Jump to content

derrick.hansen

Members
  • Content Count

    8
  • Joined

  • Last visited

Community Reputation

0 Neutral

About derrick.hansen

  • Rank
    Newbie
  1. derrick.hansen

    virused hosts again!

    I am in the support dept at sun country cable which owns the blocked IP. The system administrator did find some old auto reply's that were getting hit with spam and bouncing. We killed those. Hopefully that was all. Yes the report for 208.98.210.10 was saying that there were 2 spamtrap hits since last night. I figured it was a virused host because I have had to shut down about 6 so far this week. most of the time they set up thier own mail server, but the odd time we get it going thru the mail server. The last time that happened the spamcop forums helped us conferm the source. I thought it may have been similar. So yeah, hopefully it was just the old auto-reply's.
  2. derrick.hansen

    virused hosts again!

    Hello, looks like a new wave of spaming viruses is going around. We have had our mail server; 208.98.210.10 blacklisted again. While we can shut down the hosts that are using thier own mail server to spam with, trying to find out who is spamming with our mail server is a little more dificult. Any of the spam warriors want to help us slay the virused host or hosts? We were hitting the spam traps so little info is given back.
  3. derrick.hansen

    ISP whitelists

    Lol oddly enough I understood his first post fine, but I am an expert at decifering the language of User-ese. That said: /nerd mode on/ Do not try the patience of spamcops, for they are suttle and quick to anger /nerd mode off/
  4. derrick.hansen

    recurring blacklist issues.

    Being a support person, who soaks up abuse from users daily, I would never dare sling hostility toward people that are in a position to help. Well, ok i might, But only if they really deserve it. *cough* AT&T blacklists *cough* NTL world.
  5. derrick.hansen

    recurring blacklist issues.

    wow you guys are good. That was the customer we shut down that was our prime suspect. This just validates our suspicion. Thanks for the help!
  6. derrick.hansen

    recurring blacklist issues.

    yes, we do recieve non-spamtrap reports to our abuse address which i have access to. I also have reports being sent to my personal address. we currently do not accept port 25 to our mail server from outside our network. It has been that way since before i was here. It helps. In this case I think this virus just hijacked this guys mail client and managed to work around our anti-spam rules eg. no more than 40 messages at a time, no more than 1000 per day.
  7. derrick.hansen

    recurring blacklist issues.

    Thanks. We think we found a virused host that at times had over 200 socks connections at once. We think this customer is the cause of our issues. I really hope that shutting this guy off keeps us off the blacklist. our customers are starting to get annoyed Yeah I was afeared that it might have been hiting the secret spam traps. Problem is that because they are secret there aint too much info provoided. IF this virused host was not doing it, i guess you will be hearing from me. Thanks for the help.
  8. derrick.hansen

    recurring blacklist issues.

    We are a smallish cable ISP, our mail server 208.98.210.10 has been on and off the blacklist for the last week like 5 times. we are listed again after we thought we resolved the issue. We thought one of our customers who is running an exchange server and using ours for outbound was having some bounceback messages nabbed by the spamtrap. We pinned that down. We have also found a couple virused hosts. they have been killed. was wondering if any of the paid members can see anything more detailed about what was getting us listed?
×