Jump to content

[Resolved] IP 72.74.252.9 blocked


Recommended Posts

We've already requested a de-listing a couple times recently, so I had to file a dispute. I'm hoping I might be able to speed the process along.

We're an outsourced IT company that was brought in last week to help the organization at 72.74.252.9. They were in miserable shape with no up-to-date antivirus software or security patches.

We rolled out antivirus software and security patches and did full system scans of all of their PCs, and removed many malware threats. At that point we thought they were safe so we de-listed them again.

After getting blacklisted again today, I was finally able to locate the offending machine on the network. It was sending out spam on random intervals so it was difficult to locate. They have a switched network which makes Wireshark difficult to use. I finally found suspicious SMTP traffic in their firewall log. I ran netstat on the machine to verify and also ran Wireshark on the machine and saw the traffic.

We have re-imaged the machine and I have been checking the firewall logs regularly this morning to be sure no more SMTP traffic is being sent.

Is there anything you can do to get us off the blacklist sooner?

Thanks!

Link to comment
Share on other sites

...Is there anything you can do to get us off the blacklist sooner?
Mostly just users here but if SC Admin drops by he might be able to say - I'm guessing it would be he who would handle the dispute listings in any event. 72.74.252.9 is due to time off the list in 15 hours at this point. Thanks for helping them clean up their systems.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...