Jump to content

Lollercoaster

Members
  • Content Count

    9
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Lollercoaster

  • Rank
    Newbie
  1. Lollercoaster

    Can't understand why I've been "blocked"

    Interesting stuff. That doesn't seem correct at all.
  2. Lollercoaster

    Can't understand why I've been "blocked"

    Yes, after doing the appropriate reasearch I pulled the plug on the offender quite some time ago actually. I seem to have been de-listed from the SmapCop block list. I don't know what's up with Senderbase though, as it appears to refresh its data rather slowly.
  3. Lollercoaster

    Can't understand why I've been "blocked"

    I believe there is something like this in place. I will look into it. What can I say? I learn fast, especially when people are depending on you for answers. I'll have to make sure that in the future I am not so lax when checking out new virus threats. lol, no kidding. It makes us look like a bunch of sex perverts when it's coming from our system.
  4. Lollercoaster

    Can't understand why I've been "blocked"

    I already scanned my Windows Servers and network drives for any malware, and they came up clean, thankfully. I'm going to do a search around the building here though to make sure it hasn't spread elsewhere. It doesn't hurt to make sure.
  5. Lollercoaster

    Can't understand why I've been "blocked"

    Haha, some interesting stuff here. I checked out my firewall logs, and the day the incident happened, August 2, I had 5666 firewall hits logged as opposed to the average of about 500 I get on a regular day. In addition, many of them were using port 25 to complete the transaction. So yes, indeed there was a system behind my firewall that was causing havoc. After a bit of investigation I found out that someone had been in my office over the long weekend, and had used the Dell PC I usually use as the print server for my color copier, and managed to download a whole bunch of trojans onto it. I obviously noticed a little too late. I did a scan on the computer and there was upwards of 40 instances on there, many of them "Mail bombers" and "Mail flooders". The good thing is is that before I left last night I unplugged the system's patch cable from ethernet port, and since then the my spam cop listing is counting down the hours till the IP is realeased. 7 approximately. Hopefully this computer was the zombie, which in all probability it was. This is why I like using a Mac! On another interesting note, while the mail is blocked right away from being sent out, it seems to hang out in the outbox for 10-15 minutes and then go out properly.
  6. Lollercoaster

    Can't understand why I've been "blocked"

    Well, I'm a cable monkey more or less. I was the one who set up the network infrastructure in this organization more or less by running all the Cat5 through the building, placing patch panels and hubs, et cetera et cetera, as well as setting up our file share servers and firewall. However, you are right when you say I don't exactly have the greatest amount of expertise when it comes to internet security. For example, I know how to administer Qmail, and that's about it. I'm slowly learning more and more about it as issues arise. However, as a non-profit organization, hiring someone is out of the question. And in these parts, people that are "experts" on the situation are probably non-existent. The reason I'm asking these questions is because I can't become more well versed in internet security if I don't try to do the research needed to solve these problems myself.
  7. Lollercoaster

    Can't understand why I've been "blocked"

    Is there a type of trojan or virus that can essentially "zombify" a PC? It's interesting that you mention systems in China, considering my IPCop logs showed IP addresses apparently listed somewhere in China. I mean, the 209.53.184.21 is the IP address assigned to the "Red Interface" on my IPCop firewall. Since this happened so suddenly, I already have an idea of what computer possibly could have contracted this horrible plague. A computer doesn't necessarily have to have an e-mail account set up to propegate spam if "zombified" does it?
  8. Lollercoaster

    Can't understand why I've been "blocked"

    Alright... Well, thanks for the wall of text...I guess. Doesn't exactly give me much of an idea of what I have to do to rectify this problem, however.
  9. Hello everyone. I'm new here, and am new the to game of spam "block lists" seeing as this is the first time something like this has happened. I have a network at a rather large non-profit organization here in Canada. We use a Qmail mail server with Telus as our ISP for both internet and our e-mail server. Our domain is www.pgnfc.com The thing is, nobody within my network can now send e-mail from their computer! I get the message you describe in your FAQ when trying to send mail, in which I was directed to the page to look up a "blocked" IP. It gave me this information: 209.53.184.21 listed in bl.spamcop.net (127.0.0.2) If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 19 hours. Causes of listing System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop) Additional potential problems (these factors do not directly result in spamcop listing) System administrator has already delisted this system once Because of the above problems, express-delisting is not available Listing History System has been listed for less than 24 hours. Dispute Listing If you are the administrator of this system and you are sure this listing is erroneous, you may request that we review the listing. Because everyone wants to dispute their listing, regardless of merit, we reserve the right to ignore meritless disputes. Dispute listing of 209.53.184.21 In the "TraceIP" section it lists this: Parsing input: 209.53.184.21 host 209.53.184.21 = m184-21.pgnfc.com. (cached) Reporting addresses: abuse[at]telusplanet.net I tried using the "delist address" option once, but apparently it just blocked me again! Does anyone have any suggestions on what I can do? It is a very annoying issue that needs to be solved. If you need more information to help me, please let me know what you need, and I will get it for you. Any help will be greatly appreciated.
×