Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Highlighted
dbentley1 Contributor.
Contributor.
269 views

GWAVA - many GWAVA blocked: surbl

We are running GWAVA 7 with latest updates for our domain awu.net.au - been working fine for many years now.

4 days ago it was reported one particular external sender using hotmail.com kept having their email rejected from delivery to our system with following message returned:

mailgate.awu.net.au gave this error:
Remote server returned an error -> 550 Message was blocked by server (GWAVA blocked: surbl, reference ID: str=0001.0A15020A.5DB0EE08.006A,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0)

Did a email blacklist check of hotmail.com mailservers and could find no listing, so just added an  exception to allow that particular Hotmail address to be ignored for SURBL and RBL checks.

Today we suddenly have many external emails from many domains being blocked with same surbl reference, and checking their mailservers shows no listing in email blacklist  - this include the likes gmail.com, bigpond.net.au . Our SURBL and RBL server list is multi.surbl.org . 

Maybe his a known fault caused by a recent GWAVA update or surbl.org itself. Could someone assist to help resolve.

 

0 Likes
11 Replies
Knowledge Partner
Knowledge Partner

Re: GWAVA - many GWAVA blocked: surbl

Hi @dbentley1,

I had a similar situation.

There is an SMG setting, I can't remember where, that specifies the message should be rejected if any of the SMTP servers are blacklisted in the whole chain of servers used to deliver the message.

The only way to know for sure is to get the senders reject message and check all the servers in the chain.

It's also possible that the other email being rejected used one of the same forwarding servers.

_____
Kevin Boyle - Knowledge Partner - Calgary, Alberta, Canada
Who are the Knowledge Partners?
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
dbentley1 Contributor.
Contributor.

Re: GWAVA - many GWAVA blocked: surbl

Hi Kevin,

Good tip fowever there many incoming mailservers from various destinations getting rejected so definitely not part of the same mailserver chain. However I will try to find that setting anyway.

Any other thoughts as to a cause? I was thinking false positives by multi.surbl.org however there would be lots of reports across the world if this was the case. What SURBL server do you have specified?

 

0 Likes
Knowledge Partner
Knowledge Partner

Re: GWAVA - many GWAVA blocked: surbl

One of my customers had the same Problem with Gwava 6.5 recently. I plain disabled surbl, as I consider it useless anyways.

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
dbentley1 Contributor.
Contributor.

Re: GWAVA - many GWAVA blocked: surbl

Hi Massimo,

We may have to disable it too if we cannot find out why this is suddenly happening. However we do find it useful for rejecting genuine blacklisted email servers.

0 Likes
Knowledge Partner
Knowledge Partner

Re: GWAVA - many GWAVA blocked: surbl


@dbentley1 wrote:

Hi Massimo,

We may have to disable it too if we cannot find out why this is suddenly happening. However we do find it useful for rejecting genuine blacklisted email servers.


Rejecting genuinely blacklisted mailservers is RBL's job.

CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Knowledge Partner
Knowledge Partner

Re: GWAVA - many GWAVA blocked: surbl


@dbentley1 wrote:

What SURBL server do you have specified?

I use the defaults:

clipboard_image_0.png

and

clipboard_image_1.png

You may find this document helpful.

Best Practices for Spam Control

_____
Kevin Boyle - Knowledge Partner - Calgary, Alberta, Canada
Who are the Knowledge Partners?
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
dbentley1 Contributor.
Contributor.

Re: GWAVA - many GWAVA blocked: surbl

Hi Kevin,

Yes we use the same defaults as you, has been set that way for years with no issues. If there isn't an answer to why this is happening our only choice will be to disable SURBL and RBL checks, certainly not our preferred option.

Even though this is an old KB it still holds: https://support.microfocus.com/kb/doc.php?id=7019628 

 

0 Likes
Knowledge Partner
Knowledge Partner

Re: GWAVA - many GWAVA blocked: surbl


@dbentley1 wrote:

Hi Kevin,

Yes we use the same defaults as you, has been set that way for years with no issues. If there isn't an answer to why this is happening our only choice will be to disable SURBL and RBL checks, certainly not our preferred option.

You haven't said that you have any RBL issues and they deal with the servers sending you the email.

From the link you provided:

SURBL stands for Spam URI Real-time Block Lists.  SURBL works very much like RBL, except SURBL lists target URLs in the body of messages.  SURBL tends to be highly accurate.  False positives are rare.

Your error message clearly states your server (mailgate.awu.net.au) gave this error:

Remote server returned an error -> 550 Message was blocked by server (GWAVA blocked: surbl, reference ID: str=0001.0A15020A.5DB0EE08.006A,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0)

I don't know how to interpret that error but, before you disable SURBL checks, maybe Micro Focus can help if you open an SR.

Also, you may be able to learn more from the SURBL website.

Once you determine exactly what the message means, you'll know why the email was rejected and be better able to decide a course of action.

_____
Kevin Boyle - Knowledge Partner - Calgary, Alberta, Canada
Who are the Knowledge Partners?
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
dbentley1 Contributor.
Contributor.

Re: GWAVA - many GWAVA blocked: surbl

Hi Kevin,

No issues with RBL, just SURBL. And yes we understand how it is meant to work however as described previously now rejecting 100's of genuine emails with pretty bland email content and new URLs.

Seem like a GWAVA update fault and will raise a SR as you suggested, however for now disabled to get us over this existing drama of rejecting emails. No-one else reporting similar issues so might be restricted to our setup only.

Cheers, Dale. 

0 Likes
tfe Trusted Contributor.
Trusted Contributor.

Re: GWAVA - many GWAVA blocked: surbl

Have the same issue here with a customer on GWAVA 6.5.   90% incoming Mails are filtered due to SURBL even internal sources....

deactivated SURBL scan.

 

regards Tobi

0 Likes
Knowledge Partner
Knowledge Partner

Re: GWAVA - many GWAVA blocked: surbl


@tfe wrote:

Have the same issue here with a customer on GWAVA 6.5.   90% incoming Mails are filtered due to SURBL even internal sources....


 

Hi Tobi,

In situations like this it's always good to open an SR, even if there's an easy workaround. That's the only way to ensure Micro Focus is aware of the issue. The more SRs that customers open, the greater the incentive for Micro Focus to do something about it! 

 

 

_____
Kevin Boyle - Knowledge Partner - Calgary, Alberta, Canada
Who are the Knowledge Partners?
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.