LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-09-2007, 10:32 PM   #1
efm
Member
 
Registered: Apr 2005
Location: indonesia
Distribution: suse 10
Posts: 101

Rep: Reputation: 15
spamhaus/cbl keep blocking my ip!


hello,
i'm running a mail server, using kerio
every few days (2 or 3), spamhaus.org/cbl.abuseat.org blocks
my ip address, so i can't send mail

i know that i have port 25 open (according to site: https://www.grc.com/x/ne.dll?bh0bkyd2

cbl.abuseat.org gives me tips to overcome this, but it says that
i have to only accept smtp connection from well-known mail-servers,
the problem is that i don't know what are well-known mail-servers
and their ip addresses

please help me to solve this problem.

thank you,
faizal
 
Old 01-09-2007, 10:48 PM   #2
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Spamhaus doesn't have the ability to block your IP, but they will identify any mail coming from you as spam.

Unless you have a very strange configuration on your server or the firewall in front of it, your server won't refuse connection from anywhere. It should connect to any mailserver that initiates connection on port 25.

To get off the spamhaus list, take whatever steps they suggest on theri site.

peace,
JimBass
 
Old 01-09-2007, 11:39 PM   #3
efm
Member
 
Registered: Apr 2005
Location: indonesia
Distribution: suse 10
Posts: 101

Original Poster
Rep: Reputation: 15
hi,

i'm sure that there is no mass-mailing virus in any of the clients
computer connected to the mail-server, because kerio will reject
all smtp connection from clients which doesn't login,

perhaps the mail-server is used as a relay server by other?
because i see the log from kerio, which states that there were
some people who tried to relay through the server, but they
were all rejected,

do i have something to do with port 25?

thank you,

faizal
 
Old 01-09-2007, 11:45 PM   #4
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
No, you don't have to do anything with port 25. If your server rejects any messages that people try to send through it if they are not authenticated, then you are relatively safe.

That leads to another question though, could some of the legitimate users of the system be sending out spam?

Peace,
JimBass
 
Old 01-10-2007, 12:34 AM   #5
efm
Member
 
Registered: Apr 2005
Location: indonesia
Distribution: suse 10
Posts: 101

Original Poster
Rep: Reputation: 15
there are 20 users using the mail server, and kerio writes log
everytime they send/receive mail.
according to the log, i don't see people sending many messages..

btw,
sometimes, one of the client receives mail which has the subject
"SPAM xxxxxx" (it's marked by other mail server). if he forward/
reply it, with the same subject (e.g. "re: SPAM xxxx"), can it
trigger spamhaus?

thank you,

faizal
 
Old 01-10-2007, 12:40 AM   #6
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
Nope. Spamhaus uses a very complex formula of text scanning, use of html, and tons of other things to determine if it is spam or not.

You should also get your ISP to create a PTR record for your mail server's IP address. That can help, if you are sending mail from a non static connection like a cable modem, you can't get a PTR, and it increases the chances that the mail coming from your address is spam.

Peace,
JimBass
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
CBL Lookup Utility block IP adress for IRC kaplis Linux - Security 4 07-30-2006 11:20 PM
CBL Lookup Utility block IP adress for IRC.LV kaplis Linux - Software 1 07-15-2006 06:07 AM
rblsmtpd & spamhaus.org ziggie216 Linux - General 1 12-19-2005 12:14 PM
IP blocking merlin371 Linux - Networking 2 08-04-2003 10:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration