Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 2442 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sbl-xbl.spamhaus.org possible false positives

bvj
Has anyone noticed potential false positives linked to sbl-xbl.spamhaus.org today?

I noticed "Rejected: RBL (sbl-xbl.spamhaus.org)" in the SMTP log for legitimate mail originating from yahoo.com and optonline.net. I sent simple test messages from my yahoo.com mail account to the mail server behind the Astaro SMTP security wall; the first message was nailed by the spamhaus RBL flag, the second message sent 15 minutes later passed.

Legitimate mail received yesterday from optonline.net is getting nailed by the spamhaus RBL flag today.

Date: Oct 28, 2009
Firmware version: 7.500
Pattern version: 10884


This thread was automatically locked due to age.
Parents
  • 0
    The new IPS ruleset is a bit more vigorous than prior to 7.5, so that's the first place to look.

    Up2Date to 7.501.  Check your IPS log to see if it is blocking something.  Maybe DNS.  The disable the SID on the 'Advanced' tab of IPS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    The new IPS ruleset is a bit more vigorous than prior to 7.5, so that's the first place to look.

    Up2Date to 7.501.  Check your IPS log to see if it is blocking something.  Maybe DNS.  The disable the SID on the 'Advanced' tab of IPS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Cookie Information Banner