Still can't send mail to some domains despite being no longerblacklisted....

[eggedd2k]

We had a blacklisting issue yesterday - one of our workstations
managed to get a mass mailing trojan which resulting in us being
blacklisted on a number of internet blacklists.

We've since taken the offending workstation offline and have now been
taken off of the blacklists we were on (we checked using mxtoolbox).


Unfortunately we're still getting some emails bounced back stating
that we're blacklisted (although not detailing the actual blacklist).

As far as we're aware we're not on any blacklists now.

Is it simply a case of having to wait a few days for the recipients
email servers to update their blacklists?

thanks in advance!

 

[Laurence Sheldon]

As far as we're aware we're not on any blacklists now.

Is it simply a case of having to wait a few days for the recipients
email servers to update their blacklists?

Some people operate local blacklists under guidelines similar to what
some said Curtis LeMay taught, to whit: "To err is human. To forgive
is not Strategic Air Command Policy."

I can't be bothered with maintaining lists for the fun of if. Stuff
goes in to protect, comes out when somebody being protected complains.
--
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi causa non oritur actio Infallibility, and the ability to
learn from their mistakes.
Eppure si rinfresca

ICBM Targeting Information: http://tinyurl.com/4sqczs

 

[eggedd2k]

we're talking emails going to Hotmail, Tiscali etc that are being
bounced back.

 

[Jamestechman]

Yes wait it out; some orgs will cache or run periodic updates based on
their own shedule.



James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com

 

[Jamestechman]

Also doesn't hurt to get a spf record if you don't currently have one
in the meantime.



James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com

 

[eggedd2k]

that's good - we'll hang fire for another day or so.

thanks!

what does the SPF involve doing? in what ways would it be beneficial.

 

[h.zink]

we're talking emails going to Hotmail, Tiscali etc that are being
bounced back.

AFAIK Microsoft is fetching our zones just once per day and Tiscali is
rsyncing every 12 hours.
Were you listed at UCEPROTECT by yesterday?

Heidi Zink
UCEPROTECT-Network
Blacklistmaster of the day

 

[eggedd2k]

not not on uceprotect.

just CBL, LASHBACK and SPAMHAUS.

 

[E-Mail Sent to this address will be added to the B]

what does the SPF involve doing? in what ways would it be beneficial.

The clues I see, not knowing what SPF is, and exposing an
MS exchange server to the internet, tell me you don't likely
have enough clues to keep your IPs out of DNSbls.

CBL, just wait, (if you have removed the issues)

SBL (request delisting from your IP shois listed contact address)

LASHBACK (spamming unsubscribed addresses huh)
I hear you get to request delisting once every 90 days,
beyond that it will cost your $.

 

[Stephen K. Gielda]

that's good - we'll hang fire for another day or so.

thanks!

what does the SPF involve doing? in what ways would it be beneficial.

I'm probably going to be a lone dissenter here, but frankly, I don't
think it is beneficial at all. I think it does nothing, it may have
been designed to do something, but in practice it fails. I deal with
30-40 million mail transactions a day, not a huge site, but an ok test
bed for this. It gets more than it's fair share of backscatter and spam
(probably 90% of that traffic is one or the other). I haven't seen any
decrease at all since implementing spf a few months ago on one a couple
of the main domains, nothing changed for them. I see no less
backscatter, no less spam, no less forged mail, no less of anything.
I'm sure many will pop in with stories of how it saved their setup, but
I haven't seen it. I'm not planning on implementing it on more of our
domains, I find it to be a cluttering of the headers for no benefit.

/steve

 

[eggedd2k]

We're still having problems sending to Tiscali and Hotmail - 2 full
days now since being removed from the blacklists.

I've checked both of those links above as I was already using them to
check - and we're not on any of them.


Any ideas why it's just Hotmail and Tiscali???

 

[E-Mail Sent to this address will be added to the B]

eggedd2k wrote:
Both have their own SpamControl.

Hotmail has some clues at http://postmaster.msn.com/ ...

 

[Laurence Sheldon]

Any ideas why it's just Hotmail and Tiscali???

Just a guess: They listed you because you spammer them. None of their
paying customers have complained about the "loss".

--
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi causa non oritur actio Infallibility, and the ability to
learn from their mistakes.
Eppure si rinfresca

ICBM Targeting Information: http://tinyurl.com/4sqczs

 

[eggedd2k]

they have nothing on their website that details how to get off their
own blacklist.

any ideas?

 

[Sam]

they have nothing on their website that details how to get off their
own blacklist.

any ideas?

our ISP got blacklisted once, and it took about a week before we could
send to all domains.....Just keep waiting it out.

 

[Jamestechman]

Hotmail/msn do sender reputation; might need to wait to build that up
again




James Chong (MVP)
MCITP | EMA; MCSE | M+, S+,
Security+, Project+, ITIL
msexchangetips.blogspot.com

 

[Bill Cole]

they have nothing on their website that details how to get off their
own blacklist.

any ideas?

I don't know about Tiscali, but MSN/Hotmnail has a whole site dedicated
to dealing with their breakage:

http://postmaster.hotmail.com/