our domain is blacklisted on Tiopan,,,,help!

do most people even follow Tiopan?  I'm not sure if i should be even worrying about them....

Not ever seen them used before - but you never know.
Check on all the blacklists by visiting www.mxtoolbox.com/blacklists.aspx and if you are listed, follow the links to the relevant sites and make sure the listings and not current.
Note the date time of the last report and if that changes to a newer time in a few hours, you still have a problem.
If not, then you probably have solved the problem.
Locking down your firewall to only allow port 25 out from your server is also a worthwhile measure to take (as EndureKona has advised), so that if you get infected again, the infection should not be able to send out mail.  If you cannot do this with your router - change it to one that can block outbound traffic by internal IP.

Thanks everyone. I have been checking mxtoolbox,robtex.com, and now kloth....all say we are clear EXCEPT for Tiopan (via mxtoolbox).

I think I might fax tiopan and see if that helps. Wishful thinking I know...but its worth I try.

Mail flow seems to be getting back to normal....but on top of submitted requests for delisting to all the RBLs we were on, I also reached out directly to Hotmail, ATT, Comcast, via phone or webform.

I have a phone call in with the university of texas Austin and bellsouth.net...our emails are not reaching them...but we also receive a totally different error message then this morning.

The blacklist emails specifically stated the IP and that we were blacklisted.  These 2 domais i just stated time out (i force them to time out with a NDR in ESM) with an error
 
            You do not have permission to send to this recipient.  For assistance, contact your system administrator.
            <Server.domainK #4.7.1 smtp;450 4.7.1 <Server.Domain>: Helo command rejected: Host not found>


 

I will give it a read. Im just glad it not saying the IP is blocked.

Are there any other sites I should utilize to check if we are on a RBL? MXtoolbox was saying we were okay (very early this morning), while at the same time another site we were listed.

mxtoolbox does list Tiopan though. This sucks, its like i'm at their mercy.

I was on Tipoan about a month ago - I tried to email them and got a bounce back - I emailed them from Hotmail and got bounced back.
I ignored them and had no problems and they eventually dropped my IP off their lists.
I had an authenticated relay atack from a compromised account.  As soon as I had isolated the problem account, and changed the password I started to get off the Blacklists (some by request), but Tiopan was not one that I could do anything about.
If you are clear on the rest and mail is flowing freely - ignore the Tiopan listing and you will drop off it after a while.

Perhaps this is extreme, but would it be worth forcing all users to change their passwords?  I think we got the correct pc,.... But won't know unless it happens again

Such a slow email day. The queue was not packed , and I believe some domains were getting through.

Most emails just bounced back right away, and were not in the ram queue

Some items were leaving the server

Okay - then my last link should help you.
Also, as you only have 40 users - it would be advisable to change ALL passwords, including Administrator.
Do a good search through AD for all Users and make sure you change the lot.

Very difficult issue to troubleshoot. The tips from these experts helped out a lot!