How to clear UCEPROTECT Level 3

Discussion in 'Server Operation' started by nara_456, Dec 8, 2009.

  1. nara_456

    nara_456 New Member


    I am using Zimbra Mail Server in Ubuntu Environment, and using Bind 9 as DNS.
    I have purchased a domain from yahoo.

    After installation of Zimbra Mail Server, the mails i am sending to yahoo and Gmail are going to SPAM instead of INBOX For this issue already I placed a forum and gathered the information and found that my Static IP address is in Blacklist and I contacted my Internet Service Provider to clear the Blacklist issue.

    My ISP provider confirmed that they removed my static ip address from Blacklist.

    When i checkout, whether my ip is in blacklist or not in - - - it is showing that my ip is not in blacklist

    and when check in this website -- mxtoolbox i found that my ip address is in blacklist and placed in

    Do i need to install any antivirus or spam scanner or firewall in my system separately to clear this issue.

    Already i am having amavisd and clamav for antivirus and spam.

    How can i clear this blacklist issue - UCEPROTECT L3.

    Thanks in Advance .
  2. thavaht

    thavaht New Member

    Being in UCEPROTECT level 3 is not a problem with your IP. It's your provider's problem, so there's nothing you can do.

    If you go to the page and check your IP you'll find good and detailed explanation about that.


  3. secops007

    secops007 New Member

    I had the same problem of being listed in UCEPROTECT and found they are not a legitimate organization and request continued ransom payments to be unlisted. My advice, don't contact them for 'removal' and don't pay them.
  4. Steini86

    Steini86 Active Member

    There is a lot of discussion about UCEPROTECT. It is basically a one-person "company" who blocks IPs willy-nilly and then demands money for unblocking. Never-ever use this black list in your mail system, you are supporting a shady person who is at least as annoying as the spammers. You can request being whitelisted for 42€/year. Currently there are 838 domains listed on the whitelist. Pretty good income and a main reason for this rogue methods. Its worse than ransomware, because you can't protect yourself (or your domain) against these gangsters.
    Most "funny" thing is: They have trap addresses. If you send an email to this domain, you get blacklisted. Now, people register somewhere (forum account, newsletter, amazon account) with one of these fake addresses and then this mail server gets blocked...
    Th0m likes this.
  5. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    this happened to amazon AWS last year. 34+ million of their ip's put on the uceprotect L3 blacklist.
    my ec2 mailserver instance was on one of those ip's.
    and microsoft, in their incompetence, uses the uceprotect blacklist for their systems. so all mail to their managed office365, hotmail, aol etc was blocked, including those companies that use microsoft to manage their own mail systems, so btinternet etc. all mail blocked.

    there's absolutely nothing you can do about it. stuck waiting 4 months for aws/microsoft/uceprotect to sort things out between themselves.

    you either need to change the ip for your server to one not on their blacklist, or create a smarthost server elsewhere and relay all outbound mail from your existing server through that.

    *start rant*
    and expect to get more shit from microsoft once the uceprotect issue is resolved.... they kept the block on my mailservers ip, saying they'd seen spam being sent from it to their users recently... which was impossible, since they'd blocked our server even attempting to send to them directly for 4 months, and all our outbound mail had been coming from a different ip. plus i was on their mail watch thing, and i could check through that, and they'd only registered a total of 7 emails that were possible spam within the previous 12 months. nowhere near enough to be classed a high risk mailserver... bloody useless idiots.
    *rant over*
    Th0m likes this.

Share This Page