers all the questions.



MariusSuncha&


You are right it's not my problem, but still I have to deal with it, as the client doesn't know anything about it, as they want me to fix the problem. as I'm the captain of this ship.




0
 
nappy_dCommented:
MariusSunchaser,

This is why we are in this industry.  Do you ask a doctor why he solves a problem that is not his?  no you let him do his job. EE was created so that Other who have experience with issue share and help others solve their issues.  I think if that is the attitude you will take, maybe you are in the wrong industry.


GuildOfDruids,

Highly strange doubt that the ISP assigned a blacklisted IP.  More questions below:

  • Is your client hosting their own mail server at their site?
  • Have you scanned their computers and network for viruses, bots and malware?
  • have you blocked port 25 from connecting to the internet from the LAN computers except from their mail server, if they have one?


0
 
GuildOfDruidsAuthor Commented:
--> Is your client hosting their own mail server at their site?
------¬ NO the email server is hosted by me, so the client connect from remote location using outlook[pop3].

--> Have you scanned their computers and network for viruses, bots and malware?
------¬ I don't think as they have any maleware problem, but still I will advise him to scan his PC.

--> have you blocked port 25 from connecting to the internet from the LAN computers except from their mail server, if they have one?
------¬NO SMTP port is open worldwide, and they don't have any SMTP server at their end.


How to you make the fonts  and  here in EE? (my irrelevant question)

0
 
nappy_dCommented:
Irrelevant Answer :) Look for a setting just above the comment box on the right and switch from Pain to Rich text.

  • Can you post some headers in a zipped text file? If your client is going thru your exchange box, I can't for the life of me see them being blocked...(but I could be wrong)
  • Definitely scan their computer use every scanner you can think of
  • on their firewall I would like to suggest if it is possible, only allow SMTP access to your site for mail, if you are their host
0
 
MesthaCommented:
Most IP addresses assigned to residential clients will be on a blacklist - the DUL - dial up list. As long as the user is sending email via either their ISPs SMTP server or an SMTP server under your control, the email will be delivered. ISPs do not look at the original source of the message for blacklisting, all they are concerned about is where the connection is coming from.

Is the user actually getting back an NDR that states the blacklist involved?
On the NDR it will have a server listed - that will be the server/IP address that is blacklisted.

-M
0
 
MariusSunchaserCommented:
nappy_d:

I didn't question your way of doing things, and I didn't make any comment about you or your attitude.

I do things in a professional matter and I will take the time to explain to you why GuildOfDruids should do what I suggested in my previous posts.
Like you figured it out so far, the ISP of his client assigns public IPs by DHCP. So each time his client renews his IP, it is *highly* probable that he gets a blacklisted IP.
Now, in order for him to solve this, he must clear the bad IP he gets from all the blacklists. I will quote just a small thing he must agree to in order to do that:
"By removing your IP address from the PBL database you are assuming responsibility for any Spam that may later originate from the IP address. If spam is then detected from an IP address excluded from PBL, it may be listed in SBL or XBL under the criteria of those lists."

Now, what happens next time he renews the IP? He looses the cleared IP (that might get to a spammer and he takes responsability for it) and if he gets another bad IP, he repeats all that.
What are you suggesting? Him to constantly clear and take responsability for all the ISP's class?

That's why the best thing to do is to assure that he starts with a clean IP, keep that clean IP and go from there. It's very likely that all this troubleshooting process he is doing is for nothing, and it's not even his client fault.
Anyway, he is free to take any advice he wants, and I will retire from this conversation.
Have a nice day.
0
 
GuildOfDruidsAuthor Commented:
Here are the email headers and the users sometime get NDR sometime doesn't as It depends on mail server policies.


--------------------Email Headers------------------------------------------------------------------------------------
Microsoft Mail Internet Headers Version 2.0
Received: from mail pickup service by mail.mydomain.com with Microsoft SMTPSVC;
       Thu, 12 Feb 2009 10:25:05 +0000
Thread-Topic: me@mydomain.com - Sending mail server found on dnsbl.ahbl.org - Re: test
Received: from [192.168.0.16] ([90.214.154.235]) by mail.mydomain.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 12 Feb 2009 10:25:03 +0000
Message-ID: <4993F899.4000507@sender-domain.com>
Date: Thu, 12 Feb 2009 10:23:21 +0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4133
From: Sender-Client
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: me
Subject: me@mydomain.com - Sending mail server found on dnsbl.ahbl.org - Re: test
References: <5DD5BFD98AEF5B4FBA712BC4EA8ED8469D6DFB@mx-mail.mydomain.com>
In-Reply-To: <5DD5BFD98AEF5B4FBA7S2AC4EA8ED8469D6DFB@mx-mail.mydomain.com>
Content-Type: text/plain;
      format=flowed;
      charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Return-Path:
X-OriginalArrivalTime: 12 Feb 2009 10:25:03.0682 (UTC) FILETIME=[2AF07A30:01C98CFC]
----------------------------------------------------------------------------------------------------------------------
0
 
GuildOfDruidsAuthor Commented:
Yeah you are right, I spoke to customer and told him to get a static clean IP from ISP. Which solved the problem and is the only fix.
0
 
adrimansscCommented:
E-mail Blacklist. Check your IP in multiple DNSBLs, multiple blacklist check

http://www.myiptest.com/staticpages/index.php/check-Blacklisted-IP-DNSBL
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 5
  • 4
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now