Results 1 to 4 of 4

Thread: Sorbs blocking even though it's not in the RBL config?

  1. #1
    Join Date
    Sep 2011
    Posts
    15
    Rep Power
    4

    Default Sorbs blocking even though it's not in the RBL config?

    I keep getting reports from users trying to send mail in from gmail that they are getting bounce messages that Zimbra is rejecting their email due to a Sorbs block.

    We had Sorbs in our RBL list but removed it a long time ago due to issues w/ good emails addresses being blocked.

    I've tried whitelisting the addresses and verified Sorbs is no longer in the RBL config so why / how is it still able to show up like this?

  2. #2
    Join Date
    Sep 2011
    Posts
    15
    Rep Power
    4

    Default

    Here's a redacted header, this is really, really pissing the CEO off. I've added the entire gmail.com domain to the postfix whitelist per other threads with similiar issues. We DO NOT have sorbs in our RBL list so why is this happening?

    Code:
    Return-Path: xxx@gmail.com
    Received: from mx1.xxx.xxx (LHLO mx1.xxx.xxx)
     (0.0.0.0) by mx1.xxx.xxx with LMTP; Fri, 25 Jan 2013
     19:27:53 -0500 (EST)
    Received: from localhost (localhost.localdomain [127.0.0.1])
    	by mx1.xxx.xxx (Postfix) with ESMTP id E3B0212F003A
    	for <xuserx@xxx.xxx>; Fri, 25 Jan 2013 19:27:53 -0500 (EST)
    X-Virus-Scanned: amavisd-new at mx1.xxx.xxx
    X-Spam-Flag: NO
    X-Spam-Score: -1.989
    X-Spam-Level: 
    X-Spam-Status: No, score=-1.989 tagged_above=-10 required=6.6
    	tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
    	DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001,
    	SPF_PASS=-0.001, T_TO_NO_BRKTS_FREEMAIL=0.01] autolearn=ham
    Authentication-Results: mx1.xxx.xxx (amavisd-new); dkim=pass
    	header.i=@gmail.com
    Received: from mx1.xxx.xxx ([127.0.0.1])
    	by localhost (mx1.xxx.xxx [127.0.0.1]) (amavisd-new, port 10024)
    	with ESMTP id lYA7MM98OHN3 for <xuserx@xxx.xxx>;
    	Fri, 25 Jan 2013 19:27:52 -0500 (EST)
    Received: from mail-ia0-f175.google.com (mail-ia0-f175.google.com [209.85.210.175])
    	by mx1.xxx.xxx (Postfix) with ESMTPS id A160312F0031
    	for <xuserx@xxx.xxx>; Fri, 25 Jan 2013 19:27:44 -0500 (EST)
    Received: by mail-ia0-f175.google.com with SMTP id r4so1514589iaj.6
            for <xuserx@xxx.xxx>; Fri, 25 Jan 2013 16:30:16 -0800 (PST)
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
            d=gmail.com; s=20120113;
            h=mime-version:x-received:in-reply-to:references:date:message-id
             :subject:from:to:content-type;
            bh=jzXVaYSfb/e9twxOQab5vC5QxeUHy6uRTcWWcSoSlWI=;
            b=cUnMFAl1mh2H+cKAZP6lNTyNwFfiqPsgWpjvWzlcDptBrjzz3vsLCgn+qFQ1R/hh6z
             tBH3bevbzalRNJo1RM6tGUNwjf1wVo/1TNWgP38BNQyQ85ZMBgZ/wnAitfE5Bd95+Maj
             8drKoMPyDhkfQMtApp9BjpwTeB4192g98n1gx1Y7Tlc22nSyHFRzf1nN5TUuy5QTLc51
             2WC6Yc53Uh9lg8NfH7diGVqBJPsaJhWEHXqS+j3oH2qlNoDgta0NeinlKIyYJ/Mw5HZ9
             ayqt9hGQ2zR18lBJI8LqFFDImmElSDHik0yCA41YfYKdu+7YECNz4aiNLen/nSo/zGfQ
             NY4g==
    MIME-Version: 1.0
    X-Received: by 10.50.189.233 with SMTP id gl9mr150254igc.81.1359160216289;
     Fri, 25 Jan 2013 16:30:16 -0800 (PST)
    Received: by 10.64.33.104 with HTTP; Fri, 25 Jan 2013 16:30:16 -0800 (PST)
    In-Reply-To: <14dae9340eaf8d803504d426203e@google.com>
    References: <CAJRHCBKz72JBprCdWcA2rdSNjnBVgB4=8aEaz2bDUMT3jK2gtA@mail.gmail.com>
    	<14dae9340eaf8d803504d426203e@google.com>
    Date: Fri, 25 Jan 2013 19:30:16 -0500
    Message-ID: <CAJRHCBLNWzsUzbYkY1yWH9YS_3eEWFpCwDpJFoqZPpXkFmkxBQ@mail.gmail.com>
    Subject: Fwd: Delivery Status Notification (Failure)
    From: xxx <xxx@gmail.com>
    To: xuserx@xxx.xxx
    Content-Type: multipart/alternative; boundary=14dae934078de2814304d42625fd
    
    --14dae934078de2814304d42625fd
    Content-Type: text/plain; charset=ISO-8859-1
    
    More of the same bullshit you've said was fixed like a half dozen times.
    
    
    ---------- Forwarded message ----------
    From: Mail Delivery Subsystem <mailer-daemon@googlemail.com>
    Date: Fri, Jan 25, 2013 at 7:28 PM
    Subject: Delivery Status Notification (Failure)
    To: xxx@gmail.com
    
    
    Delivery to the following recipient failed permanently:
    
         xuserx@xxx.xxx
    
    Technical details of permanent failure:
    Google tried to deliver your message, but it was rejected by the server for
    the recipient domain xxx.xxx by mx1.xxx.xxx.
    [0.0.0.0].
    
    The error that the other server returned was:
    554 5.7.1 Service unavailable; Client host [209.85.210.170] blocked using
    dnsbl.sorbs.net; Currently Sending Spam See:
    http://www.sorbs.net/lookup.shtml?209.85.210.170
    
    ----- Original message -----
    
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
            d=gmail.com; s=20120113;
            h=mime-version:x-received:in-reply-to:references:date:message-id
             :subject:from:to:content-type;
            bh=o/hiRybeBOIZlsPqJ0+LVZAOvh/+RajVFJ68lkp052Q=;
            b=ssa4nZqSDtHWn1kKWKbl/q8l1Kk2omGrDig8FADcSymE62nhpqlxrHLbsreuv7pRV7
    
     NJ/owTGnIDs+q3kunQxG6fULLwdw74ove+Sx0MNw94U8KvV5+r5s6eafY2tSapoYE5Xo
    
     nVrucGKlvb9Lt3j78Jt5t3gGK9S8NLIF/rLmLk9I3der1iRFjg3tJGy1/E3xEmRhuvkd
    
     kjhOa7H/od7W7fXvHvBzCD6QN3FE3M8h/EhLAubSJbv0B0imq5xtF9pJVz1m2Cczs5gO
    
     wB2AzZYVx2QMdE+GjmSNBKCtoIcgnrCQPyeNNAMqohtBynxPnB11S/Y92smreaX6ICMr
             bLMQ==
    MIME-Version: 1.0
    X-Received: by 10.50.36.130 with SMTP id q2mr147293igj.81.1359160117717;
    Fri,
     25 Jan 2013 16:28:37 -0800 (PST)
    Received: by 10.64.33.104 with HTTP; Fri, 25 Jan 2013 16:28:37 -0800 (PST)
    In-Reply-To: <
    1286426866.65157.1359159508572.JavaMail.root@xxx.xxx>
    References: <
    CAJRHCBKiEMgRtMXX0nbJVv9mewMPhyqcWcdQXgSpUFj0c23rAQ@mail.gmail.com>
            <1286426866.65157.1359159508572.JavaMail.root@xxx.xxx>
    Date: Fri, 25 Jan 2013 19:28:37 -0500
    Message-ID: <CAJRHCBKz72JBprCdWcA2rdSNjnBVgB4=
    8aEaz2bDUMT3jK2gtA@mail.gmail.com>
    Subject: Re: Introduction

  3. #3
    Join Date
    Jun 2011
    Location
    Caracas Venezuela
    Posts
    476
    Rep Power
    4

    Default

    Hello, it's cleary that you are in this blacklist.

  4. #4
    Join Date
    Sep 2011
    Posts
    15
    Rep Power
    4

    Default

    Quote Originally Posted by ccelis5215 View Post
    Hello, it's cleary that you are in this blacklist.
    No, Sorbs is no longer active, this happens with every gmail sender and lastly, we do NOT have sorbs configured as an RBL in Zimbra so we should not be getting blocks attributed to Sorbs. Do you admin a mail server but don't know how to read a bounce header?

    The error that the other server returned was:
    554 5.7.1 Service unavailable; Client host [209.85.210.170] blocked using
    dnsbl.sorbs.net; Currently Sending Spam See:
    http://www.sorbs.net/lookup.shtml?209.85.210.170


    209.85.210.170 is all of Google, by the way so that means every gmail address. So yes, they've listed all of gmail in Sorbs.

    The point is we DO NOT have sorbs in our RBL config so it shouldn't matter. What we need to know is:

    1; Why are we getting sorbs blocks without sorbs configured as a RBL in our system?
    2; How can we stop this from happening?
    Last edited by serverprodigy; 01-26-2013 at 03:17 PM.

Similar Threads

  1. SORBS Blacklist
    By NoDoze in forum Administrators
    Replies: 12
    Last Post: 08-20-2010, 10:34 AM
  2. How to Whitelist a SORBS Blacklisted Server
    By the_griz in forum Administrators
    Replies: 4
    Last Post: 04-03-2010, 04:59 PM
  3. SORBS RBL is shutting down
    By uxbod in forum /etc
    Replies: 3
    Last Post: 11-04-2009, 03:00 PM
  4. CBL Blocking
    By lsu_guy in forum Administrators
    Replies: 5
    Last Post: 03-18-2009, 10:01 AM
  5. How to restore config from saved config file?
    By okarim in forum Installation
    Replies: 2
    Last Post: 02-06-2006, 02:36 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •