Software

General discussion

Locked

Has anyone else been blacklisted?

By jdclyde ·
Been going through heck for over a week now.

It seems our corporate e-mail has made it onto the CBL blacklist. http://cbl.abuseat.org

They state the reasons for blacklisting can be:
Being a Relay
Infected with Netsky, Bagle, MyDoom or others.
Or if using NAT'ed addresses, then another system on the network may be sending out the SPAM.

Have taken the following steps.
Blocked SMTP from all system except the e-mail server witht the firewall.
Double checked if mail server was running as a relay.
Server runs Linux, so the above mentioned viruses do not apply.
Have scanned the network and the server for anything that looks suspicious.

All come up clean.
Request removal from list, get removed and put right back on a day later.
After getting blacklisted 4 times this week, I am starting to get upset.

Has anyone else had this problem?
How did you resolve this issue?

Would this blacklisting be illegal for them interfering with the transmission of legitamate business usage that we have paid for?

How do I stay off that list?
Is there a governing authority that this organization can be reported to?
Is there a legal authority they can be reported to?

Or do I just have to sit here and cry in my oatmeal?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Not a relay

by jdclyde In reply to I disagree on some points

I have asked to be scanned for a relay and have also checked with the big relay blockers and I am not set as a relay and am not on any lists as one.

I am running Linux, so the viruses and trojans mailers they have listed can not be the problem as they only run on Windows servers.

Came in this morning and blacklisted for the fifth time in a week.

Collapse -

Mail Daemon

by house In reply to It;s common

We use the proprietary Mail Daemon spam filter. It is very intelligent, but of course, it is not without it's flaws.

It uses a point system to scan emails. It assigns points based on certain things like...

1) multiple hyperlinks
2) keywords
3) mutiple addresses
4) known subject lines

Obviously, we get a few complaints, but when we remove the filter, they cry like ****. It seems to be the way of the internet right now. We don't subscribe to any blacklists - they are a pain to deal with - even some of our client's addresses have been blacklisted on other servers. What a sad state of affairs. We are on the phone with other domain admins almost every other week regarding such issues.

Collapse -

YEs there are some simple solutions

by Oz_Media In reply to Mail Daemon

I was given the task of removign ALL spam form ALL users at multiple locations without a single whitelisted email. It took quite a while and only ended up costing about $2500.00, even then with their ever so robust platform, it took months to train it for PSAM and HAM as applied to te nature of the company's business. There simply isn't a solution hat works out of the box for all companies, everyone has different requirements of what iis acceptab;le and what isn't it goes WELL beyond keywords and basic heuristic scan though. Good softwae is trainable it will run sample passes on a collection of about 1500 SOAM and HAM emails receieved by the company and will then take nearly 15 retest passes in order to betweaked properly. While studying all this, I learned just how many company's are actually just throwing solutions into place and not proerly configurign or training them past blocking addresses or adding keywords.

Collapse -

Yeah

by house In reply to YEs there are some simple ...

We still put up with plain text and single hyperlink spam messages. We've also been getting nailed with these stupid full colour invoices... I'm not sure how our filter is missing those ones.

Collapse -

No spam filter is 100%, but I'm a fan of Bayesian filters

by AV . In reply to Mail Daemon

I know the users don't like them, but its a necessary evil. And of course they suffer if you take the filter off.

We don't use any blacklists either. They block way too much to be useful. We use GFI Mail Essentials and Mail Security. It has Bayesian filtering, keyword and content checking, blacklists and whitelists. It is highly configurable. Mail Security has Norman and Bitdefender Antivirus, Trojan and Exploit checkers. I'm happy with them both.

Today you can't have too much security. It is very sad because the internet and email is the greatest invention. Why some people want to ruin that is beyond me.

Collapse -

Happened to me once, too

by Roger99a In reply to Has anyone else been blac ...

I set up Symantec's mail Gateway, ironically it's an anti-spam product, and the default configuration was to relay EVERYTHING! It relayed for a couple of days and finally crashed. I figured out what was going on, but I had been listed on a couple of blocklists. I don't remember one of them, but I went to their website and requested a test and was removed within 24 hours.
Anyway, it's legal and useful. I use two DNSBL's and maintain another private list.
You can test for relay here: http://www.rbl.jp/svcheck.php
You might try sniffing port 25 to see if any unauthorized computers are sending mail. Are you blocking all relaying or just external addresses?

Collapse -

tested for relay and block all other systems

by jdclyde In reply to Happened to me once, too

My firewall is set to only allow SMTP to come and go to our mail server. All other SMTP traffic is dropped as it tries to enter or leave our network.

We are not a relay. I have checked the lists and am not listed, and even went to the sites where you can ask to be scanned and have come up clean.

Collapse -

Virus or trojan?

by Oz_Media In reply to tested for relay and bloc ...

Their FAQ's also point to those issues for being constantly relisted.

Collapse -

blacklisted

by house In reply to Has anyone else been blac ...

I'm under the impression that an @mm (mass mailing virus) is exploiting your domain.

Does anybody here know where I could find a downloadable text file regarding these blacklisted addresses... without actually registering for the database synch services?

It would be much appreciated. :)

Collapse -

DNS Stuff

by Roger99a In reply to blacklisted

You can test an IP against a large group of blocklists here: http://www.dnsstuff.com/

Related Discussions

Related Forums