Problem



  • There is a problem, our IP is in the list of blocked for sending e-mails by two Dnsbl. They do not allow to send messages to our customers and interfere with our work for our business. We do not know why we was blocked (we never send spam).
    http://www.dnsblchile.org/index.en.html
    http://www.spamgrouper.to/
    We can not send emails to some customers.
    Does anyone ever faced with the same problem? If yes, what to do?
    A support group can not help. (Answers copy-paste without delving into the essence of the problem at all)
    On that website:
    http://www.dnsblchile.org/index.en.html
    In our search for IP is written that it is recorded in the category =>
    (Listed under category 127.0.0.11)
    Many times we sent a request to the site to unlock, there is no result



  • This isn't really the right place for this question and you don't give much to go on.

    What sort of organization are you?  Be general - school, hoster, corporate, home user etc.  Approx size of org eg 500 users, 10 servers

    You assert you never send spam.  So to start with, do you block access to external port 25/tcp apart from certain, secured,  mail servers?

    I am trying to get your post into some sort of shape so that we have a question that can be answered!

    Cheers
    Jon



  • Agreed, this is not a PFSense question. You're on an RBL because your IP was found to be the source of spam. Most likely you have an infected machine in your network which is part of a botnet, sending out junk mail from various sources.

    The only solution to be removed from an RBL is to make a delisting request. If the RBL maintainers aren't responding to delisting requests, they either aren't running their blacklist correctly or they've dropped your network address or range into a 'persistent offenders' bin, meaning you'll never be delisted. You should also need to examine your network carefully to find out if you have any machines running malware anywhere. And as Jon says, prohibit anything but your mail server from sending emails out of your network.


  • LAYER 8 Global Moderator

    I show
    127.0.0.11 - Domain names with bad A or MX RRs (badconf.rhsbl.sorbs.net)

    Being on that list doesn't mean your sending spam, means your configuration is borked!!!  And since your configuration is BAD, your prob sending spam is the take on it.

    But different lists might use different return codes.. So your chile one for example, what do they say is return code of your IP that they put into 127.0.0.11

    So for example found this
    The DNSBL zone is just "dnsblchile.org" and they report a few different types of responses: 127.0.0.2 and 127.0.0.3 for "verified spam sources," 127.0.0.5 for "verified scam sources," and 127.0.0.10 and 127.0.0.11 for DUL/PBL-like dynamic/"should not be running an MTA" entries.

    Normally means your on a dynamic IP that should not be sending mail in the first place, HOME connection for example.  Do you even have a PTR setup?  if your IP is on a dynamic list and its not suppose to be then your going to have to work with your ISP that gave you the IP, etc.

    If your going to want help to what is wrong your going to need to tell us your domain name your sending mail from so we can lookup the configuration, etc..

    Your not going to be removed from the list until you fix whatever is wrong.



  • I would suggest that if you send a request to be delisted from the blocked list, that you include some data about your network to include any finding of infected machine, hijacks etc and exactly what you did to fix the problem and steps taken to ensure it doesn't happen again. Typically when providing this level of detail, companies who list spam offenders will give extra consideration since you put in the effort on your end to solve any issue. Considering working with them to get off the list. Otherwise, if you only ask to be removed with as little or few words as possible; your request will sound less than genuine.



  • @jbhowlesr:

    I would suggest that if you send a request to be delisted from the blocked list, that you include some data about your network to include any finding of infected machine, hijacks etc and exactly what you did to fix the problem and steps taken to ensure it doesn't happen again. Typically when providing this level of detail, companies who list spam offenders will give extra consideration since you put in the effort on your end to solve any issue. Considering working with them to get off the list. Otherwise, if you only ask to be removed with as little or few words as possible; your request will sound less than genuine.

    The problem in this case has nothing to with sending spam. The blacklist in question is for sites with botched MX records that fail to for example to provide A records for hosts listed in the MX records for the domain.


Log in to reply