Jump to content

darkhelmet46

Members
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About darkhelmet46

  • Rank
    Newbie
  1. darkhelmet46

    [Resolved] IP 72.74.252.9 blocked

    Ok, thanks anyway.
  2. We've already requested a de-listing a couple times recently, so I had to file a dispute. I'm hoping I might be able to speed the process along. We're an outsourced IT company that was brought in last week to help the organization at 72.74.252.9. They were in miserable shape with no up-to-date antivirus software or security patches. We rolled out antivirus software and security patches and did full system scans of all of their PCs, and removed many malware threats. At that point we thought they were safe so we de-listed them again. After getting blacklisted again today, I was finally able to locate the offending machine on the network. It was sending out spam on random intervals so it was difficult to locate. They have a switched network which makes Wireshark difficult to use. I finally found suspicious SMTP traffic in their firewall log. I ran netstat on the machine to verify and also ran Wireshark on the machine and saw the traffic. We have re-imaged the machine and I have been checking the firewall logs regularly this morning to be sure no more SMTP traffic is being sent. Is there anything you can do to get us off the blacklist sooner? Thanks!
×