Figured out something new today. Apparently some of the spam blacklist sites which use DNS based blacklisting limit the number of queries from specific IPss. We were forwarding all internet DNS queries to a 184.108.40.206 and a few others which basically meant that some of our DNS blacklists and whitelists were not working as these IPs were almost always maxed out.
Had to set those zones as recursive on our mail server's bind instance so it could resolve them directly with the relevant servers.
Should reduce some spam and also ease and speed-up delivery of whitelisted mail servers to ctwug.za.net.