[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1154
  • Last Modified:

Remove IP address from blacklist BARRACUDA,Spamhaus ZEN

Hi,

One of our client's IP address has been added to blacklist at Barracuda and Spamhaus ZEN. How can I remove the IP from the blacklist?

Please also see the below information regarding quarantine outbound emails.

DIRECTION: outbound

POLICY_TYPE: spam

SCORE: 17.956/15

6.3,RBL: Received via a relay in Spamhaus PBL
0.0,RBL: SORBS: sent directly from dynamic IP address
6.7,BODY: Bayes spam probability is 99 to 100%
0.5,HELO greeting hostname has no A-record
0.4,BODY: Bayes spam probability is 99.9 to 100%
0.0,BODY: HTML included in message 1.9,Delivered to internal network by host with
2.2,Contains image and was sent by dynamic
ACTION: quarantine
0
Educad
Asked:
Educad
2 Solutions
 
David Johnson, CD, MVPOwnerCommented:
the sending server name and reverse ip address must be in your dns.
0
 
VB ITSSpecialist ConsultantCommented:
Jump on the Barracuda and Spamhaus websites to do a lookup on your client's IP address, it will tell you why they are getting blacklisted and what you need to do to get rid of the cause of the blacklist.

Request for the removal only after you have addressed the issue otherwise you risk being re-added to the list. Some RBL's will only remove you a certain amount of times before they start charging fees (dodgy, I know).
0
 
Simon Butler (Sembee)ConsultantCommented:
"SORBS: sent directly from dynamic IP address"

If you are on a dynamic IP address, then don't waste your time trying to get delisted, as you will be unable to do so. You need to switch to a static address or use your ISPs SMTP server as a smart host.

Simon.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
I agree with Sembee as you need to configure your systems to relay via your ISP and this will require authentication as most ISPs do not allow open relay for their customers.
0
 
EducadAuthor Commented:
Simon,

They are using static IP address but not sure why it is marked ad dynamic IP address.
0
 
VB ITSSpecialist ConsultantCommented:
It's possible that you were given a static IP in a pool usually associated to dynamic IPs, it's an unfortunate thing that does happen.

Did you do a lookup for the IP address via the links I gave you in my previous post? The links may not have been very obvious as I hyperlinked the actual RBL provider name to their lookup page:

Barracuda: http://www.barracudacentral.org/lookups
Spamhaus: http://www.spamhaus.org/lookup/
0
 
EducadAuthor Commented:
VB ITS,

I have entered the IP address but Barracuda lookup system says "IP address x.x.x.x is not currently listed as "poor" on the Barracuda Reputation System".

In the Spamhaus,

This IP address range has been identified by Spamhaus as not meeting our policy for IP addresses permitted to deliver unauthenticated 'direct-to-mx' email to PBL users.

Important: If you are using any normal email software (such as Outlook, Entourage, Thunderbird, Apple Mail, etc.) and you are being blocked by this Spamhaus PBL listing when you try to send email, the reason is simply that you need to turn on "SMTP Authentication" in your email program settings. For help with SMTP Authentication or ways to quickly fix this problem click here.

See also: http://www.spamhaus.org/faq/answers.lasso?section=Spamhaus%20PBL
0
 
EducadAuthor Commented:
VB ITS,

Sorry, it was listed under Sorbs DUHL not Barracuda.

The result I found at Sorb DUHL:

Usage classification (only important if you run your own mailserver.)
1 "DUHL" entries [16:52:01 24 Nov 2003 GMT+00].       
210.x.x.x/24 - 1 entries [16:52:01 24 Nov 2003 GMT+00].       
Note: Active "exDUHL" entries mean that the IP/Network has been unblocked for some or all IPs from the DUHL.
 
Problem hostnames/domains (could cause email problems.)
Note:These entries are for URLs or email domains, the IPs that may show up as 'spamvertised' only indicate where the URL/Host was seen being sent from. Listings for IPs that are 'spamvertised' will not usually cause blocking problems unless the email contains the IP address as a URL
Note: For a more detailed view you have to be registered and logged in.
0
 
VB ITSSpecialist ConsultantCommented:
Jump on MxToolbox and run a blacklist lookup on the IP address on there as it will check against a large number of blacklists: http://mxtoolbox.com/blacklists.aspx

If you don't find yourself on any blacklists then it's possible you were automatically removed (which to be honest doesn't happen very often). Looking over your original question again it seems that you were placed on the Spamhaus PBL, which isn't exactly a blacklist: http://www.spamhaus.org/pbl/removal/
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now