This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RBL's blocking Microsoft internal and Office365 servers

I'm finding that my critical contacts can't communicate with me via email due to flagging by RBL's.  After further investigation, it includes those who are using Microsoft email infrastructure: both internal employees and corporate members who have outsourced their email services to Microsoft through Live@edu other other offerings.  It's not only these folks, but blocking these people impacts me the most.


var/log/smtp/2013/12/smtp-2013-12-18.log.gz:2013:12:18-13:53:08  ravenna exim-in[23455]: 2013-12-18 13:53:08 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="74.63.194.68"  from="bounces+273298-313f-[private information]sendgrid.info"  to="doug@[private information].com" size="-1" reason="rbl"  extra="cbl.abuseat.org" [FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-03.log.gz:2014:01:03-16:10:34  ravenna exim-in[14501]: 2014-01-03 16:10:34 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="204.13.248.72"  from="" to="prvs=008145706c=[private information]" size="13915"  reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-06.log.gz:2014:01:06-10:18:04  ravenna exim-in[8293]: 2014-01-06 10:18:04 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.209"  from="susan.[private information]"  to="doug@[private information]" size="16611" reason="rbl"  extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-06.log.gz:2014:01:06-10:18:04  ravenna exim-in[8293]: 2014-01-06 10:18:04  H=mail-bl2lp0209.outbound.protection.outlook.com  (na01-bl2-obe.outbound.protection.outlook.com) [207.46.163.209]:5037  F= rejected RCPT  : 207.46.163.209 blacklisted at  combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:31:43  ravenna exim-in[6075]: 2014-01-08 13:31:43 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.206"  from="[private information].com" to="doug@[private information]"  size="20075" reason="rbl" extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:31:43  ravenna exim-in[6075]: 2014-01-08 13:31:43  H=mail-bl2lp0206.outbound.protection.outlook.com  (na01-bl2-obe.outbound.protection.outlook.com) [207.46.163.206]:42226  F= rejected RCPT  : 207.46.163.206 blacklisted at  combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:34:08  ravenna exim-in[6301]: 2014-01-08 13:34:08 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.149"  from="[private information].com" to="doug@[private information].com"  size="18356" reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:37:22  ravenna exim-in[6617]: 2014-01-08 13:37:22 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.242"  from="[private information].com" to="doug@[private information].com"  size="20007" reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-09.log.gz:2014:01:09-14:09:53  ravenna exim-in[14288]: 2014-01-09 14:09:53 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="204.13.248.72"  from="" to="prvs=0086cc3a24=doug@[private information].com" size="9911"  reason="rbl" extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-09.log.gz:2014:01:09-14:09:53  ravenna exim-in[14288]: 2014-01-09 14:09:53 H=mho-02-ewr.mailhop.org  [204.13.248.72]:28519 F=<> rejected RCPT  : 204.13.248.72  blacklisted at combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-10.log.gz:2014:01:10-12:43:14  ravenna exim-in[4950]: 2014-01-10 12:43:14 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.185"  from="[private information].com" to="doug@[private information].com"  size="10951" reason="rbl" extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-10.log.gz:2014:01:10-12:43:14  ravenna exim-in[4950]: 2014-01-10 12:43:14  H=mail-bn1blp0185.outbound.protection.outlook.com  (na01-bn1-obe.outbound.protection.outlook.com) [207.46.163.185]:13940  F= rejected RCPT  : 207.46.163.185 blacklisted at  combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-10.log.gz:2014:01:10-23:51:44  ravenna exim-in[32238]: 2014-01-10 23:51:44 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="204.13.248.72"  from="" to="prvs=0088fe969f=doug[private information].com" size="4677"  reason="rbl" extra="bl.spamcop.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-14.log.gz:2014:01:14-07:51:08  ravenna exim-in[14631]: 2014-01-14 07:51:08 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.154"  from="[private information]com" to="doug@[private information].com"  size="26180" reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-15.log.gz:2014:01:15-21:20:11  ravenna exim-in[10406]: 2014-01-15 21:20:11 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="157.55.133.100"  from="" to="doug[private information]com" size="10082" reason="rbl"  extra="bl.spamcop.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-12:49:00  ravenna exim-in[10423]: 2014-01-16 12:49:00 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="209.85.214.201"   from="3ukXYUhIJAEMqfgwfitwnzxmzrfszxlrfnq.htr@calendar-server.bounces.google.com"  to="doug@[private information].com" size="-1" reason="rbl"  extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-12:49:18  ravenna exim-in[10446]: 2014-01-16 12:49:18 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="74.125.82.48"  from="[private information].com" to="doug@[private information].com"  size="-1" reason="rbl" extra="zen.spamhaus.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-13:00:13  ravenna exim-in[11676]: 2014-01-16 13:00:13 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="209.85.128.73"  from="3W0jYUhIJAOgVKLbKNYbSecReWKXecQWKSV.MYW@calendar-server.bounces.google.com"  to="doug@[private information].com" size="-1" reason="rbl"  extra="bl.spamcop.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-13:06:19  ravenna exim-in[12739]: 2014-01-16 13:06:19 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="209.85.213.73"  from="3W0jYUhIJAOgVKLbKNYbSecReWKXecQWKSV.MYW@calendar-server.bounces.google.com"  to="doug@[private information].com" size="-1" reason="rbl"  extra="b.barracudacentral.org" [/FONT]
[FONT=monospace]/var/log/smtp.log:2014:01:17-12:11:36  ravenna exim-in[8201]: 2014-01-17 12:11:36 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.150"  from="[private information].com"  to="doug@[private information].com" size="32305" reason="rbl"  extra="psbl.surriel.com" [/FONT]
[FONT=monospace]/var/log/smtp.log:2014:01:17-12:14:28  ravenna exim-in[8411]: 2014-01-17 12:14:28 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.189"  from="[private information]com"  to="doug@[private information].com" size="32438" reason="rbl"  extra="cbl.abuseat.org" [/FONT]
Does anyone have any thoughts on best practices for RBL's or what to tell a CEO when he suggests one's email server [Sophos Gateway] is misconfigured.

Thanks,

~Doug


This thread was automatically locked due to age.
Parents
  • It seems Barracuda was one of the RBL's that listed Microsoft.

    Here are the RBL's that listed Microsoft:
    b.barracudacentral.org
    cbl.abuseat.org 
    psbl.surriel.com
    zen.spamhaus.org
    combined.rbl.msrbl.net 

    This list contains some of the best RBL's.  
    I think I'll conclude the resolution rests with Microsoft.
    They need to build a tool that will update RBL whitelists with their server IPs.
Reply
  • It seems Barracuda was one of the RBL's that listed Microsoft.

    Here are the RBL's that listed Microsoft:
    b.barracudacentral.org
    cbl.abuseat.org 
    psbl.surriel.com
    zen.spamhaus.org
    combined.rbl.msrbl.net 

    This list contains some of the best RBL's.  
    I think I'll conclude the resolution rests with Microsoft.
    They need to build a tool that will update RBL whitelists with their server IPs.
Children
No Data