Solved

DNS A Record Blacklist

Posted on 2013-06-21
6
1,169 Views
Last Modified: 2013-07-03
Recently I have been trying to trouble shoot certain emails from bouncing back.  When I looked up a black list check I had these hits.  I have checked the email server for any suspicious activities.  I do not completely understand the Host record being blacklisted.  We do not host the Web server.  


Warning! 11 items associated with cafv.org are listed in 7 DNS blacklists.

LISTED

16ms

ATLBL ABL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214

LISTED

18ms

ATLBL HBL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214

LISTED

16ms

ATLBL RBL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214

LISTED

135ms

BBQ

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

LISTED

20ms

DRBL vote node gremlin.ru

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

LISTED

16ms

DRBL work node gremlin.ru

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

LISTED

16ms

MW-Internet RBL

DNS A Record cafv.org. resolves to a blacklisted IP 174.120.141.124

DNS MX Record (Mail Server) mail.cafv.org. resolves to a blacklisted IP 71.40.16.214
0
Comment
Question by:Mandoelp
  • 3
  • 2
6 Comments
 
LVL 14

Accepted Solution

by:
Kaffiend earned 250 total points
ID: 39267403
Well, one possibility is that the web server is hosted on a "shared" server (which has multiple websites on it).  If that is the case, it could be that one of the other websites (which has the same IP address as your organization's website) on that server is a spam source.

(See the attached pic)




(Actually, what should worry you more, is why your mail server is on a blacklist.  The Host record of the website is not as critical to reliable email delivery as your mail server is)
174-120-141-124.JPG
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 39267948
I agree with Kaffiend.  If this is a shared server, somebody else using this could be spamming.  

I would talk to the hosting company about it.

If this is not a shared server, do you control the SMTP server config?  If so I would check to see if it is an open relay.
0
 

Author Comment

by:Mandoelp
ID: 39275112
I've been monitoring the Exchange queues and put a network sniffer and used my watch guard monitor utilities to monitor port 25 to see if I had an open relay or a rouge computer spamming from within the network. I haven't seen any unwanted traffic other normal business.  The Website host does host multiple sights.  I've been talking with our web design firm that i believe is is coming from the host provider they use.  Those hits that only list the website are the ones that make me think its the website causing this.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 

Author Comment

by:Mandoelp
ID: 39275478
As a Temporary fix I set up a SMTP Relay on a Remote server through my VPN.  And Added a SMTP Connector in Exchange
0
 
LVL 14

Expert Comment

by:Kaffiend
ID: 39276235
Some of these block lists have a form you can submit.  Basically, you promise that you have taken steps to secure your environment (like having installed AV, firewall, block outgoing port 25 for all but your mail server, no open relay, etc etc) and they will take your server IP off their block list.  It's worth a shot.  

And securing your environment is something you should do, anyway.
0
 

Author Comment

by:Mandoelp
ID: 39279555
Kaffiend,   As per your screenshot I contacted "the planet"  who hosts our webpage and have placed a service ticket with them.  As submitting a form to get removed from the blacklist.  These servers surprisingly don't have that feature.  They go back to dead links.  Needless to say its been very frustrating.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Find out what you should include to make the best professional email signature for your organization.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question