Solved

Resolving Blacklisting Issues

Posted on 2016-09-14
4
25 Views
Last Modified: 2016-10-03
Our company recently encountered a blacklisting of our domain due to a certain computer or computers sending out bad information.  I've since run Malwarebytes on all computers but have no idea which computer would have been the cause of the issue.  My questions are as follows:

1) Is there a utility or method I can use to determine which PC or PCs had caused the blacklisting problem?
2) How do I know if the problem has actually stopped so we can be de-listed for good (in addition to the obvious of informing employees of the normal cautions when on the internet)
3) Will obtaining a premium version of Malwarebytes for all computers stop this from happening again in the future?

Any suggestions?
0
Comment
Question by:rsaba
4 Comments
 
LVL 94

Accepted Solution

by:
John Hurst earned 200 total points (awarded by participants)
ID: 41797938
1. You probably cannot find that.
2. You need to make sure the computers are clean and then check the traffic out of each one. Simple approach: Look at the Windows Network Card status.
3. I use my own AV and then supplement with Malwarebytes as needed. You do not want both running at the same time., so scan with Malwarebytes and then full scans with your own AV.

Then go back your ISP and attempt to get of the Blacklist.
You can also appeal to Spamhaus to help you.
0
 
LVL 16

Assisted Solution

by:Dirk Mare
Dirk Mare earned 175 total points (awarded by participants)
ID: 41798070
Check that your exchange server or email relay is not an open email relay that can be used by anyone on the internet.

I agree with John use a network analyzer between your network equipment and your internet router and monitor activity on port 25
Wireshark is a nice tool or if you have access to your router (depends on the router) you can monitor traffic on your network port and get IP address that sending data to port 25

Use mxtoolbox.com to test health of your exchange server and check for blacklists you can also use trend micro rbl
https://ers.trendmicro.com/reputations

DirkMare
0
 
LVL 7

Assisted Solution

by:harryhelp
harryhelp earned 125 total points (awarded by participants)
ID: 41798143
Have you had Cryptolocker or anything similar recently? I've seen cases in the past where a security firm had identified that a computer behind our IP had Crypto and therefore blacklisted us...
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Article by: Dermot
The life of crime is over for 22 year-old Christian Ian Salvador, a student from Isabela State University in the Philippines.
This Micro Tutorial demonstrates  how Internet marketers work with competitive analysis data, and a common task in data preparation is creating separate column for domains. You will then extract from a list of URLs.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question