• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 755
  • Last Modified:

IP Range Blacklisted

We recently moved our email system from Gaggle to Exchange in house. After the migration was made, our IP address range was blacklisted. Why could this happen?
0
Allanore
Asked:
Allanore
  • 6
  • 4
  • 2
  • +2
1 Solution
 
GeodashCommented:
did you update your records to reflect the new Exchange server?
0
 
John HurstBusiness Consultant (Owner)Commented:
Somehow, bad activity (spam or malware) apparently has come from your range. You need to talk to your ISP quickly and see if they can remove the blacklist or assign you a new range.
0
 
Alan HardistyCommented:
Were the IP Addresses new to you or have they been in use by you for a long time?

What Blacklist sites are they listed on and what are the reasons for the listings?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
GeodashCommented:
I wouldn't change the IPs until you fix the issue or the new IPs may become blocked too if the same thing is happening!
0
 
John HurstBusiness Consultant (Owner)Commented:
That is true if Allanore' company is the problem (still to be determined). But my ISP handed me a home IP from a blacklisted range (new range my ISP had purchased) and the ISP had to correct. So it was the next option I saw.  .... Thinkpads_User
0
 
isaman07Commented:
I assume you already modifies your public DNS records to reflect the new IP Addresses and MX records are in place. Next you will need to create a spf record (txt), and finalt call your ISP to create PTR records for your exchange outgoing public IP. These are the things that RBL service providers will check first to determine if you go on the blacklist or not. If you get these in place, you will reduce chances to get blacklisted.
Now that you are already blacklisted, first do the things mentioned above, then call/contact the RBL providers to remove you from their lists.
0
 
Alan HardistyCommented:
TP_User - that's why I asked if the IP's were new or not.  Up until my question, no-one had asked, which is somewhat crucial to the outcome of the problem IMHO.
0
 
Alan HardistyCommented:
@isaman07 - We need to establish some information before we can rush in with a solution that probably isn't going to help much.  It's time to ask question not post solutions at this point in time.
0
 
GeodashCommented:
Everyone troubleshoots different. I think isaman07 has some good points - and are completely valid. The records are important and a valid troubleshooting step. Have you checked all of your records Allanore?
0
 
Alan HardistyCommented:
The points are valid - but based on the information we have at the moment, a wild stab in the dark. They may be correct, but there is no current evidence to back up this as a solution (at present).
0
 
GeodashCommented:
nevermind, good luck troubleshooting
0
 
Alan HardistyCommented:
That isn't true at all.

Knock yourselves out - I will sit back and see what you can do with the question.  I have others that I am working on.
0
 
Khandakar Ashfaqur RahmanExpert/ConsultantCommented:
Are you using that IP range ? If your ISP has delegated that /24 range to you then you need to ensure that your network is virus/spam free.Better you block 25 port into your gateway except your email server.

Or if you are using only a subnetted range then you need to inform your ISP.Few sites like http://www.uceprotect.net/ will blacklist total IP block if detects spam from that IP block.However, there are Level 1,2,3. If you ensure that no spaming from your IP block (/24) it'll remove from blacklisting automatically.Removal period depends on level.
0
 
Alan HardistyCommented:
@isaman07 - Drop me an email please - I am not going to respond to your comment on EE.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 6
  • 4
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now