-1

I have use my mail server public IP address for years. But now it is blocked by spamhause. But no special no illegal activities happened on my network. We have very good monitoring solutions and no any suspicious activity is detected.

We have exchange and 0365 environment. When i contact them, they don't provide answers but we were able to unblock by requesting this issue. How can i find exact reason of this issue.

serverAdmin123
  • 230
  • 3
  • 18

1 Answers1

0

According to the Spamhaus documentation "Spamhaus Frequently Asked Questions(My mail server is listed on the SBL as a phish spam source, what should I do ?)", if your mail server was listed on the SBL, maybe the blacklist issue was caused by the following common reasons:

  • The spam was sent as authenticated mail, injected from an external IP using a valid username and password...
  • The spam was sent from an internal PC which has malware.
  • The spam was not authenticated and it came from a web server in your LAN, and the spammers injected the message via HTTP using a security hole on the web server...
  • The spam was not authenticated and it was injected via SMTP from outside("open relay" configuration)...

Besides, you could use the message trace to see if there were some "Failed" emails, if so, you could open the entries to check the reasons why the email deliveries were failed, maybe these reasons made your server be added in the SBL.

Community
  • 1
Ivan_Wang
  • 1,333
  • 1
  • 4
  • 4