Community discussions

MikroTik App
  4. RouterOS
  5. General

Help with DSBL.ORG

Post Reply
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Help with DSBL.ORG

Tue Dec 27, 2005 12:21 pm

dsbl. org is freqently putting one of our routers ( not servers ) on their list.
Here is the detail:
http://dsbl.org/listing?62.233.191.226
Could anyone help ?
I mean I removed once from thei list, but they did it again. Shoul I do something with router config ?
Regards
Peter
Top
 
Tonda
Member Candidate
Member Candidate
Posts: 165
Joined: Thu Jun 30, 2005 12:59 pm

Tue Dec 27, 2005 12:41 pm

Do you have mail server in your network?
Top
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6695
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:
Contact sergejs

Tue Dec 27, 2005 12:45 pm

You have to restrict access to your router.
If you have proxy, modify access-list (or firewall input chain) allowing access to router only for trusted users.
Top
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 1:31 pm

Do you have mail server in your network?
Yes but with other IP. This is only router with masquerade.
Top
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 1:35 pm

You have to restrict access to your router.
If you have proxy, modify access-list (or firewall input chain) allowing access to router only for trusted users.
Yes but:
1.access is restricted only for internal network
2. proxy works on port 80 while DSBL test message is sent on completely different port as You can see:
http://dsbl.org/message?30917003
Top
 
Tonda
Member Candidate
Member Candidate
Posts: 165
Joined: Thu Jun 30, 2005 12:59 pm

Tue Dec 27, 2005 1:48 pm

Are incoming SMTP connections dst-natted to mail server in your internal network?
Top
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 1:56 pm

Are incoming SMTP connections dst-natted to mail server in your internal network?
No. On 62.233.191.226 no service is active. Once more: it is only masquaraded address for internal network.
BTW mail server is active but at 62.233.191.168 but it requires auth to send anything
Top
 
User avatar
mag
Member
Member
Posts: 376
Joined: Thu Jul 01, 2004 12:32 pm
Location: Cologne, NRW, Germany
Contact:
Contact mag

Tue Dec 27, 2005 3:57 pm

if the address was part of a dial-in pool of a large ISP, its very common that it is listed in several black-hole lists.
only way to get out is getting a static ip with correct PTR-record or using a SMTP-gateway.

not exactly a router-specific problem ;-)
Top
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Posts: 986
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Tue Dec 27, 2005 4:58 pm

Close SOCKS Proxy on the router (or at least restrict it to LAN).
Top
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Tue Dec 27, 2005 6:09 pm

Close SOCKS Proxy on the router (or at least restrict it to LAN).
How ?
Top
 
User avatar
Eugene
Forum Veteran
Forum Veteran
Posts: 986
Joined: Mon May 31, 2004 5:06 pm
Location: Cranfield, UK

Wed Dec 28, 2005 6:06 pm

/ip socks set enabled=no
Top
 
securex
just joined
Topic Author
Posts: 11
Joined: Fri Sep 30, 2005 2:16 pm

Wed Dec 28, 2005 8:34 pm

/ip socks set enabled=no
it was always disabled
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], dioeyandika, Google [Bot], lurker888, NetHorror, raiser and 85 guests
  4. RouterOS
  5. General