This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM RBL Check broken today?

Hello,

today it seems like the RBL Pattern is broken, some E-Mails are getting blocked who are not on the Blacklist.

Anyone else

Greetings Felix



This thread was automatically locked due to age.
Parents
  • Hello Community

    This is currently a known issue and is being investigated actively under NUTM-13047

    The current Work Around is:

    Uncheck "Use recommended RBL" and enter in a custom RBL if necessary.

    Do not use cbl.abuseat.org as a custom RBL at present.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Hello Community,

    An additional Work Around has been provided by GES.

    Option 1:
    Uncheck "Use recommended RBL" and enter in a custom RBL if necessary.
    Do not use cbl.abuseat.org as a custom RBL at present if you use public DNS.
    www.anti-abuse.org/.../ Contains a listing of common RBLs

    Option 2:
    Under Network Services>DNS>Request Routing add cbl.abuseat.org to the domain field and then either directly add the Spamhaus IP or an alternate DNS server to not forward this domain via public DNS.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Hello,

    I am a little bit confused. We had the zen.spamhaus.org in our custom RBL not zen.spamHOUSE.org.

    I think zen.spamhaus.org is the real problem with RBL because the rbl blockings are not only wiithspamhaus.org, also abuseat.org blocks the same ip addresses.

    As you can read at abuseat.org

    "IMPORTANT TO ALL CBL users: If you were using the CBL to filter access to your mail servers or anything else, you will need to take note of several changes to the CBL that occured in January 2021. In short, the CBL infrastructure was replaced by the Spamhaus XBL structure, the lookup pages and access methods have changed."

    they changed their infrastructure to spamhaus.

    Because of the fact that abuseat.org is in the recommended RBLs of sophos all utm customers run into the same problem.

    So we disabled the recommendes rbl and used two other rbl lists as workaround.

Reply
  • Hello,

    I am a little bit confused. We had the zen.spamhaus.org in our custom RBL not zen.spamHOUSE.org.

    I think zen.spamhaus.org is the real problem with RBL because the rbl blockings are not only wiithspamhaus.org, also abuseat.org blocks the same ip addresses.

    As you can read at abuseat.org

    "IMPORTANT TO ALL CBL users: If you were using the CBL to filter access to your mail servers or anything else, you will need to take note of several changes to the CBL that occured in January 2021. In short, the CBL infrastructure was replaced by the Spamhaus XBL structure, the lookup pages and access methods have changed."

    they changed their infrastructure to spamhaus.

    Because of the fact that abuseat.org is in the recommended RBLs of sophos all utm customers run into the same problem.

    So we disabled the recommendes rbl and used two other rbl lists as workaround.

Children
No Data