On Thu, 2010-07-08 at 13:16 +0800, Emmanuel Noobadmin wrote: > I have a problem with Barracuda Networks blocking various dynamically > assigned IP addresses that my clients have the misfortune to be > assigned to every few weeks or so. > > No other blacklist has the "offending" IP. AFAIK, neither had the mail > servers IP serving those clients domain ever been blacklisted by any > other lists in the years the domains had been active. > > Neither is Barracuda blocking the mail server IP, based on the bounce > message, it's simply picking up on the sender's IP that is sent in the > mail header. > > Initially I thought it was possible to use EmailReg.org to deal with > this as Barracuda suggests on their site. However, looking it through, > it seems that > > 1. EmailReg only works on per IP per domain. > In other words, everytime my client is unfortunate enough to get a > blocked IP when their current DHCP lease expires, they got to shell > out US$20 > > 2. Subscription is for live and cannot be terminated > Googling about this, turns up user anecdote that EmailReg > automatically renews the subscription and charges the credit card, and > seemingly impossible to unsubscribe. > > In other words, if my client get a new IP every 2 weeks and 1/4 of the > time they get a "bad" IP, they would have to pay US$20 every 2 months > (it's happened twice this year already). In a year, that's US$120 and > incrementing by US$120 every year. Some folks on the net call it a > racket/scam. > > Currently, the practical solution is to ask my client to reboot their > modem so they get a new IP. But since Barracuda's list is likely to > grow, it may be possible that one day they will end up list the entire > public range our ISP provides, so this tactic becomes unusable. > > So I'm thinking, perhaps the easiest way here is to strip/modify the > headers for outgoing emails so that Barracuda can't pick up on that. > > Is this possible to do in Exim and are there any ramifications of > altering the sender IP say to a hash that I can track back for > investigating actual abuse? > Call Barracuda - they are actually pretty good and will be able to discuss any evidence files of spam they have from that IP. They have quite a sensible way of building their RBL and in addition to the usual 'honeypot' systems, they include a feedback loop from users of Barracuda appliances marking messages as spam. They won't just list for being dynamic (that would be the domain of a PBL) but will pretty accurately list spammers. They will also *not* remove the IP if they are happy it is spam related.
Number in UK +44 (0)1256 300 100 ask to open a 'non customer BBL case' to take the matter further. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
