Community discussions

MUM Europe 2020
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Help with DSBL.ORG

Tue Dec 27, 2005 12:21 pm

dsbl. org is freqently putting one of our routers ( not servers ) on their list.
Here is the detail:
http://dsbl.org/listing?62.233.191.226
Could anyone help ?
I mean I removed once from thei list, but they did it again. Shoul I do something with router config ?
Regards
Peter
 
Tonda
Member Candidate
Member Candidate
Posts: 164
Joined: Thu Jun 30, 2005 12:59 pm

Tue Dec 27, 2005 12:41 pm

Do you have mail server in your network?
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6621
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Tue Dec 27, 2005 12:45 pm

You have to restrict access to your router.
If you have proxy, modify access-list (or firewall input chain) allowing access to router only for trusted users.
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 1:31 pm

Do you have mail server in your network?
Yes but with other IP. This is only router with masquerade.
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 1:35 pm

You have to restrict access to your router.
If you have proxy, modify access-list (or firewall input chain) allowing access to router only for trusted users.
Yes but:
1.access is restricted only for internal network
2. proxy works on port 80 while DSBL test message is sent on completely different port as You can see:
http://dsbl.org/message?30917003
 
Tonda
Member Candidate
Member Candidate
Posts: 164
Joined: Thu Jun 30, 2005 12:59 pm

Tue Dec 27, 2005 1:48 pm

Are incoming SMTP connections dst-natted to mail server in your internal network?
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 1:56 pm

Are incoming SMTP connections dst-natted to mail server in your internal network?
No. On 62.233.191.226 no service is active. Once more: it is only masquaraded address for internal network.
BTW mail server is active but at 62.233.191.168 but it requires auth to send anything
 
User avatar
mag
Member
Member
Posts: 378
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany
Contact:

Tue Dec 27, 2005 3:57 pm

if the address was part of a dial-in pool of a large ISP, its very common that it is listed in several black-hole lists.
only way to get out is getting a static ip with correct PTR-record or using a SMTP-gateway.

not exactly a router-specific problem ;-)
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Dec 27, 2005 4:58 pm

Close SOCKS Proxy on the router (or at least restrict it to LAN).
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 6:09 pm

Close SOCKS Proxy on the router (or at least restrict it to LAN).
How ?
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Posts: 993
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Wed Dec 28, 2005 6:06 pm

/ip socks set enabled=no
Tout individu a droit à la vie, à la liberté et à la sûreté de sa personne.
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Wed Dec 28, 2005 8:34 pm

/ip socks set enabled=no
it was always disabled

Who is online

Users browsing this forum: No registered users and 123 guests