Solved

IP Range Blacklisted

Posted on 2012-04-10
15
722 Views
Last Modified: 2012-04-30
We recently moved our email system from Gaggle to Exchange in house. After the migration was made, our IP address range was blacklisted. Why could this happen?
0
Comment
Question by:Allanore
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 2
  • +2
15 Comments
 
LVL 9

Accepted Solution

by:
Geodash earned 500 total points
ID: 37830058
did you update your records to reflect the new Exchange server?
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 37830084
Somehow, bad activity (spam or malware) apparently has come from your range. You need to talk to your ISP quickly and see if they can remove the blacklist or assign you a new range.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830175
Were the IP Addresses new to you or have they been in use by you for a long time?

What Blacklist sites are they listed on and what are the reasons for the listings?
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 
LVL 9

Expert Comment

by:Geodash
ID: 37830181
I wouldn't change the IPs until you fix the issue or the new IPs may become blocked too if the same thing is happening!
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 37830201
That is true if Allanore' company is the problem (still to be determined). But my ISP handed me a home IP from a blacklisted range (new range my ISP had purchased) and the ISP had to correct. So it was the next option I saw.  .... Thinkpads_User
0
 
LVL 14

Expert Comment

by:isaman07
ID: 37830224
I assume you already modifies your public DNS records to reflect the new IP Addresses and MX records are in place. Next you will need to create a spf record (txt), and finalt call your ISP to create PTR records for your exchange outgoing public IP. These are the things that RBL service providers will check first to determine if you go on the blacklist or not. If you get these in place, you will reduce chances to get blacklisted.
Now that you are already blacklisted, first do the things mentioned above, then call/contact the RBL providers to remove you from their lists.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830225
TP_User - that's why I asked if the IP's were new or not.  Up until my question, no-one had asked, which is somewhat crucial to the outcome of the problem IMHO.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830244
@isaman07 - We need to establish some information before we can rush in with a solution that probably isn't going to help much.  It's time to ask question not post solutions at this point in time.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37830259
Everyone troubleshoots different. I think isaman07 has some good points - and are completely valid. The records are important and a valid troubleshooting step. Have you checked all of your records Allanore?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830261
The points are valid - but based on the information we have at the moment, a wild stab in the dark. They may be correct, but there is no current evidence to back up this as a solution (at present).
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37830275
nevermind, good luck troubleshooting
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830277
That isn't true at all.

Knock yourselves out - I will sit back and see what you can do with the question.  I have others that I am working on.
0
 
LVL 11

Expert Comment

by:Khandakar Ashfaqur Rahman
ID: 37830279
Are you using that IP range ? If your ISP has delegated that /24 range to you then you need to ensure that your network is virus/spam free.Better you block 25 port into your gateway except your email server.

Or if you are using only a subnetted range then you need to inform your ISP.Few sites like http://www.uceprotect.net/ will blacklist total IP block if detects spam from that IP block.However, there are Level 1,2,3. If you ensure that no spaming from your IP block (/24) it'll remove from blacklisting automatically.Removal period depends on level.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 37830336
@isaman07 - Drop me an email please - I am not going to respond to your comment on EE.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question