# Barracuda Reputation blocking my emails



## Itimpi

Recently an organisation called Barracuda Reputation started blocking some of my emails and the reason given is that unbeknown to me, my IP address is sending out spam. My McAfee Total Protection package is up to date, computer fully scanned and cleaned with Spybot. My ISP will not give me a new IP address and this blocking is seriously affecting my home run business. Any suggestions?


----------



## cwwozniak

If you are running a mail server from your IP address have you tried submitting a request using the Reputation System Removal Request form?

http://www.barracudacentral.org/rbl/removal-request

Are you making sure that your e-mails are only being sent to addresses whose owners have confirmed with you that they wish to receive them?


----------



## Itimpi

Many thanks for your reply.
I am not running a mail server from my IP address. I did request Barracuda Reputation to remove me from their list and a week ago they gave me 48hrs and the problem seems to be resolved. However I notice today that this blocking has resumed and my emails to some friends and business contacts are being returned again. Mails returned are to trusted contacts and all accept my mail.


----------



## cwwozniak

If you are using any kind of a shared e-mail server provided by a hosting company, it is possible that some other user on the same server is triggering the spam black listing. That would affect e-mails from all domains on that server. We went through that with our hosting company a few months ago.


----------



## Itimpi

Again my thanks for your help. I will contact my ISP and ask again for their assistance. They do not want to give me a new IP address which seems unfair to me.


----------



## cwwozniak

Are you using the mail server provided by your ISP or by some other hosting company? It is most likely that the IP address of the server is being black listed, not any static IP address of your particular connection to the Internet that you are using.


----------



## Itimpi

This is the message that I am getting from Barracuda:- "554 Service
unavailable; Client host [njiwa.iconnect.zm] blocked using Barracuda
Reputation;"
Does this help? Can I give you the IP address information?


----------



## cwwozniak

It could very well be that one or more other users on the njiwa.iconnect.zm mail server have used it to send spam, causing all users to be affected by spam filters. If the server is not configured properly, it could even be used to relay spam from senders that do not have an iconnect.zm account. Changing your own IP address would not help any because it is the IP address of the server being blocked.

The system administrators at iconnect.zm would need to be the ones to submit the Barracuda block list removal form. They would probably need to explain to Barracuda what measures they have taken to prevent spam being sent from their servers in the future.

EDIT: If you do a Google search for the terms *Barracuda 554*, you will find that even companies like Google can get their mail servers on the Barracuda black list. It could be that Barracuda is using a bit more aggressive spam filtering and rejecting more valid e-mails than other blacklisting services.


----------



## Itimpi

At last, a possible light at the end of the tunnel. Many thanks. I have sent an email this morning to our server with the hope that they are going to help. Previous conversations with our server have not proved helpful and although they are aware of Barracuda, they seem to think it is a personal user issue.


----------



## Itimpi

I contacted my server giving them details from your suggestions and this is what they have repied: - I would appreciate your input as it seems they believe my IP address is the problem.

My apologies for the trouble you have been going through with sending your
emails. The explanation by the site you inquired from is not all true in
that it is not our mail serve IP address that has been blocked by
barracuda spam filter. But rather your IP address is the one
that has been blacklisted. This is as a result of spam emitting from your
IP address. Visit: http://www.barracudacentral.org/lookups/ip-reputation
to confirm my explanation.

When on the above website, also look up 196.12.12.65/66 and you will not
find them listed on the blocked IP addresses.

As such, kindly scan your machine(s) to ensure they are virus free and
visit: www.antispyware.com for antispyware software to help you block
spyware that will block hackers from sending emails using your link.

After cleaning your PC(s) delist your IP address from the barracuda
reputation site above.


----------



## cwwozniak

I was going by the following information in your earlier post when I said that the iconnect.zm mail sever was being blocked, not your particular IP address.



Itimpi said:


> - "554 Service unavailable;
> *Client host [njiwa.iconnect.zm] blocked* using Barracuda Reputation;"


You may have run into the same situation that I had with our hosting company. Many of the blacklisting remove the offending IP address or URL if their spam traps do not get any offending e-mails for a time period of maybe 24 to 48 hours. Coworkers would suddenly notify me that they were getting e-mails bounced from one or more customer company's spam filters. They would forward a few of the bounce messages to me. Some of the messages had a link to get more information on the rejection. The links would show that the IP address of the shared mail server was being tagged for spam abuse. The same sites would show that our office's static public IP address was not on the blacklist. I would then submit a trouble ticket with the hosting company. *Two days* later they would reply with a message saying they just checked the link I had used and that they could not find their server IP address being blocked. (Of course it wasn't listed; the blacklisting had expired the day before.) The second time this happened, a vice president at our company talked to a sales manager at the hosting company and explained the situation and then said we would be looking for a new hosting service and post bad reviews for them if they could not resolve the blacklisting problem in a timely manner.

My suggestion, the next time that you get a rejection notice, use a multi-RBL checker like http://www.anti-abuse.org/multi-rbl-check/ to check both the njiwa.iconnect.zm URL and your specific public IP address. If the results are that njiwa.iconnect.zm is listed as being blocked but your IP address is OK, then copy and paste both sets of results into a complaint to iconnect.zm .


----------



## Itimpi

Thanks Chuck. My server is adamant that their njiwa.iconnect.zm is not blacklisted even though the message from Barracuda quotes their address. I have check the blacklist page and they are not listed however my IP address is. I again requested a removal from the list yesterday but I don't seem to be able to 'talk' to a person at the other end of Barracuda. 5 minutes ago I tried to send an email to one of my clients and again this has been returned quoting the njiwa address as being blocked.. As you may have noticed from the addresses, I live in Africa. Until there are more ISP's giving us more choice and a cheaper service, we are limited and trying to move to another provider is very problematic. 
I will go with your suggestion and use the multi-RBL checker and hope this can produce some evidence to Iconnect.
I can't thank you enough, the fact that there is someone out there willing to give some advice is very comforting.


----------



## cwwozniak

It is interesting that the rejection notice mentions the server URL but that your specific IP address is being blocked. Not sure how that works.

Do you have any options with using any free e-mail services. We have Gmail in the USA but I am not sure if Google offers it in Africa.

You may also wish to see if your clients have any options of customizing their Baracuda settings to whitelist your specific e-mail address or IP address to override the main blacklist.


----------



## Itimpi

It is puzzling about the server URL mentioned yet Iconnect deny they are in the email report even with sending them a copy. I have been blocked for the second time and again the same njiwa.iconnect.zm quoted. This was Iconnect's reply yesterday when I told them that I have been scanning my computer and running virus checks long before Barracuda blacklisted me. 
*

Thank you for taking time to update us on the extra steps you have taken
to ensure your connection is safe for you and ultimately safe for
Africonnect. Be assured that our systems administration team are working
tirelessly to block all possible leaks that are caused by some of our
users' IP addresses exposure to unsafe Internet sites.

I hope your address has by this time been removed from the blocked list
and you are able to send out mails to the addresses that failed.*

My new strategery is to bombard Barracuda with removal requests. I have done all I can and it seems terribly unfair that they can block harmless people like myself and now I can only communicate with their machine - not even a human!!

My very grateful thanks to you for helping me. I wish you and yours a very happy Christmas and New Year.
Marion


----------

