Solved

spamcop blacklisted me, why?

Posted on 2008-06-16
7
234 Views
Last Modified: 2010-04-18
Last week I was blacklisted by spamcop. They sent me the following details as explanation stating my email server was sending out spam:

Received: from mailserver.server.com (HELO
82.80/29.177.152.12.in-addr.arpa) (12.152.177.82)
   by [trap servername] with SMTP; 13 Jun 2008 14:xx:xx -0600
From: "Rosa Massey" <x@x>
Subject: Luxury
Date: Fri, 13 Jun 2008 12:xx:xx -0800

Can someone make sense of this info?
0
Comment
Question by:lenivan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 7

Accepted Solution

by:
Raymond Jansen earned 500 total points
ID: 21796056
Could be a trojan on the network. Scan with your virus scanner, cc-cleaner, trojan hunter. Best to scan in safe mode.

0
 
LVL 25

Expert Comment

by:kieran_b
ID: 21799106
I agree with r-jansen, I find checking the firewall for which machines are generating traffic on port 25 to be faster though
0
 
LVL 7

Expert Comment

by:Raymond Jansen
ID: 21800194
True kieran_b, I always block all port 25 traffic except from the server. Could help also.

But of course this does not take away the problem. All machines still needs to be checked.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 25

Expert Comment

by:kieran_b
ID: 21800227
>>All machines still needs to be checked.

I agree, my point was that the logs will tell you what machine is infected.  If you have 1000 machines, manual checking is impractical
0
 
LVL 2

Expert Comment

by:dualarrow
ID: 21818646
Another possibility is your server is an open relay. If thats the case, then it doesn't take long for spammers to find you and flood spam out of your server (I know this from 1st had experience).

Try going to an open relay test site like http://www.abuse.net/relay.html and put in your details.
0
 
LVL 25

Expert Comment

by:kieran_b
ID: 21818659
The askers IP address is there to test yourself - and it is not an open relay.
0
 

Author Comment

by:lenivan
ID: 21823588
Turned out to be a virus on one a machine a user brought into my network. The machine was removed and the problem went away.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sharing Contact Lists with external users 2 25
exchange 2007 , mailbox 3 32
Moving on from sbs 2008... 36 71
Offline address book Exchange 2010 Warning 30 24
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Find out what you should include to make the best professional email signature for your organization.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question