Jump to content

Recommended Posts

this is the IP address of a Linode instance I run OpenVPN on, as well as running a mailserver on.

 

The "website blocker" is blocking access to UDP/1194 on this server, which is the OpenVPN instance.  I checked the IP reputation for the IP address at Barracuda, and it is good.  I also checked all MX related blacklists since it's a mailserver, and discovered that it is not on any blacklists but SORBS DUHL and SEM BLACK.

 

SORBS DUHL is a "dial-up/home" netblock policy list, and notoriously inaccurate... as we can see here, since it's detecting Linodes as "home/dial-up".  It's also not something that anybody but the netblock owner can contest, and even then SORBS answer is generally "go away, we're not paid to do this and we don't care how awful we are."  I strongly suspect SEM is just copying the DUHL in their "policy block" section of the SEM BLACK list, as, again... not on any other blacklists whatsoever, and grepping maillogs does not show any suspicious delivery.

 

In fact, the server in question has only sent 128 total mails ANYWHERE in the last two days, all of which I just personally verified were valid emails sent by myself.

 

In summary: PLEASE don't blindly use SORBS or SEM as sources for your "potentially malicious website blocker", particularly since it blocks not merely "websites" but EVERYTHING and those are notoriously unverified lists it can be impossible to get removed from in the case of a false positive.

Link to post
Share on other sites

IMPORTANT correction:

 

the IP address is 173.230.137.22 and it's not on any blacklists whatsoever.

 

The connection being blocked is not actually to a website, but if it helps, vpn.jrs-s.net is the A record that the OpenVPN config uses to connect.  Doesn't much matter, though, because I can't so much as ping the raw IP without adding it to the Ignore list in MWB Pro (which took frustratingly long to figure out how to do as well).

Link to post
Share on other sites

The problem has gotten even worse - I have one server which is not producing the tooltips regarding the blocking (yes, tooltips for website blocking ARE enabled in the interface) and thus the right-click tray icon->add to ignore list option is not present.  I need a way to exclude this IP address from the blocklist!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.