I just got this bounce message:
<████████@att.net>: host scc-mailrelay.att.net[204.127.208.75] said:
521-88.208.246.34 blocked by sbc:blacklist.mailrelay.att.net. 521 DNSRBL:
Blocked for abuse. See http://att.net/blocks (in reply to MAIL FROM
command)
So I'm trying to figure out why our server ended up on their blacklist. The web page link doesn't tell me why, as far as I can see. From a few multi-RBL tools I conclude that our IP is only on the collateral damage lists of uceprotect.net (you can be exempt from that with a paid subscription), and I dearly hope that AT&T doesn't use that.
From the mail server logs I see that an email to another @att.net
address went through two days ago without being blocked.
Does anyone have any ideas how I can find out what went wrong?
If you go to mxtoolbox.com and put in your IP, you can get a blacklist report. Your IP is on two of them:
Click the details next to the BL in question and it will tell you why you are on there and how to remove your self.
EDIT: I see that you already know that you are on the UCE Protect... Most mail admins use clearing house BLs that query all of the known ones, like SORBS, UCE, spamhaus, etc. You would need to talk with AT&T to determine which ones they are using. I noticed that they have a form you can fill out to find out why you were blocked...
EDIT2: Also, you should try adding your IP(s) to http://www.whitelisted.org. Supposedly, this will get around the UCE2 and UCE3.
rant
As a side note, I don't blame you for being upset at AT&T using UCE2 or UCE3. The people that run that blacklist have a bad attitude that is hurting everyone. They seem to think that you can switch ISPs on a whim when they won't shutdown a spammer. This mentality is just not practical in the current age of spam botnets of millions of computers scattered around the globe.
/rant
If AT&T is indeed using uceprotect.net then go the route that Scott Lundberg hints at.
If not, then contact AT&T support and see what the specific reason is. They should have a process that you can go through to get your host removed from the block, or at least a process to apply to have it removed.
Ussually that DNSRBL means you dont have your Reverse DNS records (PTR) setup, Did you contact your hosting provider and have those set.
An acceptable rDNS to is one like 218.237.68.77.in-addr.arpa name = domain.com.