07-23-2013 10:35 AM - edited 03-05-2019 06:50 AM
Good day folks,
Our IP address was recently blacklisted due to a misconfiguration/hack on our IronPort. This hole has been addressed.
I am seeking advice on how to reduce the impact on our business when we are blacklisted. It seems common that BLs take 24-48 hours if not longer to clear up. This cannot fly in a business environment. How do you have your infrastructure setup to reduce the impact of a BL? Do you have multiple IP addresses configured for SMTP traffic?
We have a single Cisco ASA firewall and all outbound mail traffic (SMTP 25) goes through the device. A reverse lookup currently shows our ASA's IP address.
My theory is to configure a second external IP address in order to move SMTP traffic through while we are on a blacklist.
Thanks for any advice.
Jeff
07-23-2013 11:40 PM
hi,
did you request to add a reverse PTR for your mail server at ISP level?
07-24-2013 05:47 AM
At this point, no. I am just looking for suggestions and what to do (or what not to do). In combination to my theory, that does seem logical. Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide