How To Get Off an RBL

It sucks to get on a email blackhole list. Click “more” to find out how we got PSU off ATT.net’s proprietary RBL.

Subject: test

Date: January 26, 2004 11:54:31 AM EST

To: abuse-at-att.net

This is an email message to test whether plymouth.edu is still on your blackhole list.

We’ve recently discovered and eliminated computer on our campus/network infected with a spam trojan and have take further steps to eliminate sources of spam here.

Please consider removing our domain from your blackhole list. Thank you,

Casey Bisson

______________

Systems Administrator & Library Systems Liaison

Plymouth State University

Plymouth, New Hampshire

Subject: please remove us from your RBL

Date: January 26, 2004 12:24:55 PM EST

To: abuse_rbl-at-abuse-att.net

We believe strongly in the Internet community and take our role as network stewards and citizens in that community seriously. We acted quickly to eliminate a host that had been compromised by a spam trojan and have since taken further steps to prevent further spam from originating at plymouth.edu.

Please consider removing us from your blackhole list. We have been spam-free for some time and are confident that we can prevent future spam storms from originating on our network.

Thank you,

Casey Bisson

______________

Systems Administrator & Library Systems Liaison

Plymouth State University

Plymouth, New Hampshire

From: please_do_not_reply-at-att.net

Date: January 27, 2004 1:46:43 PM EST

Thank you for contacting the AT&T Internet Investigations and Security

Services Team at abuse_rbl-at-abuse-att.net.

This address is intended for network admin inquiries regarding blocked email

intended for delivery to att.net. If you are a network admin, please specify

that in your inquiry. Please be sure to include the IP of your SMTP

mailserver in your inquiry. For all other blocking or spam related issues,

please email:

abuse-at-att.net

Regards,

AT&T IISS Team

Subject: please remove us from your RBL

Date: January 27, 2004 1:46:41 PM EST

To: abuse_rbl-at-abuse-att.net

To the ATT.net IISS team:

I am a systems and network administrator representing Plymouth State University contacting you regarding our identification in your RBL.

We have four valid SMTP relays at plymouth.edu:

mail.plymouth.edu at 158.136.1.110

oz.plymouth.edu at 158.136.1.100

webmail.plymouth.edu at 158.136.1.99

www.plymouth.edu at 158.136.1.103

We believe strongly in the Internet community and take our role as network stewards and citizens in that community seriously. We acted quickly to eliminate a host that had been compromised by a spam trojan and have since taken further steps to prevent further spam from originating at plymouth.edu.

Please consider removing our mailservers from your blackhole list. We have been spam-free for some time and are confident that we can prevent future spam storms from originating on our network.

Thank you,

Casey Bisson

______________

Systems Administrator & Library Systems Liaison

Plymouth State University

Plymouth, New Hampshire

Subject: Re: please remove us from your RBL [012904-110003-9327-55]

From: abuse_rbl-at-att.net

Date: January 29, 2004 11:00:03 AM EST

Dear Administrator:

Thank you for contacting abuse_rbl-at-abuse-att.net.

The mail-server IP address(es) associated with your request have been removed

from the block list. In the event that the IPs are again found to be involved

in spam-related activity, the IP address(es) will again be blocked.

If you have other concerns, please e-mail us at abuse_rbl-at-abuse-att.net.

Regards,

AT&T Internet Investigations and Security Systems Team