Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

spam being sent from my email address domain

Posted on 2014-07-22
4
Medium Priority
?
962 Views
Last Modified: 2014-08-05
Hi,

the following email was sent from the email account today :


Could not deliver message to the following recipient(s):

Failed Recipient: travelbysuzanne@aol.com
Reason: Remote host said: 421 4.2.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html

-- The header and top 20 lines of the message follows --

Received: from runningprofiles.com (pool-62-172-16-186.telecel.com.py [186.16.172.62]) by HV18ACCU1351.runningprofiles.com with SMTP;
Mon, 21 Jul 2014 14:37:42 +0100
Subject: From: Lawrence Weitzner
From: "Lawrence Weitzner"
Content-Type: multipart/alternative;
boundary=Apple-Mail-920D2322-FF78-4683-A0E4-B4A40A40EBD1
X-Mailer: iPhone Mail (9B206)
Message-Id: <5B8A95E3-A68A-461E-8BB7-719BAE4E86AF@runningprofiles.com>
Date: Mon, 21 Jul 2014 15:37:39 +0200
To: "travelbysuzanne@aol.com"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)


--Apple-Mail-920D2322-FF78-4683-A0E4-B4A40A40EBD1
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii




Sup


http://naijaleaks.org/wp-content/uploads/wysija/themes/UoTZVswsXM/build.php=
?wdrcpeyspg2744ucadk


Lawrence Weitzner


--Apple-Mail-920D2322-FF78-4683-A0E4-B4A40A40EBD1

How can i stop this happening as its sent around 100 emails with alot bouncing back into my inbox.
0
Comment
Question by:runnerjp2005
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
Dirk Mare earned 1600 total points
ID: 40211177
1st, Check if your domain is not blacklisted..
http://mxtoolbox.com/

2nd, Run the MXtoolbox test to test your mail server to see if it is an open relay..
http://mxtoolbox.com/diagnostic.aspx

If you are blacklisted it means your server is either a open relay which you can test with the second link fix this before attempting to remove the blacklists. If you are not an open relay you probably have a virus or trojan that is sending spam emails.. scan all your workstations for viruses or locate the infected PC using network sniffing tools such as Wireshark..

DirkMare
0
 

Author Comment

by:runnerjp2005
ID: 40211229
Hi Dirk - thanks for the great information.

I seem to be blacklisted on these two areas:


Blacklist      Reason      TTL      ResponseTime      
 LISTED      BARRACUDA      173.248.136.249 was listed  Detail      865      312      Ignore
 LISTED      ivmSIP      173.248.136.249 was listed  Detail      2100      125      Ignore

and this on second link


Test      Result      
      SMTP Banner Check      Reverse DNS FAILED! This is a problem.       More Info
      SMTP TLS      Warning - Does not support TLS.       More Info
      SMTP Transaction Time      16.957 seconds - Not good! on Transaction Time       More Info
      SMTP Connection Time      0.702 seconds - Good on Connection time      
      SMTP Open Relay      OK - Not an open relay.

not sure what blacklisting is or what to do?
0
 
LVL 16

Expert Comment

by:Dirk Mare
ID: 40211246
Blacklisting means your exchange server is being blacklisted on the internet because some or all of your PC are sending SPAM from your network.

You need to find the infected PC and remove the trojan or virus from that machine. Make sure all your computers and servers have up to date with antivirus and malware protection ensure the firewall is properly configured and working.

You can download bitdefender rescue disc or Kaspersky rescue disc download the ISO file and burn to CD, boot your computer from the CD, update the definitions and scan your PC.

Make sure you remove the virus from the infected machine before you request the removal of your domain blacklist.

An excellent explanation can be found here.
http://www.inmotionhosting.com/support/email/email-troubleshooting/why-do-mail-servers-get-blacklisted

DirkMare
0
 
LVL 8

Assisted Solution

by:S_K_S
S_K_S earned 400 total points
ID: 40217016
Another additional step in case we are able to identify a virus infected machine. Have the user using that machine change his\her password.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook undoubtedly is the most widely used email client.Its user-friendliness, cost effectiveness, and availability with Microsoft Office Suite make it the most popular email application.  Its compatibility with Microsoft applications like Exch…
A few solutions to a problem some of us have been having when trying to add Hostgator email accounts to Outlook 2016 (will probably work with Outlook 2013 as well).
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question