Jump to content

andreguerreiro

Members
  • Content Count

    10
  • Joined

  • Last visited

Everything posted by andreguerreiro

  1. andreguerreiro

    I need my IP off the BlackList ASAP

    I really believe it was SenderBase taking too long to update their stats... As I said, no computer was spewing spam today, as I confirmed during the afternoon (my afternoon, GMT). True, as indeed there was spam going out from this IP. Your analogy is correct. Although the computer may still be sending spam (it is not, as it is offline now), it now isn't allowed to pass through the firewall. DNS is externally managed, and I wasn't aware of that (I became aware during today). Well, the server is there, traffic is so low because it's the weekend, and we're a small company, so the "very little traffic" part should be true. We recieve a whole lot more mail than we send. This server has been online for more than a year, so "almost immediately" seems untrue. Cleaned isn't the exact word... It was taken offline to be reinstalled first thing Monday, so the end result will be the same And you are welcome as to me taking the time, though I would always take it, as the one responsible for all this mess was me (for not having the firewall rule in the first place, not for the infected computer: that was a naive user).
  2. Hi My IP ( 194.79.71.78 ) was (rightly) blacklisted, because of a spam attack. After finding the culprit and dealing with that issue, I need my IP off your blacklist ASAP, don't know if anyone can help me. Can't really afford to wait up to 24 hours (I need it up yesterday ). Is this a possibility?
  3. andreguerreiro

    I need my IP off the BlackList ASAP

    I did find the trojan running on a PC on the network, but I found it before opening this thread. The problem didn't "fix itself", I found the PC running the trojan and removed it from the network immediately after finding it. That's what fixed it. After that, it apparently took a while longer than usual for SenderBase to update its stats, which originated some concerns as to whether or not it was really fixed. I was also concerned it wasn't somehow REALLY fixed, so I double-checked: I checked the e-mail (Exchange) server and confirmed it wasn't sending mails, nor was an open relay, leaving the door open to spammers; I then put a packet sniffer on my network to see if any other PC was sending e-mails and saw that no PC was sending none whatsoever. I was then confident the problem was really fixed and, after a few hours, the SenderBase stats confirmed it, and I was off the blacklist. I then added the firewall rule to prevent this situation from ever happening again: the only computer with permission to send outgoing connections on port 25 is our mail server, so, if another computer on the network was to be infected, this wouldn't happen again. I hope I made it clear Cheers, and, once again, thank you all!
  4. andreguerreiro

    I need my IP off the BlackList ASAP

    Report on IP address: 194.79.71.78 Volume Statistics for this IP Magnitude Vol Change vs. Last Month Last day 0.0 N/A Last month 2.1 Looks solved now, right? Meanwhile, I'm off the BL and sending nicely to every recipients BTW, after checking the mail server and confirming HE wasn't sending an abnormal quantity of mails, I put a packet sniffer in the network to try to find who was sending mails, and... no one was. Guess it was just a freak ocurrence with the stats update in SenderBase, or something. Since the opening of this thread, I did, in fact, do nothing to solve the problem, as it WAS fixed. Basically, someone got infected by a trojan that sent the aforementioned spam. Meanwhile, I edited the firewall policy to only accept outgoing connections to port 25 from our server, that should avoid this ever happening again... Thank you all for your help
  5. andreguerreiro

    I need my IP off the BlackList ASAP

    :\ I'm going to re-check it, then. Sorry for all your troubles, and thanks for all your help
  6. andreguerreiro

    I need my IP off the BlackList ASAP

    Yes, I have followed the very valuable and much appreciated advice given here. I have, however to contact my ISP in order to get delisted, and I am not confident on the results (it's 8 PM here). As for 194.79.71.178: I'm happy to say I'm not responsible for that IP
  7. andreguerreiro

    I need my IP off the BlackList ASAP

    I had already checked, and yes, I was listed at CBL, but after asking for removal (after the problem had been solved), I can now send to addresses that were using that blacklist. Apparently, though, SpamCop is somewhat popular, and while i was able to solve the problem for a few e-mail servers, most are still giving me problems
  8. andreguerreiro

    I need my IP off the BlackList ASAP

    Yes, I have followed those links and verified that there was indeed a spam problem in my organization. However, as I stated, the spam problem was solved, since then. Hence the removal request
  9. andreguerreiro

    I need my IP off the BlackList ASAP

    Yes, I tried that, but unfortunately, the e-mails presented in that form do not belong to me, they all belong to my isp (novis.pt).
  10. andreguerreiro

    I need my IP off the BlackList ASAP

    Tyvm for the fast reply, but what I was really asking was if there was an unautomated way to remove me from that list... I guess not, right?
×