Select Page

Real Time Blackholes (RBLs) have had their share of controversy in the past, but they can be quite useful in stopping spam (if you weight their responses).

However, I recently noticed a post by someone on one of Sunbelt’s discussion forums.

We had a (now-former) employee install a bunch of spyware on a workstation late Friday. One of the messes was a spam generator of some kind. The workstation’s offline now.

The problem is we only have one external visible IP, so now my mail IP is blacklisted all over the place. Is there a magic process for getting off blacklists?

I’m googling as we speak  

Ok, that’s understandable.  So what happened?

He started the process of getting off the blacklists (something, incidentally, you can check yourself by going to dnsstuff.com and doing a Spam Database Lookup).

However, he hit a roadblock. One blacklist, UCE Protect, refused to even consider his request in a timely manner, unless he shelled out 50 euros.  From their webpage:

FREE OF CHARGE REMOVAL:
There is no need for you to request removal, if you do not want to pay.
Every IP at Level 1 will expire 7 Days after the last mail from it hit our SPAMTRAPS.
This means your IP will be removed automatically after that period.

PAID IMMEDIATE REMOVAL :
If you do not want to wait 7 Days, you may request a paid immediate removal.
Fee for this is 50 Euros per IP. Payments are accepted by Paypal only.
Removal will be done by hand, as soon as Paypal tells us, they received your money.
Click here if you want to request a paid removal.

Well that’s nice. You need to pay to get expedited service, because of a mistaken blacklisting.

On related subject, he’s also having  trouble with SORBS, because SORBS is convinced that his IP is dynamic, when it’s static and one his company has had for over four years (according to him, “SORBS is apparently blocking IPs with a rDNS TTL of less than 12 hours, and his IP is blocked because SORBS feels that the TTL of 3 hours indicates that it’s a dynamic IP and dynamic IPs are used by spammers.”)

On the subject of RBLs, there are a number that should not be used, and DNS Stuff’s list of blackholes is useful in that regard.  It will tell you which RBLs are too aggressive (some are run by real vigilantes who believe in blacklisting an entire carrier — that kind of thing).

Alex Eckelberry


Fatal error: Uncaught wfWAFStorageFileException: Unable to save temporary file for atomic writing. in /home/eckelberry1966/public_html/sunbeltblog/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:34 Stack trace: #0 /home/eckelberry1966/public_html/sunbeltblog/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php(658): wfWAFStorageFile::atomicFilePutContents('/home/eckelberr...', '<?php exit('Acc...') #1 [internal function]: wfWAFStorageFile->saveConfig('livewaf') #2 {main} thrown in /home/eckelberry1966/public_html/sunbeltblog/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 34