Community Forum

Comcast IP address is Blacklisted

Highlighted
Frequent Visitor

Comcast IP address is Blacklisted

I'm the IT guy for my office.  My coworker is working from home and can't send any work emails or reply to received work emails.

 

This is the message he receives after attempting to send email:

"The server response is: Access denied for 67.160.211.38"

Link to Cisco Talos to confirm blacklisting. 

 

The IP address belongs to Comast and has been blacklisted which is preventing work email to pass through Comcasts servers.

 

My coworker reported this to Comcast last Tuesday and a case was created and escalated. There has been no response since then.

 

I've been through this situation in the past with other providers and was able to resolve it almost immeidately.  How is this handled at Comcast?  Why can't my coworker get any clear responses from Comcast?  It's a big interruption and incovenience during a time when we rely on our services to work properly during this shelter in place situation.

 

I can't find anything new on this topic in these forums. The ones I've found are all archived.

 

Any help appreciated.Screen Shot 2020-03-17 at 1.56.23 PM 2.jpg

Highlighted
Expert

Re: Comcast IP address is Blacklisted

Was dispute ticket submitted to Cisco. When an IP is blacklisted like that, Comcast doesn’t directly deal with the entity that black listed it to remove. That’s a Cisco problem that has to be worked out through Cisco

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
Frequent Visitor

Re: Comcast IP address is Blacklisted


@jweaver0312 wrote:
Was dispute ticket submitted to Cisco. When an IP is blacklisted like that, Comcast doesn’t directly deal with the entity that black listed it to remove. That’s a Cisco problem that has to be worked out through Cisco

A little more help please.  The IP address is blacklisted by pbl.spamhaus.org.  I've gone to their site to confirm blacklist and the removal process.  This is what it says:

 

Removal Procedure
Removal of IP addresses within this range from the PBL is not allowed by the netblock owner's policy.

 

Can you tell me what this means?

 

Thanks!

Highlighted
Frequent Visitor

Re: Comcast IP address is Blacklisted

Same EXACT message from Outlook here. I have nothing to do with Cisco. Next answer please. 😉

Highlighted
Official Employee

Re: Comcast IP address is Blacklisted

About the PBL:

 

"The Spamhaus Policy Block List ("PBL") is an international anti-spam system maintained by The Spamhaus Project in conjunction with Internet Service Providers and is used by Internet networks to enforce inbound email policies. The PBL database lists end-user IP address ranges which should not be delivering unauthenticated email to any mail server except those provided for specifically for that customer's use. The PBL lists only IP addresses (not domains or email addresses)."

The issue is likely a configuration of their email client - if they are using their Comcast email to send email they need to authenticate through the comcast SMTP server. Such is true for also domains. The outlook client should not be the "server" in this example. The user should be authenticating to its corresponding SMTP server. If Cisco is preventing authentication to your SMTP server, then you will want to have Cisco unlist so that your user can authenticate to your domain. 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
Frequent Visitor

Re: Comcast IP address is Blacklisted

Thanks, for your helpful answers.  I really appreciate it.

 

We do not use Outlook. We use Apple Mail on our Macs.  The SMTP settings are all correct; domain is correct, everything.  I have Comcast also at my home, using the same settings, same setup, but no problems sending mail.  BTW, he can send email using his iCloud account with no problem.  

 

All our staff working from home are all on Macs using Apple Mail.  I have set up everyone's email settings correctly on all.  Only one coworker is having this issue.

 

So Cisco is where to go from here?

Highlighted
New Poster

Re: Comcast IP address is Blacklisted

I am having the same issue on both SORBS and Spamhaus. According to SORBS, it is the ISP's responsibility to request removal from their blacklists. Is there a contact form or process that I can use to get Comcast to make this request? Unfortunately, being on this blocklist is preventing me from doing my job.

laurenwburton_1-1591629584197.png

 

Highlighted
Official Employee

Re: Comcast IP address is Blacklisted

@mistergsf Yeah that would be the next course. It also depends on what the domain is. If its comcast.net and its saying the server has denied it - then let me know in a PM with the details of the email address. If it is NOT Comcast.net, then it would be whoever owns the domain. That response is the server (domain) directly telling you "no" to sending emails. Unfortunately, Comcast does not directly request unblocks. The end user for example (you), would reach out to the provider (Cisco) and ask for the unblock. As the direct party involved, they would be able to tell you the reason why as well. (Sometimes a virus or misconfiguration issue could flag something in a system indicating abusive activity causing a block). 

@laurenwburton all Comcast Residential IPs will show up on a blacklist because they are on a Policy based blacklist preventing residential users from hosting unsecure email servers from their home networks. As mentioned above in a seperate response, we will need more details like IPs or domains.

 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
New Poster

Re: Comcast IP address is Blacklisted

I believe my issue is related to this. Getting bounces after send with error messages like this: 

 

Diagnostic-Code: smtp; 550 5.7.1 <xxx@xxx.xxx>: Recipient address
   rejected: Mail appeared to be SPAM or forged. Ask your
   Mail/DNS-Administrator to correct HELO and DNS MX settings or to get
   removed from DNSBLs; please relay via your ISP (xxx.xxx)

 

I found that my Comcast IP address is on the PBL. My question is, are comcast user IP's on the PBL to prevent them from hosting mail servers or are they there to prevent them from sending mail through non-Comcast mail accounts?

 

I am not running a mail server. I am using Apple Mail to send mail through my company's mail server, which is hosted at a large ISP, using authenticated SMTP over TLS 1.2. I've double checked and none of the other IP addresses or domains in header trace are in any blacklist.

 

Please advise. I can't believe Comcast would want to prevent us from using non-Comcast mail accounts. This must be a misconfiguration.

Highlighted
Official Employee

Re: Comcast IP address is Blacklisted

Hello @maho248 the Ip should be listed for PBL. This is via our normal process and should not be related to your issue. Are you able to PM the full bounceback message you receive? I would like to take a further look into this. 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
Official Employee

Re: Comcast IP address is Blacklisted

To add, Comcast is indifferent to you using a non-Comcast email. You can freely establish a connection off the Comcast network to any email server as long as that server allows your connection. To also note, its not a matter of "finding" that your IP is on the PBL, its a matter fact that 100% of all residential IP addresses are listed on the PBL. The primary function of the PBL is to prohibit residential server hosting as it is not residential usage. There are also a plethora of security concerns when it comes to a residential user being able to freely host mail servers from their home network. The issue is as you likely stated, a misconfiguration or a block imposed by the domain to block your connection to their server. 

 

 


I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: CARE, Product, Leadership. We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!