Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
409
Views
0
Helpful
2
Replies

Blacklist Proactive Solution

wrightsreprints
Level 1
Level 1

‎07-23-2013 10:35 AM - edited ‎03-05-2019 06:50 AM

Good day folks,

Our IP address was recently blacklisted due to a misconfiguration/hack on our IronPort. This hole has been addressed.

I am seeking advice on how to reduce the impact on our business when we are blacklisted. It seems common that BLs take 24-48 hours if not longer to clear up. This cannot fly in a business environment.  How do you have your infrastructure setup to reduce the impact of a BL?  Do you have multiple IP addresses configured for SMTP traffic?

We have a single Cisco ASA firewall and all outbound mail traffic (SMTP 25) goes through the device. A reverse lookup currently shows our ASA's IP address.

My theory is to configure a second external IP address in order to move SMTP traffic through while we are on a blacklist.

Thanks for any advice.

Jeff

Labels:
0 Helpful
2 Replies 2

johnlloyd_13
Level 9
Level 9

‎07-23-2013 11:40 PM

hi,

did you request to add a reverse PTR for your mail server at ISP level?

0 Helpful

wrightsreprints
Level 1
Level 1
In response to johnlloyd_13

‎07-24-2013 05:47 AM

At this point, no. I am just looking for suggestions and what to do (or what not to do).  In combination to my theory, that does seem logical. Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card