Mail Servers in the CBL

It is very rare for "real" mail servers to find themselves listed in the CBL. The CBL's techniques are specifically designed to avoid listing real mail servers, even if the mail server relays viruses or trojan/proxy spam.

A correctly operating and configured mail server cannot trigger a CBL listing under any circumstances.

The only exception is if the mail server machine itself is infected with a virus, trojan or open proxy of some sort. As a matter of very last resort, if your mail server is running on Microsoft Windows or is running proxy services, please consult Scanning your machine.

Most times the address is actually that of a NAT gateway "between" the mail server and the Internet - if you have a NAT (this includes the case where your mail server is also acting as a NAT - IE: MS ISA or SBS), you should review this link before proceeding with this page.

Some other things that can cause a CBL listing of a real mail server:

Broken sender verification (see ASK and BlueSquirrel below - there are others).

If you're using "Active Spam Killer" (ASK), DISABLE the "smtp verification" feature (rc_smtp_validate setting - it's broken in at least version 2.5).

If you're using BlueSquirrel's "SpamSleuth" package, DISABLE the "Turing" feature.

There may be other "sender verification" schemes that are that badly broken, if you have to contact us, let us know you're using one and what it is.

People who write such broken "sender verification" schemes should be shot.

If you're running IPSwitch Imail, GMS, Ensim or WorkGroupMail, contact us.

If you are running Netwin's "Dmail" package, we strongly recommend you upgrade to their Surgemail package. Dmail development/support has ceased, and it's problematic with the CBL under certain circumstances.

We've occasionally seen misconfigured or broken challenge/response anti-spam tools trigger the CBL. If you're running C/R or sender verification, let us know if you have to contact us.

If you are running Zaep challenge/response, make sure you upgrade to at least version 4.1.0.0.