Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 613 views
  • Users 0 members are here
Options
Suggested

Which RBL is flagging the email?

JeffCooper

XGS2300, 19.5.4

We're getting a lot of false positive blocked IP addresses lately. Where in the logs can I find what specific IP address is being blocked (since the message does not arrive I can't look at the headers) and which RBL is blocking it. All the logs say is "IP is blocked" with no details so I can't do anything with it.

Thanks.



Edited TAGs
[edited by: Raphael Alganes at 2:13 PM (GMT -7) on 11 Jun 2024]
Parents
  • 0

    I finally turned off Spamcop. We still have spamcop enabled on the mail server and it has the option to just increase the spam score as opposed to outright blocking it, so at worst a blocked sender will end up in the user's junk folder. 

    False positives seem to have dropped significantly.

    In our troubleshooting, we found many (most?) were being sent from Microsoft servers (protection.outlook.com or something). My theory is since so much of the world has given them control of their email, including spammers presumably, of course many legit senders would get blocked since they use the same servers.

  • 0 in reply to JeffCooper

    Yes, I have observed the same thing. The blocked emails all came via the Microsoft O365 server.

    Do you no longer have RBL active on the firewall or have you activated a different list? 

Reply Children
Unfiltered HTML