Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Blacklisting is becoming a problem

Posted on 2009-05-04
7
Medium Priority
?
428 Views
Last Modified: 2013-11-29
I have 1 corporate office and 8 remote locations. The corporate office has approx 12 Xp boxes. The remote locations have 2-4 Boxes. Our email is hosted by AT&T (Neomail). We use a combination of outlook and outlook express set up for pop3. DSL internet connections with NAT.

I currently have 3 seperate locations (IP's) that are blacklisted. 2 locations have been blacklisted numerouse times. All of the computers have antispyware and antivirus protection(mostly the free stuff). Each time a location gets blacklisted, I either run the scans and find the bugs or re-image completely. We come off the blacklist for a month or so then get blacklisted again.

Do most spambots come via spam emails? I know it is my responsibility to keep my boxes clean but does the hosting mail server have some responsibilty in this also? If so, what can I resonably expect from them?  Does anyone know of a way to narrow down the exact box that is spamming?

This is a small retail chain and IT budget is limited to non existent. I would greatly appreciate some advice.

Thanks!
0
Comment
Question by:markrn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 16

Expert Comment

by:warturtle
ID: 24296165
Do you have MalwareBytes Anti-Malware (www.malwarebytes.org) installed?? Try a scan with that to being with. Trend Micro RUBotted is also another tool, but its in beta phase, so false positives are likely.

http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted

Hope it helps.
0
 

Author Comment

by:markrn
ID: 24296235
Thanks for the reply Warturtle!

I do use Malwarebytes. Cleaning the boxes isn't so much my problem as finding a pemanent solution (if there is one). I can get them cleaned but after a month or two we end up back on the blacklists. I am looking for an inexpensive way to stop the infections BEFORE they happen.
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24296288
What internet security programs do you use? AVG??
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 

Author Comment

by:markrn
ID: 24296376
Warturtle,

We used to use Trendmicro Intenet Security. We were blacklisted twice within a 6 month period while we had Trend Micro active. It has since expired but we have not renewed because it didn't seem to help so we have no current internet security at the moment. I have Clamwin that runs nightly and I have the aforementioned Malwarebytes. I also have superantispyware installed as well as Spybot. Most machines also have the free zonealarm firewall. On computers that do not need email I use port blocker to block port 25.

We still end up getting infected and blacklisted ever so often.

Thanks!
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24296469
Clamwin isn't something that will protect your computers effectively because it doesn't include real-time protection, so if you get a virus now and your scan in the night doesn't pick it up then you have a big problem in your hands.

I suggest moving to another vendor like Kaspersky. It has the highest rates of detection and comes with an administration kit allowing you to monitor the whole network effectively and see security logs from different computers as well.

I am not sure if ZoneAlarm free firewall is actually free for corporate use, I suggest reading the license terms properly and getting an enterprise security solution to protect your organisation.
0
 
LVL 31

Accepted Solution

by:
moorhouselondon earned 2000 total points
ID: 24298301
I take it that you are touting your outgoing emails through AT&T's SMTP server?

What I would recommend is that you setup all of your Firewalls to Block all Port 25 Outgoing traffic.  Before doing this, find out from AT&T which Port they will accept SMTP traffic from you on (something like Port 587, but you need to contact them to find out for definite).  Set this alternative Port up in Outlook and Outlook Express in the SMTP Server settings.
0
 

Author Comment

by:markrn
ID: 24325282
Moorhouselondon,

Good suggestion that I am sure would work. They will not use any other port other than 25 for smtp traffic. I have talked to another mail server provider who will. Accepted solution.

Thanks!
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question