We help IT Professionals succeed at work.

Blacklisting is becoming a problem

markrn
markrn asked
on
505 Views
Last Modified: 2013-11-29
I have 1 corporate office and 8 remote locations. The corporate office has approx 12 Xp boxes. The remote locations have 2-4 Boxes. Our email is hosted by AT&T (Neomail). We use a combination of outlook and outlook express set up for pop3. DSL internet connections with NAT.

I currently have 3 seperate locations (IP's) that are blacklisted. 2 locations have been blacklisted numerouse times. All of the computers have antispyware and antivirus protection(mostly the free stuff). Each time a location gets blacklisted, I either run the scans and find the bugs or re-image completely. We come off the blacklist for a month or so then get blacklisted again.

Do most spambots come via spam emails? I know it is my responsibility to keep my boxes clean but does the hosting mail server have some responsibilty in this also? If so, what can I resonably expect from them?  Does anyone know of a way to narrow down the exact box that is spamming?

This is a small retail chain and IT budget is limited to non existent. I would greatly appreciate some advice.

Thanks!
Comment
Watch Question

Do you have MalwareBytes Anti-Malware (www.malwarebytes.org) installed?? Try a scan with that to being with. Trend Micro RUBotted is also another tool, but its in beta phase, so false positives are likely.

http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted

Hope it helps.

Author

Commented:
Thanks for the reply Warturtle!

I do use Malwarebytes. Cleaning the boxes isn't so much my problem as finding a pemanent solution (if there is one). I can get them cleaned but after a month or two we end up back on the blacklists. I am looking for an inexpensive way to stop the infections BEFORE they happen.
What internet security programs do you use? AVG??

Author

Commented:
Warturtle,

We used to use Trendmicro Intenet Security. We were blacklisted twice within a 6 month period while we had Trend Micro active. It has since expired but we have not renewed because it didn't seem to help so we have no current internet security at the moment. I have Clamwin that runs nightly and I have the aforementioned Malwarebytes. I also have superantispyware installed as well as Spybot. Most machines also have the free zonealarm firewall. On computers that do not need email I use port blocker to block port 25.

We still end up getting infected and blacklisted ever so often.

Thanks!
Clamwin isn't something that will protect your computers effectively because it doesn't include real-time protection, so if you get a virus now and your scan in the night doesn't pick it up then you have a big problem in your hands.

I suggest moving to another vendor like Kaspersky. It has the highest rates of detection and comes with an administration kit allowing you to monitor the whole network effectively and see security logs from different computers as well.

I am not sure if ZoneAlarm free firewall is actually free for corporate use, I suggest reading the license terms properly and getting an enterprise security solution to protect your organisation.
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Moorhouselondon,

Good suggestion that I am sure would work. They will not use any other port other than 25 for smtp traffic. I have talked to another mail server provider who will. Accepted solution.

Thanks!

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.