Spamhaus DBL errors

Sometime in the last few days, Spamhaus seems to have started issuing a block message if someone queries the DBL with an IP address. folks started seeing an uptick in error messages that mention Spamhaus saying:

554 5.7.1 Service unavailable; Client host [x.x.x.x] blocked using dbl.spamhaus.org; No IP queries, see https://www.spamhaus.org/faq/section/Spamhaus%20DBL#279 (in reply to RCPT TO command))

554 5.7.1 Service unavailable; Client host [x.x.x.x] blocked using dbl.spamhaus.org; No IP queries, see https://www.spamhaus.org/faq/section/Spamhaus%20DBL#279 (in reply to RCPT TO command))

Crowdsourcing information from the emailgeeks slack channel makes it look like sometime in the last 2 or 3 days Spamhaus started replying positively to any query of the DBL that was an IP address changed their DBL configuration are querying the list incorrectly. Spamhaus has always returned this code to senders querying the DBL with an IP address.

Basically, anyone who is getting this error message can do nothing about it. This is a configuration error on the receiver’s side. If it continues for much longer, I’d mark the domains as inactive and do not mail. Clearly no one at the domain is home and haven’t noticed they’ve not received any email in days.

Many thanks to Spamhaus for contacting me and setting me straight that this was nothing new and the DBL has always returned 127.0.1.255 to an IP query directed at the DBL.

Whose side are you on?
Machine learning resources

Related Posts

ESPs are failing recipients

Over the last few years I’ve reduced the complaints I send to ESPs about their customers to almost nothing. The only companies I send complaints to are ones where I actually know folks inside the compliance desk, and I almost never expect action, I just send them as professional courtesy.

Read More

Links: September 24, 2012

Last week Return Path announce a new set of email intelligence products. One of their new products offers customers the chance to actually see how (some subset of) their customer base interacts with mail directly. It moves beyond simply looking at probe mailboxes and actually looks inside the mailbox of recipients.
Spamhaus has listed bit.ly on the Domain Blocklist (DBL) for allowing spammers to abuse their redirector service. Spammers have been abusing bit.ly for a while, and I’m a little surprised it’s taken so long for a listing to happen. Steve wrote a post last year about URL redirectors and offered suggestions on what to do to avoid blocking problems when using a URL shortening service.
Real Insights has a very interesting post on why it should be “hard” to subscribe to your mailing list. There are also a number of good suggestions about the subscription process itself. Definitely worth a read.

Read More

Microsoft using Spamhaus Lists

An on the ball reader sent me a note today showing a bounce message indicating microsoft was rejecting mail due to a Spamhaus Blocklist Listing.
5.7.1 Client host [10.10.10.10] blocked using Spamhaus. To request removal from this list see http://www.spamhaus.org/lookup.lasso (S3130). [VE1EUR03FT043.eop-EUR03.prod.protection.outlook.com]
The IP in question is listed on the CSS, which means at a minimum Microsoft is using the SBL. I expect they’re actually using the ZEN list. ZEN provides a single lookup for 3 different lists: the SBL, XBL and PBL. The XBL is a list of virus infected machines and the PBL is a list of IPs that the IP owners state shouldn’t be sending email. Both of these lists are generally safe to use. If MS is using the SBL, it’s very likely they’re using the other two as well.
 

Read More