Thank you for contacting Proofpoint's IP Reputation department via our website.
We have received a number of spam messages from 220.127.116.11, and
this is why your IP address has been added to our block list.
In short, we are unable to remove this IP address from our list(s)
at the present moment in time, as your current issue is still in need of
a definitive resolution: Our listing of this IP address will therefore
need to be allowed to decay naturally (which will happen a short while
after we have received no further spam from it) or you will need to
explicitly state that you (or your provider) have taken the steps
necessary to rectify the issue at hand.
Please check for infected machines, compromised accounts and
misconfigured e-mail servers and relays within your network, and then
rectify these problems accordingly. Once you have done this (and we see
no further spam messages from your IP address) we will remove your
address from our list(s) accordingly.
If you are using a shared e-mail service (and / or you have no
control over this IP address) you should notify your network
administrator or hosting provider of this issue as soon as possible and
encourage them to resolve the problems alluded to above.
Please find below a recent example of one of the e-mails in question, thank you.
Proofpoint Spam Engineering Team
Mailserver hosts 15000 Mailboxes. 1-2 Spammers a week. can’t do anything aginst hacked customer’s pc’s.
That’s why you should not use appl* oder ma* devices. Theese use fucking sucking rbls to filter thier spammails out. Nobody is asking about hacked
customer pc’s, and noone does anything against those botnets or criminals. I think proofpoint should not be in the role to do things like this. Apple should not use this rbl.
One more blacklist issue which sucks
>hi roller support
>one of our subnets got blacklistet by you 92.xxx.xxx.xxx
>we had problems sending mails to this destinations:
>SNIP [ postfix maillog was here ] SNIP
>I could not send you mails from our offical server because it's
>too and you've got no webbased delisting form, your forum does not
>the option to create an account and your customer portal has many
>fields to fill in but no options for the rbl
>this should not be the way how a blacklist should run
The answer was brilliant 🙂
That list is hand-assembled of addresses/networks that have directly
spammed our role accounts (support@, abuse@, sales@, or billing@). It's
not anything automated. I've removed it for now, but if we start getting
spam from the enclosing network again it will likely end up on the list
The forum accounts were disabled due to excessive spamming unfortunately
Have fun with blacklists which sucks!
Because njabl.org stop it’s services I need to find another rbl which is easy to delist for mail-admins, less flase positives and has no connections to the sh** rbl’s of fu***ing SORBS. I decided to test b.barracudacentral.org. After some days of logreviews and testing I decided to use the b.barracudacentral.org for production. Works like a charm.
So I’ve edited the line arround 377 in /usr/sbin/policyd-weight
#'dnsbl.njabl.org', 4.25, -1.5, 'BL_NJABL',
'b.barracudacentral.org', 4.25, -1.5, 'BL_BARRACUDA',
To every Mail-Admin: Don’t use SORBS they are a conglomerate of arrogant a** f*****s
I needed for a delisting of a “dnyamic” IP-Pool 4weeks and more than 15 mails and tickets
Also the proofpoint.com rbl seems to be managed by the same arrogant guys, but the problem is that me.com icloud.com and some other big mail players are using it.
The https://support.proofpoint.com/dnsbl-lookup.cgi is nice and shows the listing of an IP-Address but has no more functions. Seems none is reading the output of the form.
After filling the form every day for 14days I decided self monologues are boring.
So I contacted this company by E-Mail.
Pow after 1 day I got delistet with no response from the german mailbox. 🙂
The next problem of that list is it’s not public queryable, so none is able to monitor via nagios etc the rbl.