Results 1 to 9 of 9

Thread: Being added to CBL blocklist

  1. #1
    mrobinson20 is offline Starter Member
    Join Date
    Aug 2011
    Posts
    1
    Rep Power
    3

    Default Being added to CBL blocklist

    Hi,

    I'm new here and wondered if someone could help. After upgrading from version 6 to 7 and rebooting I have noticed we are having emails returned from aol.com, hotmail.com etc..

    After investigation I checked our IP address at spamhaus and noticed we are added to the CBL blocklist after running a check on CBL the following is returned..

    This IP address is HELO'ing as "localhost.localdomain" which violates the relevant standards (specifically: RFC5321).

    I've tried messing around with my etc/hosts file which is currently reading...

    127.0.0.1 localhost.localdomain localhost
    192.168.1.90 mail.ourdomain.co.uk mail

    Any help or advice as to why this is happening would be most appreciated.

    Thanks in advance.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by mrobinson20 View Post
    This IP address is HELO'ing as "localhost.localdomain" which violates the relevant standards (specifically: RFC5321).
    Surely the error message you've posted tells you what the problem is. You need to verify whether your server returns a correct response to the "HELO" command.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,366
    Rep Power
    10

    Default

    Quote Originally Posted by mrobinson20 View Post
    Hi,

    I'm new here and wondered if someone could help. After upgrading from version 6 to 7 and rebooting I have noticed we are having emails returned from aol.com, hotmail.com etc..

    After investigation I checked our IP address at spamhaus and noticed we are added to the CBL blocklist after running a check on CBL the following is returned..

    This IP address is HELO'ing as "localhost.localdomain" which violates the relevant standards (specifically: RFC5321).

    I've tried messing around with my etc/hosts file which is currently reading...

    127.0.0.1 localhost.localdomain localhost
    192.168.1.90 mail.ourdomain.co.uk mail

    Any help or advice as to why this is happening would be most appreciated.

    Thanks in advance.
    As Bill said, you now know why you are being blocked, but I have never seen a Zimbra server HELO that way.

    You can test easily enough from a command prompt on your Zimbra server:

    Code:
    zimbra@mail2:~> telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    220 mail2.reliablenetworks.com ESMTP Postfix
    quit
    221 2.0.0 Bye
    Connection closed by foreign host.
    zimbra@mail2:~>
    Please test and report back.

    Hope that helps,
    Mark

  4. #4
    Soul99 is offline New Member
    Join Date
    Apr 2012
    Posts
    4
    Rep Power
    3

    Default

    Hello.
    I have the same problem. "
    zimbra@mailsrv:/home/alex$ telnet localhost 25
    Trying ::1...
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    220 mail.santonit.ru ESMTP Postfix
    quit
    221 2.0.0 Bye
    Connection closed by foreign host.
    zimbra@mailsrv:/home/alex$ zmcontrol -v
    Release 7.1.4_GA_2555.UBUNTU10_64 UBUNTU10_64 FOSS edition.

  5. #5
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by Soul99 View Post
    I have the same problem. "
    The same problem as what, exactly? Do you mean that you're on a blocklist? Might it be partly caused by the fact your DNS records are incorrect? Here's the output of a dig command for your domain:

    Code:
    dig santonit.ru mx
    
    ; <<>> DiG 9.8.1-P1 <<>> santonit.ru mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29533
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 3
    
    ;; QUESTION SECTION:
    ;santonit.ru.                   IN      MX
    
    ;; ANSWER SECTION:
    santonit.ru.            600     IN      MX      10 aspmx.l.google.com.
    santonit.ru.            600     IN      MX      20 alt1.aspmx.l.google.com.
    santonit.ru.            600     IN      MX      20 alt2.aspmx.l.google.com.
    
    ;; ADDITIONAL SECTION:
    alt1.aspmx.l.google.com. 248    IN      A       173.194.70.26
    alt2.aspmx.l.google.com. 38     IN      A       173.194.69.27
    aspmx.l.google.com.     224     IN      A       173.194.66.27
    
    ;; Query time: 117 msec
    ;; SERVER: 192.168.1.1#53(192.168.1.1)
    ;; WHEN: Mon Apr  9 19:10:24 2012
    ;; MSG SIZE  rcvd: 153
    Note that none of these records actually resolve to your server IP.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  6. #6
    Soul99 is offline New Member
    Join Date
    Apr 2012
    Posts
    4
    Rep Power
    3

    Default

    Yes/
    My system:
    E-mail to be google (for antispam).
    I have installed on my server: zimbra + fetchmail. This bundle collects mail from the box on google.
    And smtp server - also my mailserver.

    I decided to check how it works and sent a test e-mail to helocheck@cbl.abuseat.org.
    In response to this e-mail came:
    The mail system

    <helocheck@cbl.abuseat.org>: host mail-in.cbl.abuseat.org[82.94.216.251] said:
    550 HELO for IP 81.222.82.82 was "mail.santonit.ru" (in reply to RCPT TO
    command)
    wtf? They have any problems?

  7. #7
    Soul99 is offline New Member
    Join Date
    Apr 2012
    Posts
    4
    Rep Power
    3

    Default

    up _

  8. #8
    justdave is offline Trained Alumni
    Join Date
    Nov 2008
    Location
    Grand Rapids, MI
    Posts
    123
    Rep Power
    6

    Default

    Usually the blacklists care about the HELO name you give on your outgoing connections, not the incoming one. Usually Zimbra's postfix will figure it out automatically from the name of your machine (you do have you machine set to its real hostname, right?)

    It is possible to override the name that it uses though.

    Code:
    zmlocalconfig -e postfix_smtp_helo_name=your.domain.name
    You may need to restart configd and the mta after changing that for it to pick it up.

  9. #9
    Soul99 is offline New Member
    Join Date
    Apr 2012
    Posts
    4
    Rep Power
    3

    Default

    big tnx - my problem is solved!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. remove users added to milter server dl
    By rajeshkodali in forum Administrators
    Replies: 2
    Last Post: 04-25-2011, 09:27 PM
  2. server dropped connection
    By ferra in forum Installation
    Replies: 20
    Last Post: 10-06-2008, 04:32 PM
  3. Zimbra Desktop added a second Calendar
    By eombah in forum General Questions
    Replies: 5
    Last Post: 04-04-2008, 02:20 PM
  4. Replies: 4
    Last Post: 01-26-2008, 01:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •