Emails blocked by Spamhaus

Hi Experts,

Some of our emails are getting blocked by Spamhaus.
Here's what the bounced emails look like:

The following message to <x.y@curtin.edu.au> was undeliverable.
The reason for the problem:
5.1.0 - Unknown address error 550-'5.7.1 Service unavailable; Client host [117.55.227.24] blocked using Spamhaus; To request removal from this list see http://www.spamhaus.org/lookup.lasso'

Reporting-MTA: dns; mta24-d1.ip2.cbr1.mail-filtering.com.au

Final-Recipient: rfc822;x.y@curtin.edu.au
Action: failed
Status: 5.0.0 (permanent failure)
Remote-MTA: dns; [213.199.154.87]
Diagnostic-Code: smtp; 5.1.0 - Unknown address error 550-'5.7.1 Service unavailable; Client host [117.55.227.24] blocked using Spamhaus; To request removal from this list see http://www.spamhaus.org/lookup.lasso' (delivery attempts: 0)

I have opened http://www.spamhaus.org/lookup.lasso

Entering my Client Host IP (117.55.227.24) into IP Address Lookup Tool returns:

117.55.227.24 is not listed in the SBL

117.55.227.24 is not listed in the PBL

117.55.227.24 is not listed in the XBL

Entering my domain, mincad.com.au, in to the Domain Lookup Tool returns:

mincad.com.au is not listed in the DBL

So we are not listed on any of the Spamhaus lists - but our emails to 3 customers are being blocked?

Regards,
Leigh
LVL 1
LeighWardleAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
It would appear the email is not leaving your domain. You would get a different message if sent and bounced back, I think.

Do you have both an external IP and also an email server IP?  Check both if you do.
0
VB ITSSpecialist ConsultantCommented:
I ran a lookup of your IP address on the MX Toolbox site and it looks like your IP is listed in UCE Protect's blacklist: http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a117.55.227.24&run=toolpage

There's a chance here that Spamhaus utilizes UCE Protect's lists which may explain why your email got blocked. What it doesn't explain is why the email address says to request removal via their website though.

Do you get the bounceback email immediately after you send the email?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LeighWardleAuthor Commented:
Howdy VB ITS,

Yes, the bouncebacks are within a minute of sending.

It's getting worse, I just had another bounce back with a Sophos message:

Client host rejected: Your message was rejected due to spam filtering. Please
see http://www.sophos.com/security/ip-lookup?ip=117.55.227.26'

Should I notify Uber, my web and email hosting service?
0
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

JohnBusiness Consultant (Owner)Commented:
Should I notify Uber, my web and email hosting service?  <-- Yes. And have them check their network IP addresses at Spamhaus.

I don't really think the emails at reaching the recipients.
0
David Johnson, CD, MVPOwnerCommented:
If you are on the UCEPROTECTL1, it typically means you have either had an open-relay on the server, or you have a reverse-DNS problem that is causing your server to be identified as part of a bad range of IP Addresses through your ISP. http://bit.ly/1ObJHJD

add a spf text record
examples:
*.EXAMPLE.COM.        MX      10      A.EXAMPLE.COM
*.EXAMPLE.COM.        TXT     "v=spf1 a:A.EXAMPLE.COM -all"
https://tools.ietf.org/html/rfc7208
0
LeighWardleAuthor Commented:
My hosting service has resolved the issue:

Please note that, all the mails sent through our shared server pass
through spam filter Ironport and sent from it irrespective of IP
assigned to the domain on the server. You faced the problem with emails
because IP 117.55.227.24 of Ironport was blacklisted in CBL.

Our admins has now stopped the spamming and IP has now been removed from
the blacklist.

You can verify the same from below URL:
http://cbl.abuseat.org/lookup.cgi

We apologize for any inconvenience caused to you. You will not face any
issue with your emails now.

Further, UCEPROTECTL1 is just like scam as they demand money for IP
removal. You can ignore their blacklisting or contact the mail service
provider of senders and ask them to not to follow UCEPROTECTL1. Genuine
blacklisting organizations does not demand money and doesn't blacklist
IP without any genuine reason.

UberGlobal
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Email Clients

From novice to tech pro — start learning today.