Tag Archives: Spam

How to remove an IP from the CBL (Composite Blocking List)

Today I was introduced to something called the CBL, or the Composite Blocking List. This is one of several Spamhaus projects that’s there to make sure IP’s are blacklisted when they’re sending spam.

You can check if your IP’s are OK at http://www.spamhaus.org/lookup/

The CBL is a separate website in which you can also lookup IPs. Spamhaus will tell you if that’s the case and direct you to the CBL here: http://www.abuseat.org/lookup.cgi

Even though my IP was otherwise fine, it was listed in the CBL, and Yahoo kindly made me aware of this as part of an error message I’ve received when trying to send an email. If ever there is an email problem in CentOS, the first place to look is /var/log/maillog. Here’s Yahoo’s very helpful explanation: https://help.yahoo.com/kb/postmaster/SLN5070.html

Turns out that the hostname was not setup yet, so the box would respond as localhost.localdomain. That’s a big fat no-no as far as the CBL people are concerned. Here’s CBL’s explanation:

This IP address is HELO’ing as “localhost.localdomain” which violates the relevant standards (specifically: RFC5321).

The CBL does not list for RFC violations per-se. This _particular_ behaviour, however, correlates strongly to spambot infections. In other words, out of thousands upon thousands of IP addresses HELO’ing this way, all but a handful are infected and spewing junk. Even if it isn’t an infection, it’s a misconfiguration that should be fixed, because many spam filtering mechanisms operate with the same rules, and it’s best to fix it regardless of whether the CBL notices it or not.

Continue reading How to remove an IP from the CBL (Composite Blocking List)