[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Remove IP address from blacklist BARRACUDA,Spamhaus ZEN

Posted on 2015-02-10
9
Medium Priority
?
863 Views
Last Modified: 2015-03-09
Hi,

One of our client's IP address has been added to blacklist at Barracuda and Spamhaus ZEN. How can I remove the IP from the blacklist?

Please also see the below information regarding quarantine outbound emails.

DIRECTION: outbound

POLICY_TYPE: spam

SCORE: 17.956/15

6.3,RBL: Received via a relay in Spamhaus PBL
0.0,RBL: SORBS: sent directly from dynamic IP address
6.7,BODY: Bayes spam probability is 99 to 100%
0.5,HELO greeting hostname has no A-record
0.4,BODY: Bayes spam probability is 99.9 to 100%
0.0,BODY: HTML included in message 1.9,Delivered to internal network by host with
2.2,Contains image and was sent by dynamic
ACTION: quarantine
0
Comment
Question by:Educad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 40600542
the sending server name and reverse ip address must be in your dns.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40600628
Jump on the Barracuda and Spamhaus websites to do a lookup on your client's IP address, it will tell you why they are getting blacklisted and what you need to do to get rid of the cause of the blacklist.

Request for the removal only after you have addressed the issue otherwise you risk being re-added to the list. Some RBL's will only remove you a certain amount of times before they start charging fees (dodgy, I know).
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 1000 total points
ID: 40600851
"SORBS: sent directly from dynamic IP address"

If you are on a dynamic IP address, then don't waste your time trying to get delisted, as you will be unable to do so. You need to switch to a static address or use your ISPs SMTP server as a smart host.

Simon.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40600951
I agree with Sembee as you need to configure your systems to relay via your ISP and this will require authentication as most ISPs do not allow open relay for their customers.
0
 

Author Comment

by:Educad
ID: 40601899
Simon,

They are using static IP address but not sure why it is marked ad dynamic IP address.
0
 
LVL 24

Accepted Solution

by:
VB ITS earned 1000 total points
ID: 40601916
It's possible that you were given a static IP in a pool usually associated to dynamic IPs, it's an unfortunate thing that does happen.

Did you do a lookup for the IP address via the links I gave you in my previous post? The links may not have been very obvious as I hyperlinked the actual RBL provider name to their lookup page:

Barracuda: http://www.barracudacentral.org/lookups
Spamhaus: http://www.spamhaus.org/lookup/
0
 

Author Comment

by:Educad
ID: 40601937
VB ITS,

I have entered the IP address but Barracuda lookup system says "IP address x.x.x.x is not currently listed as "poor" on the Barracuda Reputation System".

In the Spamhaus,

This IP address range has been identified by Spamhaus as not meeting our policy for IP addresses permitted to deliver unauthenticated 'direct-to-mx' email to PBL users.

Important: If you are using any normal email software (such as Outlook, Entourage, Thunderbird, Apple Mail, etc.) and you are being blocked by this Spamhaus PBL listing when you try to send email, the reason is simply that you need to turn on "SMTP Authentication" in your email program settings. For help with SMTP Authentication or ways to quickly fix this problem click here.

See also: http://www.spamhaus.org/faq/answers.lasso?section=Spamhaus%20PBL
0
 

Author Comment

by:Educad
ID: 40601949
VB ITS,

Sorry, it was listed under Sorbs DUHL not Barracuda.

The result I found at Sorb DUHL:

Usage classification (only important if you run your own mailserver.)
1 "DUHL" entries [16:52:01 24 Nov 2003 GMT+00].       
210.x.x.x/24 - 1 entries [16:52:01 24 Nov 2003 GMT+00].       
Note: Active "exDUHL" entries mean that the IP/Network has been unblocked for some or all IPs from the DUHL.
 
Problem hostnames/domains (could cause email problems.)
Note:These entries are for URLs or email domains, the IPs that may show up as 'spamvertised' only indicate where the URL/Host was seen being sent from. Listings for IPs that are 'spamvertised' will not usually cause blocking problems unless the email contains the IP address as a URL
Note: For a more detailed view you have to be registered and logged in.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40601959
Jump on MxToolbox and run a blacklist lookup on the IP address on there as it will check against a large number of blacklists: http://mxtoolbox.com/blacklists.aspx

If you don't find yourself on any blacklists then it's possible you were automatically removed (which to be honest doesn't happen very often). Looking over your original question again it seems that you were placed on the Spamhaus PBL, which isn't exactly a blacklist: http://www.spamhaus.org/pbl/removal/
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A couple of months ago we ran into an issue that necessitated re-creating our Edge Subscriptions. However, when we attempted to execute the command: New-EdgeSubscription -filename C:\NewEdgeSub_01.xml we received an error indicating that the LDAP se…
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question