We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Blacklisted in abuseat.org
Blacklisted in abuseat.org
At https://www.abuseat.org/lookup.cgi I check my server IP and get the following message:
Can someone give me some clue on this?
I don´t really understand what I am supposed to do with this message.RESULTS OF LOOKUP
xxx.xxx.xxx.xxx is listed
This IP address was detected and listed 154 times in the past 28 days, and 9 times in the past 24 hours. The most recent detection was at Thu Feb 27 21:15:00 2020 UTC +/- 5 minutes
New: many of these listings are caused by a MikroTik Router compromise. If you have a Microtik router, please consult this entry on the MikroTik Support Forum
If this IP address is NOT a shared hosting IP address, this IP address is infected with/emitting spamware/spamtrojan traffic and needs to be fixed. Find and remove the virus/spamware problem then use the CBL delisting link below.
CRITICALLY IMPORTANT, Read Carefully: In some unusual cases, IP addresses used in shared hosting (especially those using IPSwitch Imail, Plesk or Cpanel/WHM) can trigger CBL listings. If this is an IP address shared amongst many customers, make sure that your mail server software is set up to identify _itself_ in its mail connections, not each of your customers.
Many of these packages contain features that attempt to assign each customer a dedicated virtual IP address, so that each customer's stream of email comes from a different IP address. However, in many cases the package is unable to actually bind to a virtual address (and hence uses the server's primary IP address regardless), or, there are more customers than there are IP addresses, and the customers without dedicated IP address all end up using the same IP address - the server primary IP address.
To the receiving systems, an IP address that appears unable to decide what it's own name is hence highly suspect, and is in fact imitating malicious spamware.
Strictly speaking, using different names in the HELO/EHLO from the same IP address is not a violation of the Email RFC standards. However, it is clear that the RFCs are intending that the HELO/EHLO identifies who owns the mail server. Furthermore, using multiple HELO/EHLO names is highly frowned upon in many mail sender Best Current Practise (BCP) documents, such as those from the OECD and M3AAWG.
It is sometimes claimed that using a common name for the HELO/EHLO causes problems with SPF/SenderID. Nothing could be further from the truth, as witnessed by the fact that the very largest multi-domain hosters (such as gmail, yahoo etc) use the same domains for all of their mail servers.
The following web pages will give you an assist in ensuring the configuration is set up correctly.
If you are using Plesk, see this link.
If you are using cPanel, see this link.
SELF REMOVAL:
Normally, you can remove the CBL listing yourself. If no removal link is given below, follow the instructions, and come back and do the lookup again, and the removal link will appear.
Too many relistings in the past 24 hours (9), we recommend you read and implement our suggestions, and try again in a day or so.
Can someone give me some clue on this?