Jump to content


  • Posts

  • Joined

  • Last visited

GSTVHenry's Achievements


Newbie (1/6)



  1. Thanks Rick, We set up separate Admin accts from User accts and other than the extreme annoyance of them harassing me for every update, printer install, etc, things are fine there. We also have a default image so if their system is acting up too much, it's reimage time. Now if only M$ gave us a decent email system instead of Entourage I'd be a happy camper.
  2. Not to interrupt the "food fight", we seem to be off all lists but one, they're asking for 50 pounds to remove us. Most mail is routing but we're still having a few issues with certain recipients: #5.5.0 smtp;550 #5.7.1 Your access to submit messages to this e-mail system has been rejected. We have our open 'guest' wireless on Comcast broadband while our corporate wireless is authenticated via WPA-2 using AES on a different ISP. I remember reading something in the FAQ's that this isn't caused by Spamcop and I'm checking PTR records w/ our ISP. I'm going to check w/ some of the recipients' ISPs also. Thanks for all the help gang. Derek is right in some points, I have a bit to learn.
  3. Thank you SCadmin, A friend who is a CCNP told me to alter my firewall rule around the same time because I had the source port 25. I understand that my goal should be finding the offending machine and it most definately is, I just wanted to close any other holes while I'm at it. The firewall change and the reasoning behind it has been added to my knowledgebase. Have any of you experienced Mac spambots, 60% of the company is macs and 75% of them are very ... inexperienced with the OS and safety measures? I don't want to overlook anything. Thanks again all...
  4. Thanks Steve, I ran Malwarebytes, Spybot S&D, and Microsoft Malicious Tool on all our servers and the worst I found was a few cookies. Is anyone aware of a Mac spambot or Mac spambot checker? We run Sophos antivirus on the macs and everyone is up to date and clean. Something else of interest, the blocking of port 25 on the firewall occured [at] 11PM EST 3/05. The time in the evidence posted by Derek would fall around ~9:20PM EST 3/05. I also noticed that we have significantly dropped on Senderbase's score. Magnitude Vol Change vs. Last Month Last day 3.2 34% Last month 3.1
  5. I am aware that we are still having issues and this wasn't a request to remove me from the blocklist. I was merely hoping someone in the community would have an idea where I should continue the search for a solution. After making the changes above, I requested delisting, prematurely as I now see. Derek, I agree, I may not be the best person for the job but I desperately need assistance and anything would help.
  6. Sometime on Wednesday, we got block listed by several companies including Spamcop. Senderbase report for states: Magnitude Vol Change vs. Last Month Last day 3.7 337% Last month 3.1 Below are the steps taken in an attempt to resolve the issue: - Blocked smtp traffic on all machines except the MS 2003 SBS server. I tested that only the server that hosts exchange can get out on port 25. - Logs on the Cisco ASA do not reveal anything relevant. - Ran Spybot S&D, Malware Bytes, and Microsoft's Malware tool on all applicable machines (Macs and PCs). A few had a virus or 2 but nothing significant. - Updated servers to the latest patches. - We're not an open relay. CBL states the following: What perplexes me is that if I've blocked smtp traffic, how could a bot/trojan still continue to spam out? Thanks in advance, I apologize for if I am lacking any detail. Thanks in advance...
  • Create New...