Articles on this Page
- 03/07/17--10:20: _IP Blocked
- 03/07/17--11:22: _Blacklist Removal
- 03/08/17--05:03: _553-Message filtered
- 03/09/17--04:13: _501 Connection reje...
- 03/10/17--15:00: _Bad IP Reputation
- 03/13/17--03:33: _IP blocked
- 03/14/17--04:33: _New IP Range Blackl...
- 03/15/17--10:33: _IP Range blocked
- 03/14/17--19:47: _email domain blocke...
- 03/16/17--02:03: _501 Connection reje...
- 03/13/17--05:05: _Listed on Symantec RBL
- 03/14/17--01:48: _IP Blocked - Cannot...
- 03/16/17--03:02: _Servers blacklisted...
- 03/17/17--16:14: _Blacklist Removal 1...
- 03/17/17--20:00: _Connection timed out
- 03/20/17--02:38: _Bad reputatation - ...
- 03/21/17--06:14: _Recipient Email Ser...
- 03/22/17--05:18: _IP Blacklist Removal
- 03/23/17--09:32: _sender rejection, 4...
- 03/25/17--06:15: _New Server from leg...
- 03/07/17--10:20: IP Blocked
- 03/07/17--11:22: Blacklist Removal
- 03/08/17--05:03: 553-Message filtered
- 03/09/17--04:13: 501 Connection rejected by policy [7.7]
- 03/10/17--15:00: Bad IP Reputation
- 03/13/17--03:33: IP blocked
- 03/14/17--04:33: New IP Range Blacklisted
- 03/15/17--10:33: IP Range blocked
- 03/14/17--19:47: email domain blocked by messagelabs "553 message filtered"
- 03/16/17--02:03: 501 Connection rejected by policy [7.7]
- 03/13/17--05:05: Listed on Symantec RBL
- 03/14/17--01:48: IP Blocked - Cannot send emails to messagelabs customers
- 03/16/17--03:02: Servers blacklisted from sending mail.
- 03/17/17--16:14: Blacklist Removal 126.96.36.199/28
- 03/17/17--20:00: Connection timed out
- 03/21/17--06:14: Recipient Email Server Rejected the Message
- 03/22/17--05:18: IP Blacklist Removal
- 03/23/17--09:32: sender rejection, 421 Service temporarily unavailable
- 03/25/17--06:15: New Server from legitimate company using IP of very old spammer
I am getting the following message from our mail server:
Could not connect to 'cluster9a.us.messagelabs.com(188.8.131.52)' (error 10060)
Our IP address is 184.108.40.206
We have an IP blocked in Messagelabs and we did not find the process to remove it.Can you help us, please?
The error message is: 501 Connection rejected by policy [7.7] 18007
Follow the IPs: 220.127.116.11
Thanks for help!
We are getting lots of emails filtered by your service when they are transferred from our Forcepoint/Websense filtering service (18.104.22.168). How can we stop this? We have a valid SPF record configured.
Hello. Delete please out ip's (22.214.171.124, 126.96.36.199) from yours spam list. We've never sent spam.
We cant send emails to our clients who using your webmail protection services.
Why do you keep listing our IP as having a bad reputation? I have requested it be removed many times, and within 24hrs you relist us. I have a dedicated IP address to my mail server. We have owned the IP for well over 3yrs and just started using it for email. All inbound and outbound email is filtered through an enterprise appliance so I'm certain that we are not sending malicious or junk email. This is causing major business impact for us, and you won't talk to me because I'm not a customer!
Hi there, connections from one of our IP addresses (188.8.131.52) are blocked, the IP is not listed anywhere and the rep is neutral..
(connect to cluster4a.us.messagelabs.com[184.108.40.206]:25: Connection timed out)
(connect to cluster8.eu.messagelabs.com[220.127.116.11]:25: Connection timed out)
(connect to cluster3.eu.messagelabs.com[18.104.22.168]:25: Connection timed out)
please unblock/delist asap.
It almost a week we start using our new IP range 22.214.171.124/24 . However, we noticed all IPs (126.96.36.199/22 ) are blacklisted. Including those IPs that have not being used or broadcasted.
We delist it today, tomorrow will blacklisted again. IPs that have not been active also having same problem.
It is causing us too much stress as there are many clients using Symantec mail security and so rejecting our emails.
There is no spam coming out from our mail server, there is no virus on our mail server and no other pc in our network is sending spam nor is infected. Please keep in mind that our mail server is not listed in any worldwide blacklist but your one.
Would you please help me to solve this problem ?
Thank you in advance
We seems to be getting emails blocked from 188.8.131.52 and 184.108.40.206.
Coulf you please look into this?
Our emails to our customers are being blocked to places that are using Symantec's Cloud blocklist to filter incoming emails. I have been to the troubleshooting page and gone through all the steps mentioned. I have submitted multiple emails to the false positive email address - never get a response, never get removed.
1. We use Google (gmail) as our email provider, and our domain more4apps.com is not any blacklist anywhere.
2. We are not an open relay.
3. We use SPF records, and we have a DKIM set up, and are presenting NO REASON that we can determine that we should be on the Symantec blacklist.
As a last resort I have posted here. Can we get some kind of action, even if it's somebody saying "this is what we don't like about your server" so we can address the problem and keep the email flowing? We are happy to make any changes, we just need feedback as to WHY we remain on the blacklist despite requesting removal.
Trying to send an email to a client came back the error:
host cluster1.eu.messagelabs.com[220.127.116.11] refused to talk to me: 501 Connection rejected by policy [7.7] 20805, please visit www.messagelabs.com/support for more details about this error message.
Is it possible to remove our IP from the block list?
I'm reaching you on behalf of the Comodo Antispam Gateway — the cloud-based email anti-spam protection for corporate mail servers.
Recently we noticed that our servers are unable to send messages to email relays running Symantec products. A lot of connection attempts has been refused with the following response:
554 5.7.1 You are not allowed to connect.
I checked our networks against the http://ipremoval.sms.symantec.com/lookup/ and some of IPs were found to have a negative reputation in the Symantec RBL indeed. The explanation was:
The host has been observed sending spam in a format that is similar to snow shoe spamming techniques.
Okay, so I requested for removal for every one of the IP addresses listed. A very detailed expanation was provided, it fits the 500 chars limit, it includes my email address, and there was my appreciation, of course. I guessed tens of those funny unreadable captchas (that was awesome to fail up to five times in a row), and Symantec replied me that requests are usually processed within 24 hours.
After several days I checked the issue and no IP addresses were vanished. So I requested again.
And then after some more days once again.
I am very concerned by the fact that messages issued by Comodo ASG were trapped into your content filter as unsolicited email. I’ll be very grateful if you could provide any evidence regarding this issue so the ASG could address it properly. Also, in case if you found the classification disagreement on your side, please consider to add the Comodo ASG networks to your Whitelist to prevent such issues in future:
If this message reached the wrong destination and should be redirected to a particular person within your organization could you point me, please, to the right contact then?
Mike M. Volokhov,
Comodo Antispam Gateway
Hi there, connections from one of our IP addresses 18.104.22.168 are blocked, the IP is not listed. Also, http://ipremoval.sms.symantec.com/lookup/ says it doest not have a negative reputation
[root@seth ~]# telnet cluster8.eu.messagelabs.com 25
[root@seth ~]# telnet cluster4.eu.messagelabs.com 25
Please unblock/delist asap.
Thanks in advance.
I represent an Irish supplier of eLearning services, as part of this, we have to send mail from production servers to students of client companies to notify them that they have training due, and we also have a development system that hosts a CRM and customer support system.
About 2 weeks ago, it became clear to me that most of our servers are blacklisted by Symantec/Brightmails Global Bad Sender List. I've attempted to flag these as false positives with the Investigate option, and I've also beefed up our use of SPF and DKIM to reduce the likliehood of these mails being flagged as illegitimate.
I specifically checked one of the servers, the one this has caused the most problems with, with ClamAV and found no problems (checked the entire server volume), and also tested it with Linux Malware Detection and found no issues. It's even more unusual because these servers are heavily firewalled, with IP firewall restrictions that make it almost impossible to get to an SSH login prompt without being in our offices. Although some servers were de-listed after I clicked "investigate" they've been re-listed a short time later.
The IPs are accused of sending out spam, with some being associated with "snowshoe techniques", I would like to know on what basis this claim is made, and if possible samples of supposed spam from these servers.
The following IPs are listed:
Thanks in advance for any advice you can offer.
We are in the process of preparing the following ranges for legitimate clients and noticed a number of IPs in the ranges are currently blacklisted despite being un-assigned for a period of months:
Can we have these blocks mitigated as soon as possible?
When I try sending an email to a client, it fails:
Mar 17 22:18:05 vps postfix/smtp: C6B9A8AF43: to=<...>, relay=none, delay=158, delays=7.9/0.05/150/0, dsn=4.4.1, status=deferred (connect to cluster1.us.messagelabs.com[22.214.171.124]:25: Connection timed out)
Is it possible to remove our IP from the block list?
we started using ipv4 prefix 126.96.36.199/22 recently assigned by RIPE to us.
As this prefix was probably never used before, almost every single ip has bad reputation at Symantec.
Especially, our MX adresses repeatedly showed up on blacklist every day. Now, one of MX adresses is not blacklisted for about week, but users are still complaining about often delivery problems even when email is received by destination server.
Namely adresses are 188.8.131.52 - now not blacklisted, but still with somehow wrong reputation.
And 184.108.40.206 - now also not blacklisted, we had to stop sendind throught this system - symantec reasons.
(Important to add - those MX are just readressed systems, previously used without any issue with old ipv4 adresses for ages, no any other blacklist members)
Can you please check the prefix and give us some detailed information about what is wrong with this newly assigned prefix?
Also - can you give us brief description how does symantec build reputation and how to raise it?
We are having issues sending to multiple companies using Symantec Cloud. We are getting the following bouncback:
could not be delivered. The problem appears to be :
-- Recipient email server rejected the message
Additional information follows :
-- Message filtered. Refer to the Troubleshooting page at http://www.symanteccloud.com/troubleshooting for more information. (#5.7.1)
This condition occurred after 1 attempt(s) to deliver over a period of 0 hour(s).
Can someone please give us a hand with this issue?
I am writing as an e-mail system adminsitrator of Istanbul Technical University in Turkey.
Our SMTP gateways blacklisted by Symantec Global Bad Sender Database.
We are one of the big university in our country, we have thousands users, including student, academicians and officers. So the communication driven on e-mail system involves not just personal aspect but also involves the corporate side with other universities and companies.
Since Symantec provides very qualified and trustful security platforms, many company and corporation protects their e-mail infrastructure by your products. However our smtp gateways get caught by your blacklist, this makes impossible the corporate communication of us through domains that uses Symantec products.
So I kindly request that please mark our domain and IPs as a good sender. We have effort to cut the malicious and unsolicited email transactions. And also we have valid SPF and DKIM record in DNS tree.
SMTP Server: 220.127.116.11
SMTP Server: 18.104.22.168
We have a someone trying to email our domain (@nvhelicopters.com) who gets the following rejection:
22.214.171.124 does not like the recipient. Remote host said: 421 Service temporarily unavailable. Giving up on 126.96.36.199.
The sender is sending from mail.amrg.com
we have a new dedicated server at HOSTFORWEB, ip 188.8.131.52 , just 10 days old. Its ip is listed at the blacklist and i have asked for removal over 5 times last 10 days and it was not delisted. The bad reputation belongs to old owner of the IP.
at other blacklists i found over 1.000.000 spam emails sent by this ip, but many many years ago, some from 2009.
Please remove our ip above from your list.
We are a legitimate company and many of our customers are Ford suppliers and all of them are getting blocked. We are in trouble over here. Many suppliers cant send official documentation for over a week and have already said they will cancel our contract, and its not our fault.