Yesterday morning I upgraded to firmware version 9.705-7. This morning at about 6:00 am the RBL feature has started rejecting well-known hosts. Shown here are oktax.state.ok and pharmacy.cvs.com.
Checking pharmacy.cvs.com with www.anti-abuse.org I see that it's all green.
I have turned off the RBL checks in the SMTP Antispam page and those email addresses are now going through the mail server.However, so are any 'bad-guy' sites that actually test as RBL failures. So, this is a workaround, not a fix.
An additional Work Around has been provided by GES.
Option 1:Uncheck "Use recommended RBL" and enter in a custom RBL if necessary.Do not use cbl.abuseat.org as a custom RBL at…
I am experiencing the same issue and installed version 9.707-5 on model SG430. This happens with zen.spamhaus and cbl.abuseat; we also had to disable the RBL in order receive emails that were not registered in those lists.
We are facing the same issue on two boxes on which we have installed version 9.707-5 two weeks ago. Yesterday evening the SMTP Proxy on both devices started to block several e-mail from different domains, which cannot be all at the same time on a blacklist. This happens with cbl.abuseat.org.
Does anybody have a fix for this issue?
Hallo Alexander and welcome to the UTM Community!
Did you try my suggestion above? Also, a reboot?
Cheers - Bob
Yes, we tried at first to restart the STMP-Service, which did not fix the issue and afterwards we rebooted the devices. Unfortunately this did no help also.We have disabled the RBL-Check for now and opened a ticket.
Since today we have the exact same Problem.
We discovered this toda at 10 am around.
Rebooting does not fix the Problem.
The Mail Adresses and most of the IP's where blocked from one RBL, but if u navigate to the RBL Website and check them, they are Rosponding, everithing is OK....
We have a Critical Case Opend at Sophos, if we get a Solution i will provide it here.
Hope someone of u is a bit faster ^^
This is currently a known issue and is being investigated actively under NUTM-13047
The current Work Around is:
Uncheck "Use recommended RBL" and enter in a custom RBL if necessary.
Do not use cbl.abuseat.org as a custom RBL at present.
Thank you brainy posters about unchecking the box and not using abuseat.org. Seems that issue keeps happening randomly every so often. I also had the issue with zen.spamhaus.org a while back, with the same kind of issue it was blocking all kinds of legitimate domains. it seems to be happy now though.
I've been happy recently and long term with a list of paid ones, invaluement in particular is super and is budget friendly.
b.barracudacentral.org, bl.spamcop.net and sbl.spamhaus.org get rid of a ton of crap when zen. is unhappy. then add your regular ones you know and trust
I'd love to know if anyone tested ctmail being added manually if you disable use recommended RBLs?
Standing by, i hope you all have a good rest of the week out there.
I had the same problem on a customer firewall a few hours ago ... so I've unchecked recommended and insert some custom RBL ... it would be great, if we can select unselect RBL from the recommended in the GUI
Option 1:Uncheck "Use recommended RBL" and enter in a custom RBL if necessary.Do not use cbl.abuseat.org as a custom RBL at present if you use public DNS.www.anti-abuse.org/.../ Contains a listing of common RBLs
Option 2:Under Network Services>DNS>Request Routing add cbl.abuseat.org to the domain field and then either directly add the Spamhaus IP or an alternate DNS server to not forward this domain via public DNS.
Brilliant solution Emmanuel, I used to have to watch that like a hawk seeing which DNSBLs don't like going through DNS, finally a while back i dedicated another unit to just doing root server queries, with no forward dns upstream, then have all the dnsbl queries go over to that box. That works but is more than likely slower. You rule sir. Mitchell PS, after a coffee I thought I'd tell people that are frustrated by poor spam filtering that here's the deal..... Some DNSBLs will NOT FILTER or respond if you use stupid google dns, 1111, cox, att, umbrella etc. They never block any spams. or they do, just up to a limit of 800,000 a day from the entire planet is whatone brain at a DNSBL told me a fewyears ago, so google dns 8888 will work and you'll see some replies in your log until they get a million queries then the DNSBL doesnt listen to google dns 8888 anymore that day. sorry for typos, I type too fast sometimes.
We can confirm this issue yesterday - but there must be also any other reason than DNS - a colleague of me tried to send a newsletter to a customer and runs into this issue.
But if I did send the newsletter from my e-mail address (same @domain and same outgoing mail-gateway) instead of my colleague it was working...