IP Blakilist

Post your questions about DNS based blacklists, what they are, listing status, and removal help.
Locked
xolanim
New Member
Posts: 1
Joined: Sat Sep 23, 2017 5:24 am

IP Blakilist

Post by xolanim » Sat Sep 23, 2017 5:26 am

Good Day

Please assist by removing my IP address on blacklist 197.149.145.36 is listed in the XBL, because it appears in CBL.

Thanks
Xolani

lisati
Active Member
Posts: 1129
Joined: Fri Apr 15, 2011 2:25 pm
Location: The Couch
Contact:

Re: IP Blakilist

Post by lisati » Sat Sep 23, 2017 10:55 pm

Are you running an email server at this IP address?

from https://www.abuseat.org/lookup.cgi?ip=197.149.145.36, which gives information about the CBL listing:
The listing of this IP is because it HELOs as a bare IP address (A bare ip address looks like: "54.33.33.5"). It is not HELO'ing as itself ("197.149.145.36"). Not only is this a violation of RFC2821/5321 section 4.1.1.1, it's even more frequently a sign of infection.

These listings are often a sign of a compromised SSH account. If you are running a SSH service (especially on Linux), please check your ssh server logs (often /var/log/auth.log) for logins from unusual IP addresses not normally associated with that login id. If you find any, secure the associated account. This usually means changing the password or disabling the account.

If it's a mail server, see naming problems for details on how to diagnose and fix the problem.
There is further information at https://www.abuseat.org/lookup.cgi?ip=197.149.145.36, including instructions for removal from the CBL list.

Locked

Who is online

Users browsing this forum: No registered users and 3 guests