How to deal with "host blocked using Barracuda reputation"
Occasionally CSAIL users receive email bouncebacks like the following:
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
SMTP error from remote mail server after end of data:
host email-in.their-domain.edu [MMM.MM.MMM.MM]: 554 Service unavailable; Client host
[outgoing.csail.mit.edu] blocked using Barracuda Reputation; http://www.barracudanetworks.com
where the second IP address
actually match the outgoing.csail's IP address of 126.96.36.199.
The problem lies not with anything at CSAIL, but with the Barracuda filtering appliance that your recipient's mail servers (here,
) are using.
CSAIL's outgoing mail server is following standard RFC practice by adding a
line reflecting the IP address from which you submitted your message. The Barracuda appliance at
is doing two things wrong: they are using Received: lines as evidence of malicious origin when quite frequently they correspond to authenticated SMTP submission, and their error message is conflating "outgoing.csail.mit.edu" with the IP address they really have a beef with (here,
What to do about it
If possible, please contact your recipient by alternate means, and suggest they refer their system administrators to this page. Alternatively, TIG can try to contact postmaster@
which should bypass spam filters (but is not guaranteed to get anyone's attention in a timely fashion).
For further assistance, please email firstname.lastname@example.org
including the full bounce message.
- Over the past year, between 5 and 10 cases matching this pattern have come to TIG's attention.
- To our knowledge, a temporary workaround is to add outgoing.csail.mit.edu to the remote site's Barracuda whitelist, but this will not be a permanent fix.
- It would be preferable if the behavior of Barracuda appliance could be changed -- ideally the default behavior.
- As of May 2011, Comcast and GMail add Received: lines listing the IP addresses for message submission agents in the same way we do.
- 31 May 2011