New Server listed in the Barracuda RBL but passes on all other 85 blacklists

monkey64

Well-Known Member
Nov 6, 2011
108
4
68
cPanel Access Level
Root Administrator
I've just migrated to a new WHM server. For some reason the main Server IP is listed in the Barracuda RBL but passes on all other 85 blacklists. I did check the IP when it was assigned to me and I'm sure it was clean.

At first I assumed that the server was spewing out spam from an account but Home > Email > Sent Summary shows a very modest set of emails (under 800 today). I scanned down every message today it was genuine and I couldn't find any spam. Under 'View Relayers' I see a similarly small number of mail, all as expected. From what I can see there is no spam being sent.

I don't understand why I'm caught in an RBL. Does the action of migrating to a new IP trigger a warning or is there something more I need to investigate? Obviously I have SMTP authentication turned on so the Server is not an open relay ;)

It is tempting to backup my Exim config from the old Server and restore it on the new one in case it in some way helps. That may make things worse!
Can anybody offer some assistance please?

Thanks
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
2,977
376
213
cPanel Access Level
Root Administrator
This is also something I'd bring up with your hosting provider. Since you just got the machine, that indicates the IP was blacklisted before it was under your control, which is something the host may be interested in knowing.
 

ffeingol

Well-Known Member
PartnerNOC
Nov 9, 2001
532
160
343
cPanel Access Level
DataCenter Provider
It can also be volume based. They never saw anything from that IP and now they do, so they are 'caution' before they flag it as good.
 
  • Like
Reactions: cPRex

monkey64

Well-Known Member
Nov 6, 2011
108
4
68
cPanel Access Level
Root Administrator
This is also something I'd bring up with your hosting provider. Since you just got the machine, that indicates the IP was blacklisted before it was under your control, which is something the host may be interested in knowing.
That's a good point. I have just raised a ticket with the hosting provider given that the server only had live traffic for 5 hours.