Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Subscribers 32 subscribers
  • Views 47581 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Scanning - Sender IP address is blacklisted

OliverKnights

Hello,

 

I am currently getting quite a few emails suddenly being blocked and the email log is showing 'Sender IP address is blacklisted'. Yet when i check the IP's against the mx toolbox blacklist check they aren't on any of the lists.

Is there a better log i can look at that will show me what RBL list returned the ip as being on a blacklist?

 

Regards

Oliver Knights



This thread was automatically locked due to age.
Parents
  • 0 in reply to lferrara

    Sophos you got multiple documentations pointing to this non existent IP lookup tool, or "sender genotype test". Neither of which i can find anywhere.

     

    https://community.sophos.com/kb/en-us/114057

     

     

    Did you depreciate this tool and not update any documentation? I have an external party that when they forwarded me the bounce says "Sophos Anti Spam Engine has blocked this Email because the sender IP Address is blacklisted." However because of the extremely small 1100 events limit that the log on the firewall has, i cant even see results from this morning...

     

    I obviously ran their domain through a blacklist checker so i could blame the external party and not have to deal with it, but they are simply not listed in any blacklist.

     

    I am now attempting to whitelist their domain under Protect -> Email -> policies but this seems like a headache. I just want to know why they are blocked. I have several blocklists enabled on the firewall but like i said, i scanned and their mailserver isnt in any of them.

     

    Is there no way to see the result of an IP or domain through sophos firewall console directly? no query provided to me the same way the firewall queries? It seems to have previously existed.

     

    I am looking for why this has occurred, are they being legit blocked or is it a false positive. Please let me know how i can determine this, keeping in mind that a blacklist checker such as https://mxtoolbox.com/blacklists.aspx does not see them as being blacklisted.

  • 0 in reply to givemecontrol

    Any solution here? I'm having the exact same issue. Checked my mxtoolbox, check Sophos IP reputation. All clear but some servers are being blocked due to being blacklisted.

Reply Children
No Data