Environment
GWAVA 4 all builds All supported operating systems
Situation
Many good domains are getting blocked as SURBL Answer/
Resolution
The SURBL false positive problem that we have been seeing stems from this: http://www.uribl.com/about.shtml#abuse. If URIBL.com thinks you've been abusing their free service, they put your DNS server on a blacklist of sorts, and start giving your queries a 127.0.0.255 response instead of a 'not found' response, which would be interpreted by anti-spam programs as a SURBL positive. There are a few solutions to this issue. 1) Remove *.uribl.com from your SURBL servers in the GWAVA Management Console. This is the preferred solution. 2) Change your DNS Server. Since the queries are DNS-based, uribl.com will look at your DNS server's IP address. 3) Subscribe to uribl.com data feed service described in the above link
Additional Information
This article was originally published in the GWAVA knowledgebase as article ID 975.