Reputation Filtering Rejecting a valid Host

Unanswered Question
Sep 28th, 2009
User Badges:

We have a company that is not able to email us. Our ironport server says their reputation status is poor and is rejecting the message.

If you go to and enter the ip addresses of their server they are all 95-100 score rating.

Why are we rejecting their email?

I was able to get around this by add them to the whitelist.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
fireforge_ironport Fri, 10/09/2009 - 19:11
User Badges:

Use the trace feature within your Ironport itself to lookup info on that particular host. The results of the trace are far more accurate then what you'll get on the senderbase website.

VancePrice Fri, 10/09/2009 - 19:47
User Badges:

Thanks. I had to temporarily remove the host from the whitelist to run this trace. Next question they will ask is, "Where do these scores come from?". Here are the results from the trace.

Host Access Table Processing (Listener: IncomingMail)
Matched On: sbrs[-10.0:-3.0]
Sender Group: BLACKLIST
Named Policy: BLOCKED
Connection Behavior: REJECT
Fully Qualified Domain Name:
SenderBase Network Owner ID: 1811038
SenderBase Reputation Score: -3.0
Policy Parameters:
Max. Messages Per Connection: 10 Default
Max. Recipients Per Message: 50 Default
Max. Message Size: 20M Default
Max. Concurrent Connection From a Single IP: 10 Default
Use TLS: No Default
Accept Untagged bounces: No
Max. Recipients Per Hour: Unlimited Default
Use SenderBase: Yes Default
Use Spam Detection: Yes Default
Use Virus Detection: Yes Default

VancePrice Fri, 10/09/2009 - 20:55
User Badges:

I did a lookup on this host on and got a poor result back.

Previously I had used and it passes there.

What is the difference between the 2?

shannon.hagan Wed, 10/14/2009 - 00:28
User Badges:

Senderscore is done by a different company (Return Path) and is the one run by ironport.

I did a lookup on this host on and got a poor result back.

Previously I had used and it passes there.

What is the difference between the 2?
Andrew Wurster Wed, 10/14/2009 - 17:45
User Badges:

this host is a 'poor' score for a reason - whether it's quasi-legitimate spam / marketing mail or a sharp statistical increase in mail volume over a short period due to some bot net or virus traffic - there's not supposed to be any misinformation or false positives. there are many reasons or factors that contribute to the score, which is mostly confidential for us (IronPort). we can tell you that it is a rolling average that is continuously correcting itself.

many cusgtomers are comfortable referring their partners or owners of incoming MTAs that have been rejected by SBRS to just RTM at and contact SB support teams for more info.

so in short, if you 'trust' this MTA and they don't want to contact SenderBase for help, then yes, manually add it to the whitelist. occasionally whitelisting is easier than constantly blacklisting, which is why senderbase is so cool / popular.

more info on and our 'Sender Base Reputation Score':

Sender Base Best Practices / Overview:

Tips on Low Scores:



This Discussion