[exim] Problem with Barracuda Networks

Top Page
Delete this message
Reply to this message
Author: Emmanuel Noobadmin
Date:  
To: exim-users
Subject: [exim] Problem with Barracuda Networks
I have a problem with Barracuda Networks blocking various dynamically
assigned IP addresses that my clients have the misfortune to be
assigned to every few weeks or so.

No other blacklist has the "offending" IP. AFAIK, neither had the mail
servers IP serving those clients domain ever been blacklisted by any
other lists in the years the domains had been active.

Neither is Barracuda blocking the mail server IP, based on the bounce
message, it's simply picking up on the sender's IP that is sent in the
mail header.

Initially I thought it was possible to use EmailReg.org to deal with
this as Barracuda suggests on their site. However, looking it through,
it seems that

1. EmailReg only works on per IP per domain.
In other words, everytime my client is unfortunate enough to get a
blocked IP when their current DHCP lease expires, they got to shell
out US$20

2. Subscription is for live and cannot be terminated
Googling about this, turns up user anecdote that EmailReg
automatically renews the subscription and charges the credit card, and
seemingly impossible to unsubscribe.

In other words, if my client get a new IP every 2 weeks and 1/4 of the
time they get a "bad" IP, they would have to pay US$20 every 2 months
(it's happened twice this year already). In a year, that's US$120 and
incrementing by US$120 every year. Some folks on the net call it a
racket/scam.

Currently, the practical solution is to ask my client to reboot their
modem so they get a new IP. But since Barracuda's list is likely to
grow, it may be possible that one day they will end up list the entire
public range our ISP provides, so this tactic becomes unusable.

So I'm thinking, perhaps the easiest way here is to strip/modify the
headers for outgoing emails so that Barracuda can't pick up on that.

Is this possible to do in Exim and are there any ramifications of
altering the sender IP say to a hash that I can track back for
investigating actual abuse?