Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Problems with Barracuda Reputation

89 views
Skip to first unread message

Daniel Rechsteiner

unread,
Dec 6, 2009, 2:09:38 PM12/6/09
to
Hi,

We sometimes have problems sending email to servers using Barracuda boxes. Here is an example:

message text rejected by server-using-barracuda:
554 Service unavailable; Client host [our-server] blocked using Barracuda Reputation; http://bbl.barracudacentral.com/q.cgi?ip=84.226.24.238

The IP 84.226.24.238 is the IP the customer has used to connect to our server (authenticated with SMTP Auth) and NOT the IP of our server.

The client IP 84.226.24.238 is actually listed in BRBL, but our IP is NOT listed.

So it seems that the Barracuda boxes can be configured to reject emails based on blacklist entries of any IP in the received headers and not just the last one. This does not make sense to me as most client IPs are dynamic ones and listed in some blacklist.

To circumvent this problem I have been thinking about hiding the received headers, in CGP:

Settings - Mail - SMTP - Sending - Hide Received Fields

How are you dealing with this problem? Have you enabled "Hide Received Fields"? Is there any disadvantage of doing this?

Thanks
Daniel


#############################################################
This message is sent to you because you are subscribed to
the mailing list <CGat...@mail.stalker.com>.
To unsubscribe, E-mail to: <CGateP...@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePr...@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePr...@mail.stalker.com>
Send administrative queries to <CGatePro...@mail.stalker.com>

Lyle Giese

unread,
Dec 6, 2009, 2:35:12 PM12/6/09
to
The email admin for the receiving mail server has deep header scanning
turned on on their system and blocking on the ip addresses beyond who
passed the email on to them. That's their problem. They will be blocking
a lot of legit email doing that and if they are paying any attention,
they will turn it off soon enough.

Lyle Giese
LCR Computer Services, Inc.

ralf.ze...@barinformatik.ch

unread,
Dec 6, 2009, 3:08:24 PM12/6/09
to
One ip of our mail system had been listed.

Barracuda did not notify us.
The error message our customers got did not reveal much details.
There's no spam sample or detailed info, just a general page telling you the
spam problems this world has.
They offer a temporary whitelisting, which we used and after a few days the
ip was again listed.
They offer a durable whitelisting but they want money for this - ha.
We wrote to Barracuda and after a few days they wrote, that they have no
idea why our ip was listed at all. Our ip was taken off the list and the
history deleted.

We wrote to the Barracuda customer, told them to change the settings on the
box or look for another antispam solution.
The customer wrote us that we have a spam problem and should use the
whitelisting.

Nobody paied us, maybe we should open a payable whitlist...

Regards
Ralf

-----Ursprüngliche Nachricht-----
Von: CommuniGate Pro Discussions [mailto:CGat...@mail.stalker.com] Im
Auftrag von Lyle Giese
Gesendet: Sonntag, 6. Dezember 2009 20:35
An: CommuniGate Pro Discussions
Betreff: Re: Problems with Barracuda Reputation

Technical Support, Stalker Labs

unread,
Dec 6, 2009, 7:59:23 PM12/6/09
to
Hello,

Daniel Rechsteiner on 06.12.2009 22:09 wrote:

> Hi,
>
> We sometimes have problems sending email to servers using Barracuda
> boxes. Here is an example:
>
> message text rejected by server-using-barracuda: 554 Service
> unavailable; Client host [our-server] blocked using Barracuda
> Reputation; http://bbl.barracudacentral.com/q.cgi?ip=84.226.24.238
>
> The IP 84.226.24.238 is the IP the customer has used to connect to
> our server (authenticated with SMTP Auth) and NOT the IP of our
> server.

Your clients should connect to your server directly, bypassing Barracuda
or other external filters. You need to force all your clients to
authenticate when sending, then if there's a spammer among your users
you'll know who it is and will be able to take administrative/legal
measures; there can be zombied spam bots but it's unlikely they'll
authenticate.
It's also useless to scan outgoing mail for spam since spam filters
catch spam being in circulation and if it's a newly composed spam it's
very low chance it will be detected.

> The client IP 84.226.24.238 is actually listed in BRBL, but our IP is
> NOT listed.
>
> So it seems that the Barracuda boxes can be configured to reject
> emails based on blacklist entries of any IP in the received headers
> and not just the last one. This does not make sense to me as most
> client IPs are dynamic ones and listed in some blacklist.

There are different blacklists around: some include dynamic IPs and can
be used only for checking the topmost address (e.g. pbl.spamhaus.org),
others include only real spamhosts and can be used for deep headers
scanning (xbl.spamhaus.org)

> To circumvent this problem I have been thinking about hiding the
> received headers, in CGP:
>
> Settings - Mail - SMTP - Sending - Hide Received Fields
>
> How are you dealing with this problem? Have you enabled "Hide
> Received Fields"? Is there any disadvantage of doing this?

The disadvantage of using it is that it will be difficult to investigate
who was the sender of a particular message in case of an accident.

--
Sincerely,
Roman

=======================================================================
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your reply.

Jeff Wark

unread,
Dec 7, 2009, 10:51:19 AM12/7/09
to
We just ran into the same problem twice in one day last week. Our server's connection to another server to relay an email was
rejected because of the [dynamic] IP address of the person who submitted the email to us, regardless of whether or not he
authenticated to our server.

That does seem to be a little strange because of what you said....quite often a dynamic IP address is on some blacklist for something.

--
Jeff Wark
TBayTel Internet
807-625-3041

Jon Trimmer

unread,
Dec 9, 2009, 10:43:22 AM12/9/09
to
We have been having issues with barracuda as well recently. In the past 10 days they have blacklisted us twice. The first was possibly our fault as we were doing marketing to our customers. Even though I made sure every piece that went out followed the can-spam act. So I politely asked them to tell me why we were blocked in the first place and they sent us back a standard form letter saying they removed us and gave no information as to why they added us. So then my boss found out about the "Pay Whitelist" I told him it was a scam by barracuda and wouldn't help us. But per his request we filled out the information and paid our 20 bucks. Then 4 days later they blacklisted us again and the only emails that have gone out since we paid are invoices and package tracking information. Emailed them again and demanded to know why they blacklisted us as it was now costing our business time and money and wanted to correct any problems in our systems so we would not be blocked again. Again they send out the form letter and will not reply no matter how many emails I send them asking for any information.

So their paid whitelist is just a scam to make more money from non customers.


Jon

--------------------------------------------------
The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, an associate or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer.

Thank you.
GVC Direct, Inc.

0 new messages