RBL Blacklisted by Yahoo and Barracuda – Remove IP from Real time Blacklist

Author: admin

16 Nov

Last week a spammer found an exploit on the district website which allowed them to use the server to send out spam email. The exploit was simply an old mail php script that allows messages to be sent from vistors to staff members on the homepage. This old script was not secure in that it could easily be sent instructions changing the from and to destination fields allowing it to email just about anyone. I became aware of this issue once people began emailing informing me that all emails to Yahoo were being returned.

Looking at the Mail queue on our Kerio server, 35,000 messages were waiting to be delivered to Yahoo – all spam.

The Spam problem was easily addressed. Edited the mail php script and tightened the firewall on the server – closing all forms of an open relay.

What is not so easy is to get removed off of Real time blacklists from Barracuda, Yahoo and Others.

After a few Google searches on the subject I came across a few useful websites and links that address just this problem.

http://www.mxtoolbox.com/blacklists.aspx

This website simply checks your IP against a list of real time blacklists and shows which lists consider the mail server to be spam.

Originally when I ran this tool I found 4 lists that considered our IP to be a source of spam. Of these four Barracuda and Yahoo were the two main biggies causing email frustration in the district.

I have attached a list of links that are useful in removing oneself off of a Blacklist. It is important to not fill out a request until you have fixed the original spam issue, these lists are usually very accurate and if you fail to fix the spam problem you will be quickly re black-listed.

AOL:
Request whitelist – http://postmaster.info.aol.com/whitelist/whitelist_guides.html
Remove from RBL – http://postmaster.info.aol.com/waters/sa_form.html

Hotmail:
Remove from RBL – http://ipremoval.sms.symantec.com/lookup/

Yahoo!:
Request whitelist – http://help.yahoo.com/l/us/yahoo/mail/postmaster/postmaster_wl.html?from_url=http://help.yahoo.com/l/us/yahoo/mail/postmaster/index.html
Remove from RBL – http://help.yahoo.com/l/us/yahoo/mail/postmaster/defer.html?from_url=http://help.yahoo.com/l/us/yahoo/mail/postmaster/index.html

Barracuda
Check Status and Remove from RBL: http://www.barracudacentral.org/reputation?ip=74.247.83.218

After waiting about 48-72 hours and filling out the white list and bulk mail requests – all is well.

Filed under: Geneseo CUSD Network, Kerio, New Technology

4 Responses for "RBL Blacklisted by Yahoo and Barracuda – Remove IP from Real time Blacklist"

MxToolBox November 17th, 2009 at 9:32 am 1
Thank you for recommending our Blacklist tool to your users and we are glad it was helpful in finding out what Blacklists you were listed on.

We are always interested in how system administrators are using our tools, so this was great to see. We are also interested in any feedback on new tools or recommended tools so we can add them to our site.

If you don’t mind we will RT your article so that our users can see the websites you recommended for Hotmail, Yahoo and Barracuda.

Thanks so much!
@MxToolBox
Jason Bradbury December 2nd, 2009 at 10:19 am 2
Great post! I always use the spam blacklist tool, http://www.spamblacklist.co.uk

It’s far quicker and simpler to use, much like whatismyip, but for checking listings.

thanks again.
sts April 25th, 2010 at 1:48 pm 3
It is always pleasure to read your posts, will back here soon
Blacklist May 3rd, 2010 at 9:46 am 4
There is also another online toll to check if ip address is blacklisted http://www.magic-net.nl/black-list-checker.php