The URIBL service blocks blacklisted URL links in email.� So, for you to see a URIBL rejection, then there must have been a URL link in the email.� Emails that do not have URL links will never generate URIBL lookups.� So, I'm guessing that the emails that were blocked had URL links whereas the emails that were delivered did not.� Also, if you have already implemented your own nameserver then make sure that your /etc/hosts file has an entry for "127.0.1.1 localhost".



On 04/15/2016 03:12 PM, Helmut Fritz wrote:

It may well be a nameserver issue, although I am using my own.� It is set to forward lookups to google for non-authoritative queries though.� I have another I can switch to that does recursive, will try that.

The interesting thing is that several other emails came through that were not blacklisted � same settings � both before and after the blocked email.

Thx Gordon.

From: users [mailto:users-bounces@exim4u.org] On Behalf Of Gordon Dickens
Sent: Friday, April 15, 2016 11:41 AM
To: Exim4U General Discussion
Subject: Re: [Exim4U] URIBL blackist wrong?

Are you running your own DNS nameserver?� Otherwise, if you are using your ISP's nameserver (or any nameserver with lots of queries) then your queries are most probably being blocked by the URIBL server and which such refusal is interpreted as a blacklisted URL.� The URIBL folks block nameservers that issue a large number of queries (millions/day) since, at that level, they want you to subscribe to their paid service. This has been previously discussed on this list and the simple fix is to implement and use your own nameserver with bind9/named.


On 04/15/2016 02:26 PM, Helmut Fritz wrote:

OK � so as you saw in me email a few minutes ago it looks like my new server is generally up and running.� I asked a few of my co-workers to help test by sending me emails from their various personal accounts.� All good except for one, this is another techy guy that runs his own email server as well (uses exim � not that it matters for this issue).

His email bounced stating his domain was blacklisted at uribl.com.� Here are the log entries:

2016-04-15 18:27:01 1arF0m-0002Vq-Qb H=mail-vk0-f51.google.com [209.85.213.51] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<user@gmail.com> rejected during MIME ACL checks: Blacklisted URL in message. (warped.com) in. See http://lookup.uribl.com.

2016-04-15 18:29:07 1arF2o-0002WS-Uo H=mail-vk0-f48.google.com [209.85.213.48] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<user@gmail.com> rejected during MIME ACL checks: Blacklisted URL in message. (uribl.com) in. See http://lookup.uribl.com.

The first is his test email inbound.� The second was him sending the reject message content.

Questions:

1.����� Why does uribl.com blacklist their own URL in email messages (see log entry #2)?

2.����� Going to http://lookup.uribl.com and looking up warped.com, it is not listed!� What gives?

Should I be using this checking system?

Thx!

Helmut




_______________________________________________
users mailing list
users@exim4u.org
https://exim4u.org/mailman/listinfo/users



_______________________________________________
users mailing list
users@exim4u.org
https://exim4u.org/mailman/listinfo/users