Emails blocked by Spamhaus

Hi Experts,

Some of our emails are getting blocked by Spamhaus.
Here's what the bounced emails look like:

The following message to <x.y@curtin.edu.au> was undeliverable.
The reason for the problem:
5.1.0 - Unknown address error 550-'5.7.1 Service unavailable; Client host [117.55.227.24] blocked using Spamhaus; To request removal from this list see http://www.spamhaus.org/lookup.lasso'

Reporting-MTA: dns; mta24-d1.ip2.cbr1.mail-filtering.com.au

Final-Recipient: rfc822;x.y@curtin.edu.au
Action: failed
Status: 5.0.0 (permanent failure)
Remote-MTA: dns; [213.199.154.87]
Diagnostic-Code: smtp; 5.1.0 - Unknown address error 550-'5.7.1 Service unavailable; Client host [117.55.227.24] blocked using Spamhaus; To request removal from this list see http://www.spamhaus.org/lookup.lasso' (delivery attempts: 0)

I have opened http://www.spamhaus.org/lookup.lasso

Entering my Client Host IP (117.55.227.24) into IP Address Lookup Tool returns:

117.55.227.24 is not listed in the SBL

117.55.227.24 is not listed in the PBL

117.55.227.24 is not listed in the XBL

Entering my domain, mincad.com.au, in to the Domain Lookup Tool returns:

mincad.com.au is not listed in the DBL

So we are not listed on any of the Spamhaus lists - but our emails to 3 customers are being blocked?

Regards,
Leigh
LVL 1
LeighWardleAsked:
Who is Participating?
 
VB ITSSpecialist ConsultantCommented:
I ran a lookup of your IP address on the MX Toolbox site and it looks like your IP is listed in UCE Protect's blacklist: http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a117.55.227.24&run=toolpage

There's a chance here that Spamhaus utilizes UCE Protect's lists which may explain why your email got blocked. What it doesn't explain is why the email address says to request removal via their website though.

Do you get the bounceback email immediately after you send the email?
0
 
JohnBusiness Consultant (Owner)Commented:
It would appear the email is not leaving your domain. You would get a different message if sent and bounced back, I think.

Do you have both an external IP and also an email server IP?  Check both if you do.
0
 
LeighWardleAuthor Commented:
Howdy VB ITS,

Yes, the bouncebacks are within a minute of sending.

It's getting worse, I just had another bounce back with a Sophos message:

Client host rejected: Your message was rejected due to spam filtering. Please
see http://www.sophos.com/security/ip-lookup?ip=117.55.227.26'

Should I notify Uber, my web and email hosting service?
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
JohnBusiness Consultant (Owner)Commented:
Should I notify Uber, my web and email hosting service?  <-- Yes. And have them check their network IP addresses at Spamhaus.

I don't really think the emails at reaching the recipients.
0
 
David Johnson, CD, MVPOwnerCommented:
If you are on the UCEPROTECTL1, it typically means you have either had an open-relay on the server, or you have a reverse-DNS problem that is causing your server to be identified as part of a bad range of IP Addresses through your ISP. http://bit.ly/1ObJHJD

add a spf text record
examples:
*.EXAMPLE.COM.        MX      10      A.EXAMPLE.COM
*.EXAMPLE.COM.        TXT     "v=spf1 a:A.EXAMPLE.COM -all"
https://tools.ietf.org/html/rfc7208
0
 
LeighWardleAuthor Commented:
My hosting service has resolved the issue:

Please note that, all the mails sent through our shared server pass
through spam filter Ironport and sent from it irrespective of IP
assigned to the domain on the server. You faced the problem with emails
because IP 117.55.227.24 of Ironport was blacklisted in CBL.

Our admins has now stopped the spamming and IP has now been removed from
the blacklist.

You can verify the same from below URL:
http://cbl.abuseat.org/lookup.cgi

We apologize for any inconvenience caused to you. You will not face any
issue with your emails now.

Further, UCEPROTECTL1 is just like scam as they demand money for IP
removal. You can ignore their blacklisting or contact the mail service
provider of senders and ask them to not to follow UCEPROTECTL1. Genuine
blacklisting organizations does not demand money and doesn't blacklist
IP without any genuine reason.

UberGlobal
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.