Our IP address is being blocked by RATS-Dyna

Suddenly our public IP address is being blocked by RATS-Dyna.  I looked it up with MXTools blacklist lookup and they are the only ones complaining. When I do a lookup at RATS-Dyna website and ask to be removed I get this message "The IP address you have specified does not comply with best practices. Currently, the reverse DNS for this IP address is: static-71-254-189-37.lsanca.fios.verizon.net." We have had it set this way for years and nobody has complained.  The funny thing is that our email is flowing fine and nothing is being blocked to our knowledge.  We found there was a problem when we try to go to the web site USPS.com and all workstations are blocked.  I have dealt with reverse DNS to some degree before and I thought it was only related to email.  We are running an old SBS 2003 that we are about to replace in a couple of months.  Is there a quick fix for this in the meantime?
captjcretAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mal OsborneAlpha GeekCommented:
The PTR record maps your IP address to a hostname, so this needs to be edited by whoever is authoritative for the IP range, almost certainly your ISP.  NOT your usual domain DNS admin. Should be simple enough to get in touch with them and get something more sensible, ideally it should be the hostname of your mail server.  Once that is done, get back in touch with the blacklist administrators.

Blacklists vary in who they list and why; some only list bad spammers, while others list MANY mail servers. It is very unlikely that anyone you are sending email to will classify stuff as spam based on you being on this blacklist.

It is VERY improbable that this has anything to do with the blocked website, almost certainly a red herring.
0
captjcretAuthor Commented:
I will talk to Verizon.  I have never heard of a website being blocked because of a blacklisting myself but it is the only thing I can find that is not right.
0
asavenerCommented:
We found there was a problem when we try to go to the web site USPS.com and all workstations are blocked.
Is that the only site you're having trouble accessing?
 
Are all of your workstations NAT'd to the same address as your mail server?
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

captjcretAuthor Commented:
All the addresses are internal and static.  The router is the only device with the static public IP address.  There are no devices internally that use NAT.
0
asavenerCommented:
Outbound traffic is almost certainly NAT'd to your public address.
0
asavenerCommented:
Are you still experiencing the issue?

If you go to your workstations and go to the site http://whatismyip.com do they all return the same address?
0
captjcretAuthor Commented:
I ran whatismyip.com and all the workstations are reporting the same public IP that I have been running blacklist checks on.
It looks like RATS-Dyna is not the reason for the blocked web site.  The RATS-Dyna block does not seem to be effecting emails or any other websites.
I have been dealing with Verizons tech support at length with regards to the blocked website USPS.com.  I ran a tracert on-site on usps.com and it failed and timed out.  It showed an IP address of 56.0.134.100.  I was not able to ping that IP address as well. I went to the network-tools site and ran tracert and it came up with the same tracert result timing out.  I plugged the IP address into the browser and it was still blocked.
I ran the same tracert test off-site for USPS and it timed out and failed the same way and reported the same IP number 56.0.134.100.  Though off-site I was able to ping the IP and I could browse USPS.com.  Verizon says it would be a USPS problem and not theirs.  That doesn't sound right.
0
asavenerCommented:
I think the first thing to do is get off the block list.  There's no telling whether USPS subscribes to that list or not, and if they do then they may be blocking the traffic.

Problem is, any of the machines on your subnet could be sending out traffic that's getting you on the block list.  You'll need to track down whether you have an infected machine.
0
captjcretAuthor Commented:
I am finally off the block list but I am still being blocked when accessing USPS.com.  My customer has Verizon and I have created a trouble ticket.  Fast they are not!
0
asavenerCommented:
Welcome to the joys of managed services.....
0
captjcretAuthor Commented:
Verizon has cleared the routing problem
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
captjcretAuthor Commented:
There was no real solution except that it was a Verizon issue.  I decided to give the points to the two experts that helped me.  Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.