This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Local ISPs passing IP address in headers blocked by PBL

Hey there, for the last month or so, i am seeing lots of mails blocked due to being on a PBL list. For instance this range is a telus range, but i have seen it with shaw as well.


The problem seems to be that the header contains an ip address that is on the PBL. I am not sure why this has recently become a problem but i would say over the last two months i have had about 10 different users complain. I can search for the mailserver IP address and they are not blacklisted, but in order to figure out whats going on, i searched for some other IP addresses and kept finding the private DSL or CABLE IP address showing up and then getting blocked by sophos. Examples:




So the problem is that the mail client is passing on this PBL range, in the header, and then sophos is acting on it. I need to prevent this happening by any means possible, short of whitelisting certain domains manually. In my opinion, i think many people would send emails from a home email address, so I can't imagine this filter ever being useful except to generate false positives. These address ranges already force you to use an ISP mailserver. They wont let you run a mail daemon on a home residential internet connection so its kind of a stupid rule as the home users would never be able to send spam out of it.


Anyone see anything similar? i see a post from 2015 but thats about it. It recommends that the people start authenticating using port 587 to get around it. But come on, am i supposed to tell joe random blow who emails us that its actually their problem and they have to reconfigure their own connection with their ISP? Well I have had that conversation actually, and it ends up with "well you guys are the only ones i have problems emailing so its obviously your fault"


if i figure out a work around i will post back. Hoping someone else has seen this, even better if its recent and someone can say wtf has changed, as 6 months ago it was not an issue. These are all being blocked by our XG firewall.

This thread was automatically locked due to age.