The CBL - Composite Blocking List
CBL Statistics CBL FAQ
CBL HOME Privacy Policy

This IP address is dynamic

As we've mentioned earlier, CBL listings that interfere with legitimate email are almost ALWAYS as a result of virus-infected machines.

The difficulty with dynamic IP addresses is that you may not have had this IP address at the time the virus was infected, so there is nothing you can do to prevent a relisting. Furthermore, the next time you connect, you may well get a new IP address that's already listed.

This situation is particularly common with wireless portals.

So, here the best way to proceed is to avoid having the listing affect you, not remove the listing.

If you have a dynamic IP address, or even just a user of a large ISP, your ISP will have provided you with the name and/or IP address of a mail server you should use to send email. You should put this in your mail reader (or server in some cases) "smart host" or "outbound SMTP server" setting.

Once you do this, you shouldn't be bothered by CBL listings again, and there's no need to delist it.

Even if you could get the CBL to delist it (and we usually do when we're contacted the first time), it's not going to help much in the long run - not only will you likely run into a CBL listing again in the future, other DNSBLs (called "DUL"s) are listing _entire_ dynamic ranges, so the CBL is the least of your problems.

As one example, which we get asked many times about, the DirectWay wireless provider tells their users to set their "outbound SMTP server" to be "". As it turns out, they don't seem to be interested in securing their wireless portal, and supply this to give their users a way around the CBL (and MANY other DNSBL) listings.

Note to ISP staff:

The CBL's users expect us to list demonstrably compromised machines. Even if they're dynamic. Do NOT ask us to permanently delist dynamic ranges or any other type of generic end-user pools, because we won't: no exceptions.

The only way you can avoid repeated CBL listings of dynamic IP addresses is to treat the network segment as a NAT'd LAN, and configure your routers to block outbound port 25 from all IP addresses in the range. See NAT information.

It's really pointless to permanently delist dynamic ranges, because "Dialup" DNSBLs (aka "DUL"s) list the whole range anyway.

The CBL and web pages are copyright © 2003-2017, all unauthorized copying is prohibited. All external pages referenced are copyright by their respective owners.