Yup, as if it should surprise anyone. PBL from Spamhaus.org. Somehow they decided that our mail system is not allowed to send mail.
I have grown tired of this.
3 weeks ago we defended against a huge DDoS without using a single RBL. In fact, had we used an RBL, the traffic against that server (they use DNS like records) would have been assumed to be a DDoS on our part against them. In the space of 2 days we deflected more than 1 quarter million spam mails. Over the week, it wound up being north of 1/2 million. User load on the system was below 0.02 during this entire DDoS. No other services were assaulted.
Folks, if you are using RBLs, please, please drop them and start using greylisting. If you are not sure if you are using them, ask your admins. RBLs have collateral damage failure mode radii that can be huge in the event of false positives, which they have many, and do negatively impact your ability to do work, and make a living. Greylisting has no such failure modes.
Viewed 9548 times by 1747 viewers