Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 18872 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RBL's blocking Microsoft internal and Office365 servers

SalishSwede
I'm finding that my critical contacts can't communicate with me via email due to flagging by RBL's.  After further investigation, it includes those who are using Microsoft email infrastructure: both internal employees and corporate members who have outsourced their email services to Microsoft through Live@edu other other offerings.  It's not only these folks, but blocking these people impacts me the most.


var/log/smtp/2013/12/smtp-2013-12-18.log.gz:2013:12:18-13:53:08  ravenna exim-in[23455]: 2013-12-18 13:53:08 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="74.63.194.68"  from="bounces+273298-313f-[private information]sendgrid.info"  to="doug@[private information].com" size="-1" reason="rbl"  extra="cbl.abuseat.org" [FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-03.log.gz:2014:01:03-16:10:34  ravenna exim-in[14501]: 2014-01-03 16:10:34 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="204.13.248.72"  from="" to="prvs=008145706c=[private information]" size="13915"  reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-06.log.gz:2014:01:06-10:18:04  ravenna exim-in[8293]: 2014-01-06 10:18:04 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.209"  from="susan.[private information]"  to="doug@[private information]" size="16611" reason="rbl"  extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-06.log.gz:2014:01:06-10:18:04  ravenna exim-in[8293]: 2014-01-06 10:18:04  H=mail-bl2lp0209.outbound.protection.outlook.com  (na01-bl2-obe.outbound.protection.outlook.com) [207.46.163.209]:5037  F= rejected RCPT  : 207.46.163.209 blacklisted at  combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:31:43  ravenna exim-in[6075]: 2014-01-08 13:31:43 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.206"  from="[private information].com" to="doug@[private information]"  size="20075" reason="rbl" extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:31:43  ravenna exim-in[6075]: 2014-01-08 13:31:43  H=mail-bl2lp0206.outbound.protection.outlook.com  (na01-bl2-obe.outbound.protection.outlook.com) [207.46.163.206]:42226  F= rejected RCPT  : 207.46.163.206 blacklisted at  combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:34:08  ravenna exim-in[6301]: 2014-01-08 13:34:08 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.149"  from="[private information].com" to="doug@[private information].com"  size="18356" reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-08.log.gz:2014:01:08-13:37:22  ravenna exim-in[6617]: 2014-01-08 13:37:22 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.242"  from="[private information].com" to="doug@[private information].com"  size="20007" reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-09.log.gz:2014:01:09-14:09:53  ravenna exim-in[14288]: 2014-01-09 14:09:53 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="204.13.248.72"  from="" to="prvs=0086cc3a24=doug@[private information].com" size="9911"  reason="rbl" extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-09.log.gz:2014:01:09-14:09:53  ravenna exim-in[14288]: 2014-01-09 14:09:53 H=mho-02-ewr.mailhop.org  [204.13.248.72]:28519 F=<> rejected RCPT  : 204.13.248.72  blacklisted at combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-10.log.gz:2014:01:10-12:43:14  ravenna exim-in[4950]: 2014-01-10 12:43:14 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.185"  from="[private information].com" to="doug@[private information].com"  size="10951" reason="rbl" extra="combined.rbl.msrbl.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-10.log.gz:2014:01:10-12:43:14  ravenna exim-in[4950]: 2014-01-10 12:43:14  H=mail-bn1blp0185.outbound.protection.outlook.com  (na01-bn1-obe.outbound.protection.outlook.com) [207.46.163.185]:13940  F= rejected RCPT  : 207.46.163.185 blacklisted at  combined.rbl.msrbl.net [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-10.log.gz:2014:01:10-23:51:44  ravenna exim-in[32238]: 2014-01-10 23:51:44 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="204.13.248.72"  from="" to="prvs=0088fe969f=doug[private information].com" size="4677"  reason="rbl" extra="bl.spamcop.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-14.log.gz:2014:01:14-07:51:08  ravenna exim-in[14631]: 2014-01-14 07:51:08 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.154"  from="[private information]com" to="doug@[private information].com"  size="26180" reason="rbl" extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-15.log.gz:2014:01:15-21:20:11  ravenna exim-in[10406]: 2014-01-15 21:20:11 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="157.55.133.100"  from="" to="doug[private information]com" size="10082" reason="rbl"  extra="bl.spamcop.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-12:49:00  ravenna exim-in[10423]: 2014-01-16 12:49:00 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="209.85.214.201"   from="3ukXYUhIJAEMqfgwfitwnzxmzrfszxlrfnq.htr@calendar-server.bounces.google.com"  to="doug@[private information].com" size="-1" reason="rbl"  extra="cbl.abuseat.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-12:49:18  ravenna exim-in[10446]: 2014-01-16 12:49:18 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="74.125.82.48"  from="[private information].com" to="doug@[private information].com"  size="-1" reason="rbl" extra="zen.spamhaus.org" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-13:00:13  ravenna exim-in[11676]: 2014-01-16 13:00:13 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="209.85.128.73"  from="3W0jYUhIJAOgVKLbKNYbSecReWKXecQWKSV.MYW@calendar-server.bounces.google.com"  to="doug@[private information].com" size="-1" reason="rbl"  extra="bl.spamcop.net" [/FONT]
[FONT=monospace]/var/log/smtp/2014/01/smtp-2014-01-16.log.gz:2014:01:16-13:06:19  ravenna exim-in[12739]: 2014-01-16 13:06:19 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="209.85.213.73"  from="3W0jYUhIJAOgVKLbKNYbSecReWKXecQWKSV.MYW@calendar-server.bounces.google.com"  to="doug@[private information].com" size="-1" reason="rbl"  extra="b.barracudacentral.org" [/FONT]
[FONT=monospace]/var/log/smtp.log:2014:01:17-12:11:36  ravenna exim-in[8201]: 2014-01-17 12:11:36 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.150"  from="[private information].com"  to="doug@[private information].com" size="32305" reason="rbl"  extra="psbl.surriel.com" [/FONT]
[FONT=monospace]/var/log/smtp.log:2014:01:17-12:14:28  ravenna exim-in[8411]: 2014-01-17 12:14:28 id="1003" severity="info"  sys="SecureMail" sub="smtp" name="email rejected" srcip="207.46.163.189"  from="[private information]com"  to="doug@[private information].com" size="32438" reason="rbl"  extra="cbl.abuseat.org" [/FONT]
Does anyone have any thoughts on best practices for RBL's or what to tell a CEO when he suggests one's email server [Sophos Gateway] is misconfigured.

Thanks,

~Doug


This thread was automatically locked due to age.
Parents
  • 0
    Ha!  That's hilarious.
    The rub is this still affects your inbound email from all the folks that use MS Online Services (aka Office 365) for their corporate email.  We're all impacted.


    I was getting mine frim my ofgice365 to my Google apps

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • 0
    Ha!  That's hilarious.
    The rub is this still affects your inbound email from all the folks that use MS Online Services (aka Office 365) for their corporate email.  We're all impacted.


    I was getting mine frim my ofgice365 to my Google apps

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
No Data
Unfiltered HTML