Hi Jered,
I'm not a Barracuda customer myself I can only report my own interaction
with them. I run several public mailservers.
1) I don't run public mailing lists and if I ever was going to do that I
would run them on a separate server with a separate IP address
2) I don't run my webserver on the same server as my mailservers.
3) I have gotten BLed by Barracuda a couple of times. It usually takes
about 3-4 days to get delisted so while I'm waiting I route outgoing
mail through an alternate server. I get BLed when a customer falls for
a phish mail and gives out their password.
My recommendation is you have at least 4 public IP address with servers,
one for your webserver, one for your mailserver and one for an alternate
mailserver and one for a mailing list server.
As for the "class C block" I think that is likely that you are trying to
do everything with a single static IP. If you had a subnet of public
IPs then the ISP that issued it to you would SWIP them to you and
you would have no problems proving to Barracuda that your not part of
the rabble.
I realize you said your in a data center. Contact the data center
provider and tell them you want a block they will SWIP to you. I
realize this may cost you some more money. But email is not one of
those things you can do well on the cheap.
Ted
On 6/20/2015 8:38 AM, Jered Floyd wrote:
>
> Hello SA-users,
>
> I have a question on the other side of things: outgoing mail. I know
> this is off-topic but this seems to the only venue where there might be
> knowledge of the problem, and the offender is a spamassassin "customer".
>
> (I operate an MTA host on which I run SpamAssassin -- it works
> flawlessly. (I am running Debian Postfix 2.7.1-1+squeeze1 with
> spamassassin 3.3.1-1.1) This system is in an Internap data center, and
> provides mail services for about a half-dozen organizations that I
> support. SPF and DKIM are correctly configured for hosted domains, as is
> user authentication for submitted mail.)
>
> I appear to be getting a shakedown scam from Barracuda Networks. They
> seem to be getting out of the "anti-spam" and into the "protection
> racket" business.
>
> A small number of recipients have been getting bounce-unsubscribed a
> community mailing list that I administer. The most recent bounces say
> that this "blocked using Barracuda Reputation;
> http://www.barracudanetworks.com/reputation/" Visiting that page
> provides no information on the specific reason my MTA has been blocked
> so I can't determine if there is a configuration issue, but there is a
> link for one-time removal.
>
> Below that the page says "One way to get your email through spam filters
> even if you are listed on the BRBL is to register your domain and IPs at
> EmailReg.org." OK, sounds good, I can prove that my IP address is
> allowed to send for my domains -- I thought that was what SPF and DKIM
> are for (which are configured) but whatever.
>
> However, I click through to emailreg.org <http://emailreg.org> and AFTER
> signing up for an account and configuring it they then reveal that there
> is a $20 "administrative fee" per domain.
>
> This sounds like a scam to me. They're blacklisting mail servers, not
> telling why, and then offering to take you off the list (without even
> correcting any problems) for "just" a $20 fee. I don't see how any
> legitimate RBL can operate with that model.
>
> Has anyone else here run into this? Is there a way out other than
> bribing Barracuda to not block my mail?
>
> Thanks,
> --Jered
>