[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

spamcop blacklisted me, why?

Posted on 2008-06-16
7
Medium Priority
?
242 Views
Last Modified: 2010-04-18
Last week I was blacklisted by spamcop. They sent me the following details as explanation stating my email server was sending out spam:

Received: from mailserver.server.com (HELO
82.80/29.177.152.12.in-addr.arpa) (12.152.177.82)
   by [trap servername] with SMTP; 13 Jun 2008 14:xx:xx -0600
From: "Rosa Massey" <x@x>
Subject: Luxury
Date: Fri, 13 Jun 2008 12:xx:xx -0800

Can someone make sense of this info?
0
Comment
Question by:lenivan
7 Comments
 
LVL 7

Accepted Solution

by:
Raymond Jansen earned 1500 total points
ID: 21796056
Could be a trojan on the network. Scan with your virus scanner, cc-cleaner, trojan hunter. Best to scan in safe mode.

0
 
LVL 25

Expert Comment

by:kieran_b
ID: 21799106
I agree with r-jansen, I find checking the firewall for which machines are generating traffic on port 25 to be faster though
0
 
LVL 7

Expert Comment

by:Raymond Jansen
ID: 21800194
True kieran_b, I always block all port 25 traffic except from the server. Could help also.

But of course this does not take away the problem. All machines still needs to be checked.
0
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

 
LVL 25

Expert Comment

by:kieran_b
ID: 21800227
>>All machines still needs to be checked.

I agree, my point was that the logs will tell you what machine is infected.  If you have 1000 machines, manual checking is impractical
0
 
LVL 2

Expert Comment

by:dualarrow
ID: 21818646
Another possibility is your server is an open relay. If thats the case, then it doesn't take long for spammers to find you and flood spam out of your server (I know this from 1st had experience).

Try going to an open relay test site like http://www.abuse.net/relay.html and put in your details.
0
 
LVL 25

Expert Comment

by:kieran_b
ID: 21818659
The askers IP address is there to test yourself - and it is not an open relay.
0
 

Author Comment

by:lenivan
ID: 21823588
Turned out to be a virus on one a machine a user brought into my network. The machine was removed and the problem went away.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What is the biggest problem in managing an exchange environment today? It is the lack of backups, disaster recovery (DR) plan, testing of the DR plan or believing that it won’t happen to us.
After a recent Outlook migration from a 2007 to 2010 environment, some issues with Distribution List owners were realized. In this article, I explain how that was rectified.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question