Kaseya Community

Real Time Black Lists

  • We're being driven crazy by clients being blacklisted. We can manually check the blacklists for each client but are hoping that someone may have come up with a way to do this with some kind of tool or kaseya script.

    Thanks!

    Rick

    Legacy Forum Name: Real Time Black Lists,
    Legacy Posted By Username: rvines@axcelltech.com
  • HI

    You are not solving the underlying reason for the blacklisting.

    Have you run the domain through dnsreport.com to see what is wrong.

    The most common causes include:
    - running a mail server on a dynamic IP address
    - running a mail server on a residential class Internet connection
    - smtp greeting does not match the mx record
    - no rDNS entry
    - rDNS does not match MX record
    - invalid/incorrect SPF record
    - your client is a spammer

    If you are having mulitple problems with mulitple clients again and again, it sounds like you guys are have some sort of configuration issues that you are doing for your clients. I have about 35 mail servers that we maintain and we rarely have clients that get blacklisted.

    hc

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: howardc
  • howardc
    Have you run the domain through dnsreport.com to see what is wrong.


    I agree with Howard here. You can spend a long time creating a screen scraper or interfacing with APIs or parsing text files from the blacklists, but there's a reason the clients are being added to a blacklist. Find out the root cause and resolve the problem. Most cloud-based spam filters will allow you to relay outbound mail, and this solves a good many of the basic issues with being blacklisted (RDNS setup, static IPs, SPFs, etc.). Most will also scan the outbound mail and block any outbound spam or viruses. We put our clients on MessageLabs and it does a fantastic job of removing the uncertainty of blacklisting.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: arobar
  • Arobar-
    I agree that cloud based spam filtering is the way to go. Be advised that some blacklists are now checking upstream in the headers. I had a client get on one of the spamhaus lists (I think it was the xbl) b/c their source IP was on the list (even though it passed thru Postini).

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: rwitt
  • You're right in suggesting that we find the root cause and resolve the problem, but...

    I still think it would be useful to know if a client has been blacklisted before they call me, so that I can jump on the problem quicker.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: djmundy
  • Hi

    DNSStuff.com has a subscription service to monitor RBLs (http://member.dnsstuff.com/info/overview_rbl.php)

    I think that trying to monitor the RBLs is a futile effort... The problem is that Verizon, SBC, AOL and ATT (that I know of) maintain their own black lists that are not published. Or filters like the Barracudas that will start listing and you have no way to know until the client calls.

    hc

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: howardc
  • Easy.
    Create a script that will ping the reverse-order IP . zen . spamhaus . org. If it doesn't resolve, you're clear. If it does, then the server is on the blacklist.

    So, if your mail server IP address is 1.2.3.4, then check for 4.3.2.1.zen.spamhaus.org (or any other blacklist).

    Should be a piece of cake to script, or maybe even create an external monitor...

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: Lmhansen
  • At last, a practical answer to my question!

    Thanks very much!

    We will work on this and post what we come up with.

    Legacy Forum Name: General Discussion,
    Legacy Posted By Username: rvines@axcelltech.com