Jump to content

Take our Domain off your blacklist.


Deaton

Recommended Posts

To Whom it May Concern,

Please remove our global IP address (63.162.227.68) from your blacklist. I believe you have blacklisted this address in error. We are NOT spammers. We do not use this address for email at all and have tested all of our public addresses for open relay sources. There are none. I've also checked the network for any viruses that may be using an SMTP engine and there are none. This address has no Pointer record because it is not used for email. I use 63.162.227.66 for email and, if you check, you will see that it does have a pointer record.

I thank you for the valuable service you provide (we use your blacklist ourselves) but I feel that this listing was made in error.

Regards,

David Eaton

Link to comment
Share on other sites

63.162.227.68 listed in bl.spamcop.net (127.0.0.2)

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

Additional potential problems

(these factors do not directly result in spamcop listing)

DNS error: 63.162.227.68 has no reverse dns

Listing History

It has been listed for 26 hours

Link to comment
Share on other sites

Doesn't look like an error. No one called you a spammer, you are listed for sending mail to spamtraps. These spamtraps have not requested anything from your server.

Either your machine is compromised or you are rejecting mail to the from address which you should not be doing.

Are you sending virus notifications to the from address?

Link to comment
Share on other sites

Thanks. I've seen this information already. That's why I feel spamcop listed me in error. I couldn't have sent mail from 63.162.227.68 as this address doesn't even accept connections on port 25. I have no plans to add pointer records to this address. It's just a global address.

Link to comment
Share on other sites

Also, if you contact deputies<at>spamcop.net, they may be able to tell you more about what is hitting the spamtraps, but if that IP is not a server, it would lead to either a virus or a security breach. Do you have firewall logs to see if any SMTP traffic left that machine?

Link to comment
Share on other sites

I couldn't have sent mail from 63.162.227.68 as this address doesn't even accept connections on port 25.  I have no plans to add pointer records to this address.  It's just a global address.

Do you mean that it's the IP address for a bunch of computers behind a firewall? If so it sounds like you've got a compromised box on your network somewhere.

Link to comment
Share on other sites

Thanks Steven,

That IP is not a server, it's just a firewall address for a private network. I will start checking my firewall logs now and send an email to deputies for more information.

Chris, it does sound like a compromised box. Thanks.

Can anyone recommend good network monitor software that can scan for smtp traffic?

Thanks all!

Link to comment
Share on other sites

Can anyone recommend good network monitor software that can scan for smtp traffic?

On your firewall you might want to block outbound traffic on port 25 from all machines except your mail server.

You'll want to run windows updates on all your machines as well as the latest virus software. If you find a machine that cannot download the most recent definitions then you've likely found the compromised box.

I believe there is a demo packet sniffer from sustworks that will run on a Windows box. Also a nice demo package is available from solarwinds.

Link to comment
Share on other sites

To Whom it May Concern,

Please remove our global IP address (63.162.227.68) from your blacklist.  I believe you have blacklisted this address in error.  We are NOT spammers. We do not use this address for email at all and have tested all of our public addresses for open relay sources.  There are none.  I've also checked the network for any viruses that may be using an SMTP engine and there are none. This address has no Pointer record because it is not used for email.  I use 63.162.227.66 for email and, if you check, you will see that it does have a pointer record.

I thank you for the valuable service you provide (we use your blacklist ourselves) but I feel that this listing was made in error.

Regards,

David Eaton

Delisted -- you can write to me at the address below for more details if you wish ...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...