DNS A Record Blacklist

Recently I have been trying to trouble shoot certain emails from bouncing back.  When I looked up a black list check I had these hits.  I have checked the email server for any suspicious activities.  I do not completely understand the Host record being blacklisted.  We do not host the Web server.  


Warning! 11 items associated with cafv.org are listed in 7 DNS blacklists.

LISTED

16ms

ATLBL ABL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214

LISTED

18ms

ATLBL HBL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214

LISTED

16ms

ATLBL RBL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214

LISTED

135ms

BBQ

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

LISTED

20ms

DRBL vote node gremlin.ru

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

LISTED

16ms

DRBL work node gremlin.ru

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

LISTED

16ms

MW-Internet RBL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214
MandoelpAsked:
Who is Participating?
 
KaffiendConnect With a Mentor Commented:
Well, one possibility is that the web server is hosted on a "shared" server (which has multiple websites on it).  If that is the case, it could be that one of the other websites (which has the same IP address as your organization's website) on that server is a spam source.

(See the attached pic)




(Actually, what should worry you more, is why your mail server is on a blacklist.  The Host record of the website is not as critical to reliable email delivery as your mail server is)
174-120-141-124.JPG
0
 
giltjrConnect With a Mentor Commented:
I agree with Kaffiend.  If this is a shared server, somebody else using this could be spamming.  

I would talk to the hosting company about it.

If this is not a shared server, do you control the SMTP server config?  If so I would check to see if it is an open relay.
0
 
MandoelpAuthor Commented:
I've been monitoring the Exchange queues and put a network sniffer and used my watch guard monitor utilities to monitor port 25 to see if I had an open relay or a rouge computer spamming from within the network. I haven't seen any unwanted traffic other normal business.  The Website host does host multiple sights.  I've been talking with our web design firm that i believe is is coming from the host provider they use.  Those hits that only list the website are the ones that make me think its the website causing this.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
MandoelpAuthor Commented:
As a Temporary fix I set up a SMTP Relay on a Remote server through my VPN.  And Added a SMTP Connector in Exchange
0
 
KaffiendCommented:
Some of these block lists have a form you can submit.  Basically, you promise that you have taken steps to secure your environment (like having installed AV, firewall, block outgoing port 25 for all but your mail server, no open relay, etc etc) and they will take your server IP off their block list.  It's worth a shot.  

And securing your environment is something you should do, anyway.
0
 
MandoelpAuthor Commented:
Kaffiend,   As per your screenshot I contacted "the planet"  who hosts our webpage and have placed a service ticket with them.  As submitting a form to get removed from the blacklist.  These servers surprisingly don't have that feature.  They go back to dead links.  Needless to say its been very frustrating.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.