sehh Posted December 24, 2017 Share Posted December 24, 2017 This might be off-topic but I would appreciate some help because I am at a loss I've got a server with Linode and it comes with two IP addresses, one IPv4 and one IPv6. The server is running CentOS 7, with Apache virtualhosts that host static html pages and postfix/dovecot for my personal email. So far so good. Now here comes the crazy thing. Spamhaus will list my IPv6 address in their SBLCSS blacklist, continuously (I delist and a few hours later its listed again). The server is not compromised, its a vanilla CentOS 7 with SELinux enabled and running Apache for static html pages, the server cpu usage is 0% and network is also at 0%. I even shutdown the server and my IPv6 address STILL got listed by Spamhaus even tough the server was turned off. I am can only conclude that my server is not compromised, maybe Spamhaus is running some kind of net-block-wide auto-block system that also covers my own IPv6 address. My IPv4 has never been listed, in case you are wondering, and neither of my two addresses got listed on any other blacklist that I know of. I tried to contact Spamhaus but they don't have any contact information on their website. I would appreciate any suggestions please. Link to comment Share on other sites More sharing options...
Lking Posted December 24, 2017 Share Posted December 24, 2017 Have you contacted Spamhaus? Have you talked with those that connect your server to the greater internet to insure that your IP is not shared? Of course without knowing your IP only general ideas can be offered. Link to comment Share on other sites More sharing options...
sehh Posted December 25, 2017 Author Share Posted December 25, 2017 There is no contact information on Spamhaus, they clearly state that they do not want any sort of communication. Yes my IP is static unique and on my server only (of which I only have access for my personal domains). I've setup DKIM, SPF, DMARC and things have been running smoothly for many many years. Link to comment Share on other sites More sharing options...
AJR Posted January 3, 2018 Share Posted January 3, 2018 According to Spamhaus's FAQs about SBL CSS (https://www.spamhaus.org/faq/section/Spamhaus CSS), for IPv6 addresses their listings are not of single addresses but of ranges of addresses that are small enough that they should only cover a single customer: Quote CSS lists "/64" CIDR blocks in IPv6. Without such aggregation, IPv6 zone size could become unworkably large. Also, various gaming strategies used by spammers are much more difficult with aggregated blocks rather than single "/128" IPs. "/64" is the industry standard for the smallest IPv6 allocation to individual customers, even in home-use situations like cable, DSL or wireless. Thus, for ISPs which follow standard industry practices, CSS IPv6 listings will only affect a single customer. If your provider have only allocated a single IPv6 address rather than a full /64 for your server, and have multiple customers in the same /64 address range, then they are ignoring standard practice for IPv6 addressing in a way that could mean that you're being affected by bad behaviour by other customers of theirs. Link to comment Share on other sites More sharing options...
petzl Posted January 4, 2018 Share Posted January 4, 2018 On 12/25/2017 at 8:27 AM, sehh said: This might be off-topic but I would appreciate some help because I am at a loss I've got a server with Linode and it comes with two IP addresses, Removal advice here https://www.spamhaus.org/lookup/ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.