cancel
Showing results for 
Search instead for 
Did you mean: 

Blacklisted IP address

N/A

Blacklisted IP address

Hello

I'm not a technical type and just use my broadband connection for email and surfing the 'net. I am now getting mail returned to me from Tiscali addresses with the message:

host mx6.uk.tiscali.com [212.74.100.151]: 550 mail not accepted from blacklisted IP address [212.159.14.212]

What does this mean (in idiot-friendly language for me, please)?

Also, I am getting inundated by spam (despite running anti-spam software).

What is the problem?

K
10 REPLIES
Community Veteran
Posts: 38,207
Thanks: 898
Fixes: 54
Registered: 15-06-2007

Blacklisted IP address

We are in trouble
Quote
Multi-RBL check 212.159.14.212 (ptb-relay01.plus.net.) AS6871 PlusNet

Quote
bl.spamcannibal.org http://bl.spamcannibal.org bl.spamcannibal.org LISTED
DSBL - Distributed Sender Boycott List/multihop http://dsbl.org/ multihop.dsbl.org LISTED
DSBL - Distributed Sender Boycott List/unconfirmed http://dsbl.org/ unconfirmed.dsbl.org LISTED
Taken from this link
Link corrected
oliverb
Grafter
Posts: 606
Registered: 02-08-2007

Blacklisted IP address

Note I've edited this as when I first posted it I'd misunderstood the dsbl reports and I thought the tests had originated at plusnet customers, rather than being relayed by their servers.

I won't paste the information here but it's perfectly clear on the dsbl.org site. It looks to me as if two accounts one plusnet and one force9 were repeatedly "relay tested", thus blacklisting plusnet.

To clarify: Relay testing means looking for mailservers that will accept and deliver unauthorised email such as spam. They are blocked in order to prevent floods of spam.

Since Plusnet customers are authorised to use Plusnet's server it will always fail a relay test when tested from a Plusnet account. Addition: It will also fail if a plusnet user runs a mailserver with an open relay and sets it to route all outbound mail via plusnet's relay. Plusnet's system is just doing it's job (for once).
N/A

Blacklisted IP address

It certainly does look as if a couple of badly configured mailservers have caused the problem.

Hopefully Comms will see this and pass it through to networks for resolution/escalation.
blowdart
Grafter
Posts: 93
Registered: 04-08-2007

Blacklisted IP address

Quote
It certainly does look as if a couple of badly configured mailservers have caused the problem.


You mean there are mail servers that work? Colour me surprised!
oliverb
Grafter
Posts: 606
Registered: 02-08-2007

Blacklisted IP address

Quote
It certainly does look as if a couple of badly configured mailservers have caused the problem.



Oh I see what you mean, the relays passed the message to ptb-relay01.plus.net so ptb-relay01.plus.net got listed instead.
chrisco
Grafter
Posts: 314
Registered: 31-07-2007

Blacklisted IP address

I'm getting the following result when I try to send a legitimate message to one of my contacts:

Quote: 554 The IP Address of the sender (212.159.14.133) was found
in a DNS blacklist database and was therefore refused.

So is this something that Plusnet need to fix & is it part of the spam problem that's plaguing us all of late, if so anyone know when things will be fixed :?
jnwright
Grafter
Posts: 281
Thanks: 1
Registered: 05-04-2007

Blacklisted IP address

I tried to find out why there might be a blacklisting.

Querying the addresses and then checking mynetwatchman is interesting:

Address: 212.159.14.133
Name: pih-relay06.plus.net

http://www.mynetwatchman.com/LID.asp?IID=223024829


Address: 212.159.14.212
Name: ptb-relay01.plus.net

http://www.mynetwatchman.com/LID.asp?IID=220390178


Both tripped using port 25 and myNetWatchman KnowledgeBase reports:

Port 25 is used by SMTP - Simply Mail Transport Protocol

In other words, a mail server.

Broad scanning for SMTP servers is often an indication of a Spammer looking for open mail relays. That is, mail servers which will accept connections from anyone and deliver mail to any destination.


Most recent listed events were on 16th October. The Incident response from Plusnet to myNetWatchman in both cases was: No response
___oDiN__
Grafter
Posts: 454
Registered: 17-08-2007

Blacklisted IP address

i dont know why plusnet cant use secure auth on there servers, i have a bt connect email account and it get 0% spam
aetos
Grafter
Posts: 166
Registered: 30-07-2007

Blacklisted IP address

I have had the same problem trying to e-mail a friend on xxxx@vodafone.net

The e-mails are rejected and not accepted.

If I send them via another mail server they go fine.

How many e-mails are getting lost when they are Blackholed by other ISPs etc.

This issue has been raised for monthe and yet PN have not been seen to resolve the issue

MArk
pacem
Grafter
Posts: 175
Registered: 07-09-2007

Blacklisted IP address

Secure auto wont make any difference to the open-relay problem. PN customers who run open relays will still be authorised to access PN's mail servers.

However, machines that get zombied and turned into open-relays would not be likely to have a valid password to send mail through PN's mail servers.

I still think PN should use authentication for the reason above as well as it enabling me to send email from my PN account when I am roaming.

Paul.<><