I have to Whitelist Amazon IP's to avoid IP blacklisting?
Freshman Member
Hello, I'm new to the use of our Zyxel USG60.
Currently we see our fixed IP address often blacklisted on blacklisters like Spamhouse ZEN and CBL. Besides some issues with our mail-provider that we are trying to solve, an external IT'er told us to whitelist US-EAST-1B: 52.55.244.91 and US-EAST-1C: 18.205.72.90 on our firewall. After some research I can't figure out how and where to do this in the USG60.
Any help is much appreciated...
Accepted Solution
-
Spamhaus and similar companies blacklist only single IPs or IP blocks. They do not interact with your network infrastructure in any way. Therefore you also can't do anything.
Possible reasons for blacklisting:
- Previous IP owner was spamming.
- Your are spamming but may don't know ;-)
- Your ISP has blocked an IP range for sending mails directly
- In the address range of our ISP are to much spammers and the whole block is blacklisted
Check here: https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a52.55.244.91&run=toolpage#
At the moment both of your IPs are not blacklisted.
If the IPs are later blacklisted again, go to the website of Spamhaus or others. Some of them shows you exactly why they have blacklisted a given IP.
6
Ally Member
All Replies
-
Hi @Pedro_vde,
USG60 doesn't have IP Reputation so it doesn't block IP.
Are the IP address 52.55.244.91 and 18.205.72.90 the wan IP addresses of USG60?
If these IP addresses are wan IP addresses of USG60 and are blacklisted by Spamhouse ZEN and CBL, try to report the issue to Blocklist Removal Center of Spamhouse.
If these IP addresses are blocked by USG60, share the screen shot of blocked logs with us.
See how you've made an impact in Zyxel Community this year!
https://bit.ly/Your2024Moments_Community0 -
Thank you for your attention...
I know that the USG60 does not block IP's, that's why I am completely lost in this. Maybe some extra info regarding this issue could clear out something more:
We are struggling for a while having our fixed main-IP address blacklisted on several blacklisters as a spam emitting IP. The culprit for this lies in the network-providers setup and their SMTP server. We are trying to solve this with them.
A network security specialist that we contacted ran a remote scan on our main-IP with his speciality tools and that is how we found out that there is an issue at our ISP. He also recommended us to whitelist US-EAST-1B: 52.55.244.91 and US-EAST-1C: 18.205.72.90 on our firewall regarding this issue. these IP's from Amazon seem to regulate mail traffic on the internet. By blocking these, it is possible that they see the IP address as a questionable sender because their systems do not realize what exactly is behind that firewall. That is approximately what I have understood from him.
I hope this clears out a bit...
kind regards,
Pedro
0 -
Hi @Pedro_vde,
On USG60, if you created profile for Anti-Spam and applied it to security policy rules, the white list in Anti-Spam is the only one you can add IP address for white list.
See how you've made an impact in Zyxel Community this year!
https://bit.ly/Your2024Moments_Community0 -
Thank you for the reply. The Anti Spam profile is indeed the only place where I could find a way to whitelist IP's on the USG60. But, as I do understand this whitelisting in the Anti-Spam profile, it only let mails pass that come from these IP-adreses . And I don't think this is what should be done in our case. It seems still unclear what should be done. I'll check further with the guy who told us to have this whitelisting done...
Thank you again for thinking along!
0 -
Spamhaus and similar companies blacklist only single IPs or IP blocks. They do not interact with your network infrastructure in any way. Therefore you also can't do anything.
Possible reasons for blacklisting:
- Previous IP owner was spamming.
- Your are spamming but may don't know ;-)
- Your ISP has blocked an IP range for sending mails directly
- In the address range of our ISP are to much spammers and the whole block is blacklisted
Check here: https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a52.55.244.91&run=toolpage#
At the moment both of your IPs are not blacklisted.
If the IPs are later blacklisted again, go to the website of Spamhaus or others. Some of them shows you exactly why they have blacklisted a given IP.
6
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight
