Skip to main content

IP listed on blacklist

More
14 years 2 months ago #33699 by ZiPPy
Replied by ZiPPy on topic Re: IP listed on blacklist
Still on the dang blacklist.

You're telling me we have no Exchange guru's hanging around the forums. Cisco with some Exchange in the back pocket?

There HAS to be something else one can do to remove themselves from SpamCannibal???


ZiPPy
ZiPPy
More
14 years 1 month ago #33717 by ZiPPy
Replied by ZiPPy on topic Re: IP listed on blacklist
aaaaand no replies. nice.
ZiPPy
More
14 years 1 month ago #33723 by Nevins
Replied by Nevins on topic Re: IP listed on blacklist
I'm not an exchange expert at all but you should be able to block requests to/from them at your router based on their server IP. Basically meaning instead of them eating your bandwidth up by their tarpit telling the spam server (you) to send very small packets you have zero communication with them.

I think Access control lists may be a solution for this but to be honest I'm not sure I'm just tossing my best guess out there.
Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
More
14 years 1 month ago #33727 by ZiPPy
Replied by ZiPPy on topic Re: IP listed on blacklist
I would agree for a few IP's ...up to ten at most! But when your dealing with hundreds of IP's and from various ranges, that won't work.

Something within Exchange isn't setup correctly, or a security vulnerability is being exposed. Looking into adding a dedicated spam solution such as a Barracuda or IronPort.


ZiPPy
ZiPPy
More
14 years 1 month ago #33728 by S0lo
Replied by S0lo on topic Re: IP listed on blacklist
Hi ZiPPy, I assume here that when you queried spamcannibal online database for your server's IP you found it blocked.

There is a possibility that the generic rDNS record is causing the block. Have a look at some of the rules they have like this page:

www.spamcannibal.org/statsgeneric.html

You might need to create a PTR record (reverse IP lookup) for the IP of your server to point back to it's original DNS name (like mail.abc.com or smtp.abc.com). The following explains:

aplawrence.com/Blog/B961.html

I'm not positive that this is the problem, but I'd give it a try.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
14 years 1 month ago #33733 by Alans
Replied by Alans on topic Re: IP listed on blacklist
One of the reason your ip will be blocked is because of sending spam or viruses, may be it's not you or your exchange, it could be a trojan on one of the computers in your network.
So how to know which one? you should block port 25 out from your network to internet, then no one can send email and hence no spam.
If you want users inside your network to be able to send email then you can setup an exchange server as smtp relay with proper Anti spam and anti virus.
And if you want to know who (which ip) are sending spams then you should use some kind of monitoring for port 25 out from your network.

Look at the link below (PDF) and see recommendations there.

docs.yahoo.com/docs/pr/pdf/asta_soi.pdf

cheers,
always Face your Fears...
Time to create page: 0.152 seconds