Server constantly listed in CBL (abuseat.org)

Created:

2017-01-11 13:31:55 UTC

Modified:

2017-08-08 13:25:23 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Server constantly listed in CBL (abuseat.org)

Applicable to:

  • Plesk 12.5 for Linux

Symptoms

1. CBL lists the server in their Blacklist constantly.

2. There is no trace of spam in the logfiles neither captured Outbound Antispam Control.

3. The mail server is Qmail

4. The following SQL query shows bounce values for any of the domains on the server:

mysql> select domains.name, Parameters.value from domains, Parameters, DomainServices where domains.id = DomainServices.dom_id and DomainServices.parameters_id = Parameters.id and Parameters.parameter = 'nonexist_mail' and Parameters.value <> 'reject';
+----------------+-------+
| name           | value |
+----------------+-------+
| example.com | bounce|
+----------------+-------+

Cause

One or more server domains are configured with bounce email on rejection

Resolution

According to the CBL < http://www.abuseat.org/qmailhelp.html > site, there a high probability that the server IP is being listed due to a bounce to an external server marking it as spam.

To avoid this apply the following steps:

1. Change settings for the domains listed in the SQL query, so they meet CBL best practices, by enabling the reject flag for non-existent users:

Subscriptions > example.com > Mail Settings

2. Disable the option for customers either enabling limitation to the specific subscription by disabling the "Ability to change mail settings" flag in:

Subscriptions > example.com > Permissions > Show more available permissions (Note that this step will lock the subscription)

Or by hiding the control for rejection messages for non-existent mail globally in:

Tools & Settings > Interface Management > Interface Control Visibility > Hide controls for rejection messages for non-existent mail addresses

Have more questions? Submit a request
Please sign in to leave a comment.