hi, 

one of my systems, 195.49.138.41 is listed in cbl.

On the lookup page is no further information, which kind of problem was
detected. I need this information to find and intercept the problem.

I went the way of your CBL listing diagnosis on
http://cbl.abuseat.org/faq.html, so here we go:

(2) this system does no NATing, it is a standalone gnu/linux box with
    static (one) ip and it is not multihomed or something. 
    but anyway, have a look by yourself:
    ,--------
    |   oemcomputer:~# iptables -L -n -v -t nat
    |   Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
    |   pkts bytes target     prot opt in     out     source destination         
    |
    |   Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
    |   pkts bytes target     prot opt in     out     source destination         
    |
    |   Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
    |   pkts bytes target     prot opt in     out     source destination       
    `--------

(3) this system is not a personal computer. fullstop.
    But anyway, it is run by an actual gnu/linux debian-vendor kernel
    with latest security patches.
    ,--------
    |   oemcomputer:~# uname -a 
    |   Linux oemcomputer.oerks.de 2.6.18-5-686 #1 SMP Wed Sep 26 17:54:59 UTC 2007 i686 GNU/Linux
    `--------

(4) this system has an static ip. fullstop.

(5) this system has no wireless network/hub ore something. It is located
    in a normal cage within a internet service provider with traditional
    wired network.

(6) the listed ip IS IN FACT the real IP of a mailserver. cite:
    ,--------
    | It is very rare for "real" mail servers to find themselves listed in
    | the CBL. The CBL's techniques are specifically designed to avoid
    | listing real mail servers, even if the mail server relays viruses or
    | trojan/proxy spam.
    |
    | A correctly operating and configured mail server cannot trigger a
    | CBL listing under any circumstances.
    `--------
    Okay, i think, you have a lot of development potential left.

    The mailserver itself runs with postfix 2.3.8, amavisd-new 2.4.2 and
    clamav 0.90 with actual vendor patches.

    There is no sender-verification i know about.
    There nothing of that crap that you listed.

(7) this machine is blocked with something other - may be, i dont know.
    Please tell me!

(8) don't hope so.
    I'll scan the log of the outgoing smtp-system to play safe.

(9) Okay - i try.

Some more information on the asked system:
- public services: sshd, smtp, pop3s, imaps, http, https, domain, auth,
  nntp. ALL services running with actual, state of art software with actual
  security patches. 
  apache 2.2.x:
  - there is NO mod_proxy, mod_proxy_balancer, mod_jk or something like
    that, nor a squid or mysterious forward.cgis.
- the system is a spare system on the state production ready and has the 
  mission to exchange a similar system with older/slower hardware but the 
  same software revisions.  
  The only real difference between (outside hardware) them is the name 
  of the system. It was run for now 3 years and was never listed in any rbl.
- the folks which operate this system in their spare time hold down 
  jobs in operatiing unix systems and mostly  :-)  know their jobs.
  
I have a (real strange) idea of the real background of the listing.
The dns-name of this system is really oemcomputer.oerks.de
Please check, if this might be the problem, because of many
windows homecomputers yelling out that default name 'OEMCOMPUTER', and
they are indeed frequently infected with crapware.

thank you,
Aleks 
-- 
Remember! Everytime You say "Web 2.0" God kills a Startup!
http://oerks.de/blog