Would a spammy email server only trigger one RBL? While mxtoolbox looks complete, there are more RBLs than on their list. I never knew Trend Micro had a RBL.
Spamrl.com is one I can't stay off of. They do honor their one week reprieve. Like I said, I managed to get them removed from servers that I communicate with. There are over a hundred RBLs. If one is a problem child, dump it. Pulled right from their website. "Unfortunately, we cannot disclose any details about WHY your IP has a bad reputation." This thread is about spamrl.com, and no, I'm not a participant in the thread. http://www.webhostingtalk.com/showthread.php?t=1598238 Supposedly spamrl.com uses honeypots, which makes me wonder if a prankster can spoof headers and spam the honeypots just to drum up customers for commercial white lists. Original Message From: Michael Segel Sent: Tuesday, May 2, 2017 7:02 AM To: Kevin A. McGrail Cc: li...@lazygranch.com; Matteo Cazzador; postfix users Subject: Re: Trace spam activity on mail server Just to follow up… I ran the check on his domain: https://mxtoolbox.com/domain/netlite.it/ Pretty clean, maybe a few things to fix, but he’s not on any black list. I don’t know when he set up his domain, it could be that Trend Micro blocked the IP block due to a previous tenant and never took them off. Truthfully, I don’t use much more than Spamhaus these days. in terms of RBLs. He’s not running an open relay and if there was a spammer on his network, Spamhaus would have caught it too. Or someone else. Its not Matteo’s server and I suspect its Trend Micro. HTH -Mike > On May 2, 2017, at 8:56 AM, Kevin A. McGrail <kmcgr...@pccc.com> wrote: > > On 5/2/2017 9:51 AM, Michael Segel wrote: >> You can run a check on your MX Server… there are a couple of web sites that >> do this… and I think one or two will identify the RBLs that include you. > One trick I use a lot when I have an infected machine on a network or a > customer with a problem is that I setup a smarthost running a milter that > runs the email through a spam checker, logs the answer and then tempfails the > emails. > > Then I can analyze if there is an issue and do a silent discard by subject or > internal IP if we find a compromised machine while letting everything else go > through. > > Regards, > KAM
