Everything posted by chrisa1967
Thanks for that Telarin. It's an interesting scenario because part of our site is office space we rent out. Those users bypass all of our network apart from the ISA box. I think we will probably physically segregate the two parts in the future and operate them as different networks but in the meantime a different IP is now top of my to do list. We had trouble spotting the spammer because it turns out he was using a laptop and didn't come in until this afternoon. So no serious outbound SMTP traffic until he walked in and then it went bonkers! Thanks again.
We have an Exchange server behind an ISA server and it is the address of the ISA box that is blacklisted. Causes of listing System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop) SpamCop users have reported system as a source of spam less than 10 times in the past week Additional potential problems (these factors do not directly result in spamcop listing) DNS error: 126.96.36.199 has no reverse dns Part of our network is used by computers we have no control over and I suspect one or more of them has a virus. I cannot block SMTP for everything except our mail server because many of these machines mail out directly using SMTP / POP3. What I am looking for is any help you could offer in tracking down the offending machine(s) Many thanks.
Thanks for the help. We have found the guilty party and we have removed eight trojans from the machine! I have recently taken on this network and it looks like we need to segregate the bits we don't have control over ASAP. Cheers!