Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

AHBL Blocklist error

Posted on 2015-01-23
12
Medium Priority
?
185 Views
Last Modified: 2015-02-13
I just started having email send issues.  I went to Exchange Remote Connectivity Analyzer and ran tests on SMTP on my exchange server IP.  It returned the following error which, upon further research, indicates that some sort of change was made effective Jan. 1 2015?

Test Steps
       
      Attempting reverse DNS lookup for IP address 76.79.248.169.
       The Microsoft Connectivity Analyzer successfully resolved IP address 76.79.248.169 via reverse DNS lookup.
       
      Additional Details
      Performing Real-Time Black Hole List (RBL) Test
       The RBL test failed. Your IP address was found on one or more block lists.
       
      Additional Details
       
      Test Steps
       
      Checking Block List "SpamHaus Block List (SBL)"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "SpamHaus Exploits Block List (XBL)"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "SpamHaus Policy Block List (PBL)"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "SpamCop Block List"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "NJABL.ORG Block List"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "SORBS Block List"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "MSRBL Combined Block List"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "UCEPROTECT Level 1 Block List"
       The address isn't on the block list.
       
      Additional Details
      Checking Block List "AHBL Block List"
       The IP address was found on block list.
       
      Additional Details


***Need some help on what/how to get removed as when I go to their website it says you can no longer be removed?

Thx,
0
Comment
Question by:creativenetworks
  • 7
  • 3
  • 2
12 Comments
 
LVL 99

Expert Comment

by:John Hurst
ID: 40567314
You need to find out what machines you have that are sending out spam. These exist or you would not be on a blacklist. Once found and removed, contact AHBL support, state your case with proof and ask to be removed.
0
 

Author Comment

by:creativenetworks
ID: 40567317
It's my internal mail server.  When I go to the website of the blocking entity, it says they made changes on Jan. 1 2015 and they can no longer "unblock" any Black Lists I'm on.  First time I've ever seen this.  I'm going here:  http://www.ahbl.org/ then enter the main site, then I go to the dropdown of Lookup/Removal and there's a hyperlink basically saying there's nothing that can be done anymore.  Pretty stumped by it all.
0
 
LVL 99

Expert Comment

by:John Hurst
ID: 40567325
They must have a support page you can contact for assistance.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:creativenetworks
ID: 40567326
It further states:

As promised in April, on Jan 1st, 2015, i'll be wildcarding all zones no longer in operation - this includes rhsbl.ahbl.org, dnsbl.ahbl.org, and ircbl.ahbl.org.  This means that these services will return positive responses for any queries.

If you are still using these services, this may cause you to incorrectly tag e-mail as spam, or create other unintended consequences.  Fix and maintain your servers, now.  Do not contact us about 'removing' your domain or IP address from our lists, as there is nothing we can do for you.
0
 

Author Comment

by:creativenetworks
ID: 40567330
What's funny is that it appears I have two customers who are rejecting my emails, however I'm not getting any NDR's.  And one that is rejecting is msn.

Oh and no support page that I can see.
0
 

Author Comment

by:creativenetworks
ID: 40567356
I've searched their site hi and low and there is no solution for getting removed.  Dangdest thing I've ever seen.
0
 
LVL 99

Assisted Solution

by:John Hurst
John Hurst earned 750 total points
ID: 40567529
This page:  http://www.ahbl.org/node

says they are going away, so you may just have to wait until they clear their records. I am not sure what else.
0
 

Author Comment

by:creativenetworks
ID: 40567534
From my research, it seems like effective Jan. 1st 2015, they are gone.  So that means that any Mail Servers that are using them are going to get False Positives.  NOT good!  I'm having a customer call their ISP and ask them to make SURE they are not using that specific blacklist and if they are, to please remove it, then I will retest.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40567754
Look at creating a custom Send Connector on your Exchange server which will send emails to the problematic domain(s) through your iSP's smart host to get around this problem.
0
 

Author Comment

by:creativenetworks
ID: 40567811
Can you clarify what a 'Smart Host' is?  I'm not familiar with this term or idea.

Thanks!
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 750 total points
ID: 40567814
See this link for an explanation of what a smart host is: https://technet.microsoft.com/en-us/library/cc626187%28v=ws.10%29.aspx

As the email is getting sent from your ISP's smart host, the receiving end won't see that the email is coming from your server and most likely allow it through.

The problem with smart hosts is that if they get put on a blacklist themselves, you can't do much but wait until the ISP gets themselves delisted or you could alternatively remove the smart host so that emails get sent directly from your server again.

Please advise what version of Exchange you are using if you need help setting up a smart host.
0
 

Author Closing Comment

by:creativenetworks
ID: 40609233
From what I could find, there is/was a blacklisting company that has closed it's doors.  It appears they had somewhat of an attitude as well (probably a 9 year old that didn't get that one extra Oreo).  In any event, when they closed shop, anything that was checked by their blacklist site was denied.  So if you purchased their blacklists, and didn't make any changes, it would check any and all emails coming in.  Because the response was 'not available' it failed.  Think of it like this.  abc.com sends an email to def.com.  def.com has been using the blacklists from this company.  def.com's email server sends a request asking if abc.com is listed as a blacklisted site.  The response is 'nothing'.  Assume that def.com's mail server assumes that if a request is not answered by the blacklisting company (in other words, def.com is asking for an approval of abc.com's email) and the approval does not come, def.com's mail server assumes it is blacklisted and kicks the email back.  And from what I can tell, there are MANY that used this companies blacklist site too.  Some....big phone and web companies.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question