dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1644
share rss forum feed

spider62

join:2001-03-19
Clemmons, NC

[TWC] SORBS blacklisting a RR IP

So..

I have encountered a problem that prevents me from sending email from my home computer. (I can remote office to my exchange server and have no issue), since early this afternoon I get the following reply.

Your message did not reach some or all of the intended recipients.

Subject: test
Sent: 1/21/2013 6:29 PM

The following recipient(s) cannot be reached:

'xxxx@verizon.net' on 1/21/2013 6:29 PM
Server error: '554 5.7.1 Service unavailable; Client host
[174.111.58.63] blocked using dnsbl.sorbs.net; Dynamic IP Addresses See:
»www.sorbs.net/lookup.shtml?174.111.58.xxx'

I have researched via the link provided and it appears that the ENTIRE group of IP addresses assigned dynamically are being blocked. I attempted to contact RR Tech Support and performed a number of tasks in an attempt to refresh the IP assigned to my system but to no avail. I can only get two different ones assigned, (it seems to be assigning according to MAC) and both addresses are coming up blocked (172.111.58.xx and 174.111.40.xxx).

My understanding of the issue is that because RR assigns addresses dynamically within the block of addresses shown in the blacklisting, SORBS is treating all addresses the same. I have been running Nortons 360 on all my computers for many years and practice safe wireless access utilizing 64 bit password to access. I have checked my systems and do not find anything questionable from within my residential domain. It appears I am suffering from the abusive acts of someone else within the RoadRunner network I access.

The earliest reference to a SORBS issue comes from 2006 so not sure if I'm hitting all my sources yet but any response would be appreciated.


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:16
What outbound email server are you sending the email to?

You're not using the RR smtp server are you?

spider62

join:2001-03-19
Clemmons, NC
No it's a server out of Las Vegas but the block comes from the Client address which is mine. When I go to the exchange server directly, remoteoffice, no problems.


jimk
Premium
join:2006-04-15
Raleigh, NC
Reviews:
·Time Warner Cable

2 edits
reply to spider62
Every single dynamic residential IP address on the TWC network is supposed to be listed in the SORBS DUHL and the Spamhaus PBL.

That's all these lists are... a listing of dynamic IPs. You aren't being blacklisted for sending spam or any form of malware. These lists are in place because a huge amount of spam comes from infected Windows PCs on residential Internet connections with dynamic IP addresses. Most mail server administrators would rather not receive mail directly from a dynamic IP address, and using one of these lists dramatically cuts down on the amount of spam they have to deal with.

Switching ISPs won't help, either. As long as you have a dynamic IP, you will continue to run into this issue. These lists are maintained using data provided by the ISP. Only the ISP can update what's on the list in most situations. Although there is a removal form, TWC has instructed Spamhaus not to allow any of their IP addresses to be removed by customers from this list. Not sure if they did the same thing with SORBS, but I would assume that they did. This also prevents people from running mail servers over residential connections, which is prohibited by the terms of service.

Now, you could be on additional blacklists due to the actions of other customers. You might be able to get your address removed from those, but it isn't really worth the effort.

The fix for this is to send your emails through a proper email server that isn't on a dynamic IP... for example, if you are sending from your work account, your email client should probably be pointed to your company's SMTP server (or if it is a Microsoft Exchange account, through Outlook Anywhere which makes everything work very smoothly if it is configured properly). Otherwise, you can try using Time Warner Cable's SMTP server, or your email host's server if you have one. Also, another possible cause for this is SMTP authentication being turned off in your email client.

Edit: The TWC/RoadRunner SMTP server for Clemmons, NC is smtp-server.triad.rr.com. however, if you are trying to send emails from your work account when you are at home, you should contact your company's IT support to make sure your email account is configured properly.


DrDrew
That others may surf
Premium
join:2009-01-28
SoCal
kudos:16

1 edit
reply to spider62
Your smtp server admin would have to fix it, hopefully by informing its users how to properly use its email servers when off their network. TWC can't do anything since you're not using their smtp server.

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9
reply to spider62
174.111.58.63 -> cpe-174-111-058-063.triad.res.rr.com

That's a dynamic / residential, you-are-not-supposed-to-be-sending-smtp-from-here address. Pretty much no one on earth is going to allow you in.

Now, if you are submitting email from a "mail user agent" (i.e. Outlook) to an email server (a "mail transfer agent") -- i.e. your company's mail server... a) you shouldn't be doing this on port 25, but outlook is brain dead here, b) you should be authenticating with this server so it knows you're not John Q. Public trying to relay SPAM. (Really, you should be using a VPN and not have to worry about this.)

spider62

join:2001-03-19
Clemmons, NC
So the plot thickens,

I have been using the same process for over three years.

I have configured my outlook to use an IMAP through my work address.

Should I use the TWC SMTP to outbound my email?

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9

2 recommendations

That's a discussion to have with your system administrator. If I were the admin, you'd be using encryption, user authentication, and not port 25.