Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Which RBL is flagging the email?

XGS2300, 19.5.4

We're getting a lot of false positive blocked IP addresses lately. Where in the logs can I find what specific IP address is being blocked (since the message does not arrive I can't look at the headers) and which RBL is blocking it. All the logs say is "IP is blocked" with no details so I can't do anything with it.

Thanks.



This thread was automatically locked due to age.
Parents
  • I finally turned off Spamcop. We still have spamcop enabled on the mail server and it has the option to just increase the spam score as opposed to outright blocking it, so at worst a blocked sender will end up in the user's junk folder. 

    False positives seem to have dropped significantly.

    In our troubleshooting, we found many (most?) were being sent from Microsoft servers (protection.outlook.com or something). My theory is since so much of the world has given them control of their email, including spammers presumably, of course many legit senders would get blocked since they use the same servers.

  • Yes, I have observed the same thing. The blocked emails all came via the Microsoft O365 server.

    Do you no longer have RBL active on the firewall or have you activated a different list? 

Reply Children