cancel
Showing results for 
Search instead for 
Did you mean: 

IP Addresses listed as Blacklisted

FIXED
mtorrance
Newbie
Posts: 4
Fixes: 1
Registered: ‎05-10-2018

IP Addresses listed as Blacklisted

It appears that some Plus NET IP addresses are blacklisted  I have plus.net broadband

Working from home I am attempting to connect to OWA.  (Microsoft Exchange Webmail) at a clientsThe router is reporting that the IP address I am coming from is blacklisted

 

The client router has content filtering and DNS checks for protection,the DNS protection also checks external connections, any that are black listed are not allowed through to the forwarding table and then on to the mail server on the DMZ.

  

The IP address is black listed on dnsbl.spfbl.net

---------------------------------------------

This is the rDNS found:

This IP has been flagged because it is dynamic or by suspect to be domestic use only.

If you are running an email service on this IP, ask ISP to change the rDNS.

The removal of this IP from this blacklist depends on change of rDNS to match the FQDN of the mail server.

--------------------------------------------

Many home workers are not going to have static IP address on their home circuit.  Having dynamic addresses blocked stops this home working functionally. 

Could Plus Net please address this issue, as it makes it hard to recommend plus net services when there is a chance that a corporate system is going reject them.

 

Many Thanks

 

Malcolm

 

 

8 REPLIES 8
JOLO
Plusnet Alumni (retired)
Plusnet Alumni (retired)
Posts: 1,149
Fixes: 77
Registered: ‎06-08-2018

Re: IP Addresses listed as Blacklisted

@mtorrance,

 

Sorry you're having issues but I'm not sure this is actually a problem as such. 

 

From what it sounds like you're remotely connecting to a clients router, and then accessing their Microsoft exchange and this is when your access is being blocked? Is that correct or am I misunderstanding your explanation?

 

The IP address assigned to your connection isn't showing as blacklisted for spam. The error you're getting because the IP is dynamic or domestic is correct, surely. The IP would be a domestic one on a domestic account, and it would be dynamic unless a static one has been requested (and paid for on domestic). 

 

Surely the way around this would be to set a rule/exception on the client filtering to allow your access, though my knowledge on those matters is extremely minimal. 

corringham
Seasoned Champion
Posts: 1,211
Thanks: 634
Fixes: 16
Registered: ‎25-09-2015

Re: IP Addresses listed as Blacklisted

You can order a static IP from Plusnet for a one-off cost of £5 from your account settings online (no need to phone Plusnet). Once you have that you may need to get the rDNS changed (that does need a phone call), particularly if you have your own domain name. I have both a static IP and my own domain(s) and run my own mail-server - it is far more reliable than Plusnet's 😉

If you work from home and have a residential account you will no doubt be repeatedly advised in the forums that it is against Plusnet's terms and conditions - apparently a couple of work-emails now and then is "ok", but anything more requires a Business account! If you fall into that category it may be worth changing to a business account (you don't need to be a business).

mtorrance
Newbie
Posts: 4
Fixes: 1
Registered: ‎05-10-2018

Re: IP Addresses listed as Blacklisted

Hi Jolo,

To Clarify

 

The message saying connection is being blocked is coming from my clients router.

PC A< ---> Plus Net Router --------<INTERNET>--------Draytek Router on Business Grade Spitfire Circuit<------->Exchange Server

PC A is attempting to access Exchange Web interface using a web browser (i.e. Internet explorer). No VPN's are being used as this is a public facing server web interface for email access.

The message return by the draytek interface, says that the IP addresss xxx.xxx.xxx.xxx is black listed.  where xxx.xxx.xxx.xxx is the IP address that plus net has assigned to my router.

 

At the draytek end, the router checks the incoming IP, this IP incoming IP is then checked to see if it is blacklisted. 

If it is black listed it will not allow that incoming IP access to any device on the DMZ.

Putting an exception rule in place will not work as a different IP could be allocated next time the Plus Net router is rebooted.

Switching off the DNS checks and content checks is not acceptable as this would be giving another possible access for a hack attack, it would also affect the content filtering on outgoing traffic.

The solution is to ensure that Plus net IP address are not being classified blacklisted.  This would require a process to ensure that when an IP address is reassigned, it is cleared from the black listing databases.

 

Malcolm

mtorrance
Newbie
Posts: 4
Fixes: 1
Registered: ‎05-10-2018

Re: IP Addresses listed as Blacklisted

Hi corringham,

 

You are right in that terms state:

2.1.3. use the services for personal use in the UK (so don't use the services to run your own business, but a couple of work emails or occasional home working are okay) and in accordance with our Acceptable Use Policy;

On this particular day, I was working from home as I had the plumber in, this would would come under occasional working, how ever due to the black listing I was not even able to do this.

 

Malcolm

ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: IP Addresses listed as Blacklisted


@mtorrance wrote:

The solution is to ensure that Plus net IP address are not being classified blacklisted.  This would require a process to ensure that when an IP address is reassigned, it is cleared from the black listing databases.


That's not going to be feasible, because the blacklisting is nothing to do with Plusnet, and one person could be assigned many different IP addresses in a day if they experience lots of disconnections.


@mtorrance wrote:

a different IP could be allocated next time the Plus Net router is rebooted.

Which you could try to get yourself a different IP address, one which hopefully wouldn't be blacklisted. I doubt Plusnet will be the only ISP to have some of their IP addresses on blacklists.

corringham
Seasoned Champion
Posts: 1,211
Thanks: 634
Fixes: 16
Registered: ‎25-09-2015

Re: IP Addresses listed as Blacklisted

I wouldn't worry too much about the T&Cs - I don't and I work from home all the time. It is just that whenever you have a problem and ask on the forum you'll get nagged, which gets a bit irritating - it isn't as if there are any significant differences between the residential and business packages (VAT invoices being the top one being discussed at present).

As far as your problem goes there's a couple of things that don't stack up. You say this is a public facing mail server - but the Draytek firewall is blocking dynamic IPs. That would block most non-business users. The usual case for blocking a dynamic IP is if it is hosting a MTA - i.e. if you were connecting directly to port 25 or 587. Do you have that server set as your outgoing SMTP server?

Plusnet's set up is correct, and the blacklist is also correct. The use of that blacklist by the firewall is correct if it is protecting an SMTP port, but probably wrong for any other port. You should normally use Plusnet's SMTP server as a smart host for routing outgoing e-mail.

Is it just outgoing connections e-mail that are blocked?

corringham
Seasoned Champion
Posts: 1,211
Thanks: 634
Fixes: 16
Registered: ‎25-09-2015

Re: IP Addresses listed as Blacklisted

@ejs, it isn't just Plusnet's addresses that are on that blacklist - it is ALL dynamic IP addresses from ALL ISPs everywhere. The intention is to block bad actors from using disposable dynamic addresses to send spam. It is an international agreement that dynamic IPs should not send e-mail outside their ISPs domain. That's why ISPs (and some services such as googlemail and outlook.com etc.) provide a SMTP mail server for you to use to route outgoing e-mail. Your dynamic IP is accepted by your ISP's mail server, and that has a static IP so it can then forward to wherever.

mtorrance
Newbie
Posts: 4
Fixes: 1
Registered: ‎05-10-2018

Re: IP Addresses listed as Blacklisted

Fix

I have now resolved the issue by adjusting the filtering files for port 443 to ensure they don’t pass through the DNS filter.

 

Annoying that the filtering service was filtering on non mail traffic ports. (When it should have not have been), perhaps it may have been different had I been the one who originally configured the router. 

corringham: 

I can confirm that plusnet are not blocking port 25 traffic to smtp servers across their network, at one time BT had blocks stopping access to any smtp server outside of BT network.  it seems that not all providers implement this.

Problem is now solved.