Software

General discussion

Locked

Has anyone else been blacklisted?

By jdclyde ·
Been going through heck for over a week now.

It seems our corporate e-mail has made it onto the CBL blacklist. http://cbl.abuseat.org

They state the reasons for blacklisting can be:
Being a Relay
Infected with Netsky, Bagle, MyDoom or others.
Or if using NAT'ed addresses, then another system on the network may be sending out the SPAM.

Have taken the following steps.
Blocked SMTP from all system except the e-mail server witht the firewall.
Double checked if mail server was running as a relay.
Server runs Linux, so the above mentioned viruses do not apply.
Have scanned the network and the server for anything that looks suspicious.

All come up clean.
Request removal from list, get removed and put right back on a day later.
After getting blacklisted 4 times this week, I am starting to get upset.

Has anyone else had this problem?
How did you resolve this issue?

Would this blacklisting be illegal for them interfering with the transmission of legitamate business usage that we have paid for?

How do I stay off that list?
Is there a governing authority that this organization can be reported to?
Is there a legal authority they can be reported to?

Or do I just have to sit here and cry in my oatmeal?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

hardware....

by Jaqui In reply to Why not a hardware soluti ...

depends on how much of the companies business is from email before I would concider it.
if it is only 10% from online then going with a multiple software solution would be more cost effective.
if 33% or more, definately go with a hardware solution.

Collapse -

Jaqui .........How bout

by dafe2 In reply to Why not a hardware soluti ...

How about a mail Server that serves up to say 2500 users but doesn't do any E-Business?

These guys get tons of trash...they subscribe to everyting and anything.

Worth 5k to me how bout you? or is there something better out there

Collapse -

Expensive and less configuration.

by Oz_Media In reply to Why not a hardware soluti ...

Asfor hardware solutions, one's I have seen limit the software's ability to be trained specifically to YOUR company's mail and offer VERY limited access to it, as they want to ensure the hardware holds up and doesn't get fiddled with too much.

The one slution I mentioned was Novell targeted solution only, but it required a dual processor HIGH END server running a MS NOS?
WHO was the dolt who came up with THAT idea?
Would you buy a MS targeted replacement for MS Exchange that required a Novell server to run on?

Not only that, the software was twice the price and the BASIC server would have cost $4500.00 even after getting it at cost form the vendor due to a mistake they made in the sales process.

BUT!!!! I have seen someone build a 486 into a spam scanner (a good one too!) running Python code. Very slick, on a 486 too! So as for your interest in a $5000.00 hardware solution (understanding that HIGH END GWAVA is less than $1000.00 to implement as a software solution tha realy works) the 486 mentioned above was obviously FREE and just took a few hours of Python to setup.

I case you aren't familiar with Python, it is similar to C++ but 200 lines of C++ coed can equate to only 20 linesof Python to achieve the same results. It's easier to debug, less prone to glitches and far easier to update and rewrite as needed. That's why Python programmers make HUGE bucks, achievng expensive results in a short amount of time.

Collapse -

ahhh, Dafe2 and Oz

by Jaqui In reply to Why not a hardware soluti ...

how much email through that server and why are you having it?
for business of some fashion I would bet.
that would be a good time for a hardware solution

Oz,
IRONMAIL
check the webcasts archive at sans portal, an isp went with ironmail as it, in thier opinion, contradicts what you said

Collapse -

Ahhh, Jaqui!

by Oz_Media In reply to Why not a hardware soluti ...

There's no way in **** I would sit through even a 30 second Webcast on SPAM now! NO WAY! Been there done that for WAAAY too long.

I know about Ironmail and have considerd it too. It is no different than the $1000.00 GWAVA except;

GWAVA tweaks Spam and Ham heuristic rules based on your own submitted or gathered mail form various users or departments, FAR more accurate than Ironmail's HASH system.

GWAVA resides on your own server and can handle as many users and process mail as fast as your server permits.

I was using it with 1500 - 2000 emails per day, being distributed to multiple offices and YES it also scans webmail.

Gwava is tiny and resourceful weighing in at only 30MB on the server.

I have sat in on SO many webcasts, live seminars, flown to seminars, driven to seminars, studied MOUND of books and so on for WAY too long. I have seen the VARIOUS solutions, tried many of them, studied the benefits etc.

There were the same conflicting opinions as always, everyone has a different conclusions like PC vs MAC or Novell vs Windoze, mine was based on MY experience.

I don't even like THINKING about this crap anymore really.

It works, there's no hardware to replace or maintain, it handles immense volumes of mail (check the GWVA forums for examples from the high volume users), it is cheap and DEAD accurate, NO SPAM, no false positives, AT ALL.
Done deal!

How would Ironmail be a better solution...other than if you only had MS servers?

GW Guardian outperforms Ironmail too and it is a hardware OR software solution as needed, but it's also over $6000.000 all inclusive!

My point was you can also do this on a 486 running Python, works like a charm for say 50 - 100 users, then you may want to step up to an old PIII or something.

There's no need for a large investment nor a hardware investment, it is dependant on the TYPE of processing and 'configurability' the system offers.

Collapse -

Thank you Jaqui

by dafe2 In reply to Why not a hardware soluti ...

We're testing with Barracuda & haven't had anything but succes....just wondered if others were finding any success with software based stuff today.

Collapse -

CBL, not RBL

by jdclyde In reply to DNS RBL's are only such a ...

We are getting listed for a CBL aledged violation.

CBL, Composite Blocking List.

http://cbl.abuseat.org

No open relay.

Collapse -

But if it is someone spoofing his server

by HAL 9000 Moderator In reply to I disagree on some points

How do you proceed from that point?

You can have everything locked down tight but that doesn't stop someone impersonating your business so that the recipients think that they are getting genuine e-mails.

As time goes on and things get tighter I can see this as more of a problem than it currently is. Particuarly if you have VPN's into the system and no protocols for securing Home Computers which have access to the network.

But even still the Logs should show up if there is any unusual traffic outgoing.

Col

Collapse -

That's right, but Barracuda would deal with that

by dafe2 In reply to But if it is someone spoo ...

A hardware solution like Barracuda could deal with that quite nicely. :-)

Collapse -

getting blocked by IP, not name

by jdclyde In reply to But if it is someone spoo ...

And the site that (bastards) is blocking me isn't one that you report someone too.

They have their sniffers out on the web and if they detect what they feel is spam or a trojan they shut you down.

We have added traffic that I have pointed out to them. We have VPN's going gennerating a lot of traffic as well as just started to use Blackberry hand-helds. These connect to a server in Canada (blame Canada) which connects to our server via the internet to sync their e-mail.

Haven't been able to find anything in the logs that looks out of place yet. This is a linux RedHat server, can you recommend a specific log to check and what to look for?

Thanks everyone.

Related Discussions

Related Forums