Solved

spamcop blacklisted me, why?

Posted on 2008-06-16
7
232 Views
Last Modified: 2010-04-18
Last week I was blacklisted by spamcop. They sent me the following details as explanation stating my email server was sending out spam:

Received: from mailserver.server.com (HELO
82.80/29.177.152.12.in-addr.arpa) (12.152.177.82)
   by [trap servername] with SMTP; 13 Jun 2008 14:xx:xx -0600
From: "Rosa Massey" <x@x>
Subject: Luxury
Date: Fri, 13 Jun 2008 12:xx:xx -0800

Can someone make sense of this info?
0
Comment
Question by:lenivan
7 Comments
 
LVL 7

Accepted Solution

by:
Raymond Jansen earned 500 total points
ID: 21796056
Could be a trojan on the network. Scan with your virus scanner, cc-cleaner, trojan hunter. Best to scan in safe mode.

0
 
LVL 25

Expert Comment

by:kieran_b
ID: 21799106
I agree with r-jansen, I find checking the firewall for which machines are generating traffic on port 25 to be faster though
0
 
LVL 7

Expert Comment

by:Raymond Jansen
ID: 21800194
True kieran_b, I always block all port 25 traffic except from the server. Could help also.

But of course this does not take away the problem. All machines still needs to be checked.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 25

Expert Comment

by:kieran_b
ID: 21800227
>>All machines still needs to be checked.

I agree, my point was that the logs will tell you what machine is infected.  If you have 1000 machines, manual checking is impractical
0
 
LVL 2

Expert Comment

by:dualarrow
ID: 21818646
Another possibility is your server is an open relay. If thats the case, then it doesn't take long for spammers to find you and flood spam out of your server (I know this from 1st had experience).

Try going to an open relay test site like http://www.abuse.net/relay.html and put in your details.
0
 
LVL 25

Expert Comment

by:kieran_b
ID: 21818659
The askers IP address is there to test yourself - and it is not an open relay.
0
 

Author Comment

by:lenivan
ID: 21823588
Turned out to be a virus on one a machine a user brought into my network. The machine was removed and the problem went away.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question