Yesterday morning I upgraded to firmware version 9.705-7. This morning at about 6:00 am the RBL feature has started rejecting well-known hosts. Shown here are oktax.state.ok and pharmacy.cvs.com.
Checking pharmacy.cvs.com with www.anti-abuse.org I see that it's all green.
I have turned off the RBL checks in the SMTP Antispam page and those email addresses are now going through the mail server.However, so are any 'bad-guy' sites that actually test as RBL failures. So, this is a workaround, not a fix.
Issue is not due to Sophos UTM, rather due to Spamhaus' policy regarding lookups from Public DNS providers.
Option 1: Uncheck "Use recommended RBL" and enter in a custom RBL if necessary.
Do not use cbl.abuseat.org as a custom RBL at present if you use public DNS.
http://www.anti-abuse.org/multi-rbl-check/ Contains a listing of common RBLs Option 2: Under Network Services>DNS>Request Routing add cbl.abuseat.org to the domain field and then either directly add the Spamhaus IP or an alternate DNS server to not forward this domain via public DNS.
Emmanuel, if this is not a Sophos issue do you have any idea how this will be solved? Yes we have a quick fix now but i mean a more permanent solution.