Unfortunately I must report that legitimate emails are also blocked by sbl-xbl.spamhaus.org.
If you e-mails are being blocked by a sbl-xbl.spamhaus.org listing then you should be complaining loudly to your network provider.
It my help if you find out what list(s) that the I.P. address that is being listed is really on.
The sbl-xbl.spamhaus.org is combination of three lists:
sbl = sbl.spamhaus.org xbl = opm.blitzed.org and cbl.abuseat.org
To get on the sbl portion, an internet provider has either had to work at being a bad network citizen and have been ignoring legitimate abuse complaints or is actively and knowingly assisting a spammer. The sbl is very conservative and will only list a production mail server as a last resort.
To get on the opm.blitzed.org means that I.P. address has recently been tested and confirmed to be an open proxy, which basically means that it is providing unlimited free e-mail and other network services to every criminal on the internet. opm.blitzed.org will retest on request.
To get on cbl.abuseat.org, the I.P. in question must have sent e-mail to a spamtrap address, and the contents of that e-mail was determined not to be from an auto-responder that is generating a new mail in response to spam or a virus.
About the only way to get on the cbl.abuseat.org is for the I.P. listed to either be controlled by a virus or controlled by a spammer through an open proxy.
Removal from the cbl.abuseat.org is done through a webform, one removal is allowed per week.
So about only way that a mail server can get on the sbl-xbl.spamhaus.org is if it is under the control of a virus or a spammer.
Now looking at the mail server that your post went through:
It is not listed in the sbl-xbl.spamhaus.org.
opm.blitzed.org claims that they have never listed the I.P. address and have never been requested to do a test on that I.P. address.
The cbl.abuseat.org also shows that is is not listed currently. No other information is available.
The I.P. address is listed in bl.spamcop.net as hitting spamtraps.
There appears to be 5 outgoing mail servers for that domain, and that means that currently you have a 20% chance of your mail being rejected if you mail someone whose postmaster is using the spamcop blocking list for rejection instead of scoring.
At least three of the mail servers have recently sent spam to spamtraps operated by the opm.blitzed.org. This caused proxy tests to be performed on them which they passed.
195.202.32.15 listed in bl.spamcop.net (127.0.0.2)
If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 21 hours. Causes of listing
Maximum listing time after the last spam report is 48 hours.
Minimum listing time is 1/2. The time between varies based on an algorithm that takes into account prior listings of that I.P. address, and the amount of spam reported from it.
* System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)
To get listed this way, it means that the amount of spam hitting spamcop.net spamtraps exceeded 1% of the volume of e-mail from that I.P. from various monitoring points on the Internet.
For an ISP mail server, 1% is usually a large number.
Senderbase is reporting measuring well over 10,000 e-mails per day from that I.P.
Additional potential problems (these factors do not directly result in spamcop listing)
* System administrator has already delisted this system once
Because of the above problems, express-delisting is not available Listing History In the past 17.7 days, it has been listed 3 times for a total of 38
> hours
For a production mail server to get listed by spamcop.net this many times in that short of time, it indicates that there is a problem at that mail server, either it is relaying spam, or it is abusively bouncing spam and virus reports to what are known to be forged e-mail addresses instead of following the standard practice and using SMTP rejects.
Or they have a clueless user that is using the fake bounce function that some poorly written anti-spam software has. Of course they would have had to bounce a lot of spam/viruses in a short time to cause a listing.
Sending bounces or virus notifications to forged addresses are effectively a denial of service attack against the user that the spam or virus impersonated.
It looks like someone delisted the I.P. address from the spamcop.net list with out fixing the problem that resulted in the listing.
Getting an ISP mail server listed on spamcop.net is also rare, but does happen, but generally there is a large period of time (Think months/years) between listings unless there is a chronic problem with the configuration or security of that server.
-John [EMAIL PROTECTED] Personal Opinion Only
-- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
