Who is sending blacklisting of my IP to Spamhaus

I have a public IP for sending e-mail for our corporate LAN. We have two firewalls behind the router.
We also have two mail servers. Exchange server relays outgoing e-mails to an Endian proxy that in turn relays e-mails to the internet. In coming e-mails are received by the Endian proxy before being send to the Exchange server.
On the LAN all outgoing traffic is NATed to the gateway. We have also allowed SMTP traffic to only go via the Endian from the Exchange IP, all other smtp from any IP iexcept the Echange server is diallowed to relay through the Endian.  Problem is that zen.smaphaus keeps blacklisting our IP. We have checked all machines for virues and worms and are convinced they are clean.
Mbuso NdlovuIT ExecutiveAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
check that you're not an open relay  http://www.mxtoolbox.com
write a mail to spamhaus they will explain very clearly as how your IP is being listed there and what all you can do to remove it and what all can be done as a preventive action so it won't list..

1. First lookup the IP at SPAMHAUS site.
2. Open the listing and there must be an e-mail id to communicate with them.

Mbuso NdlovuIT ExecutiveAuthor Commented:
Test      Result      
      SMTP TLS      Warning - Does not support TLS.       
      SMTP Transaction Time      6.458 seconds - Warning on Transaction Time       
      SMTP Banner Check      OK - x.x.x.x.x resolves to xxxxxxxxxxxx
      SMTP Reverse DNS Mismatch      OK - Reverse DNS matches SMTP Banner      
      SMTP Connection Time      1.451 seconds - Good on Connection time      
      SMTP Open Relay      OK - Not an open relay.      
Session Transcript:
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

That's perfect.. sometimes it is whole subnet which is listed in Spamhaus.. not only your IP.. and generally ISP distributes IP's from single subnet to multiple customers/users hence it might possible due to someone else your IP has been dragged into blacklist..

Check that out..

i had a situation where my public IP address was being blacklisted by spamhaus. This was because it was a Public IP, and another person was creating the spam.  I resolved it by using a company which allows me to use smtp to send email. I had to make sure I had a valid reverse DNS record and am a legitimate business.
Mbuso NdlovuIT ExecutiveAuthor Commented:
It turned out that some spammers were targeting our IP using spoofed domains. Once the e-mail got rejected by our server the NDR then went to the spoofed domain, thereby creating an impression of us sending out spam.
We then further tightened our anti-spam settings by blacklisting Dynamic DSL IPs. This has seen spam being rejected before entering our MTA. Thanks all for the contributions.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mbuso NdlovuIT ExecutiveAuthor Commented:
Am using Endian Firewall as mail proxy. I then turned on the Dynamic DSL blocking feature.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.