unidress Posted July 3, 2018 Share Posted July 3, 2018 Hello my domain ip 82.80.50.21 listed again this week. how i can see witch address send spam mails from my domain? in our PineApp Mail Secure system we check all outgoing mails. Link to comment Share on other sites More sharing options...
Lking Posted July 3, 2018 Share Posted July 3, 2018 Yes the IP is currently shown as being on the SCBL, https://www.talosintelligence.com/reputation_center/lookup?search=82.80.50.0%2F24 If no additional reports are received the IP will automatically come off of the block list. To make sure you understand, the IP address is listed, NOT your domain. If your outgoing email application shares the IP with other outgoing SMTP the offending email could be coming from one of those domains, not yours. Check with you ISP to find out if you share the IP with others. Of course what is spam is in the eye of the receiver not the sender. For example, PineApp Mail Secure would not flag a totally benign email sent to a spam trap. However, the email would could cause the IP to be blocked. Check with your ISP. The link above shows that the email volume has shown a 96% increase. Now a good sign. Someone is sending a lot of email. Link to comment Share on other sites More sharing options...
petzl Posted July 4, 2018 Share Posted July 4, 2018 On 7/3/2018 at 5:28 PM, unidress said: Hello my domain ip 82.80.50.21 listed again this week. how i can see witch address send spam mails from my domain? in our PineApp Mail Secure system we check all outgoing mails. https://www.spamcop.net/w3m?action=checkblock&ip=82.80.50.21 In the past 3.4 days, it has been listed 2 times for a total of 2.1 days compromised/forged web and or email accounts If Microsoft Windows Defender is available to you, use it Scan for Malware! THEN Change log-on to a more secure password-Phrase! > Link to comment Share on other sites More sharing options...
gnarlymarley Posted April 24, 2019 Share Posted April 24, 2019 On 7/4/2018 at 2:29 AM, petzl said: compromised/forged web and or email accounts If Microsoft Windows Defender is available to you, use it Scan for Malware! THEN Change log-on to a more secure password-Phrase! unidress, Also one quick note you might want to make sure your routers are also secure. I have seen email that actually came from a hacked router to my email account. Link to comment Share on other sites More sharing options...
Wilma Prinsloo Posted May 29, 2019 Share Posted May 29, 2019 Some servers block my emails because my domain / IP address is blocked on Spamcop. How can I rectify the problem? 554 5.7.1 Service unavailable; Client host [192.185.46.109] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?192.185.46.109 (in reply to RCPT TO command) Link to comment Share on other sites More sharing options...
Lking Posted May 29, 2019 Share Posted May 29, 2019 The IP will automatically be delisted in ~20 hrs when I looked. Did you follow the link https://www.spamcop.net/w3m?action=blcheck&ip=192.185.46.109 in the page you referenced? I would also suggest you contact your ISP to see if others share that IP. If so others could be the cause of the listing. In either case, you should review your operation. Link to comment Share on other sites More sharing options...
gnarlymarley Posted May 29, 2019 Share Posted May 29, 2019 37 minutes ago, Lking said: I would also suggest you contact your ISP to see if others share that IP. If so others could be the cause of the listing. In either case, you should review your operation. Wilma, I have also seen routers that had been hacked. You might always want to check your routers and IoT devices such as IP cameras. Anything that is sharing that same IP could have been used to send the unwanted email. Link to comment Share on other sites More sharing options...
petzl Posted May 29, 2019 Share Posted May 29, 2019 7 hours ago, gnarlymarley said: Wilma, I have also seen routers that had been hacked. You might always want to check your routers and IoT devices such as IP cameras. Anything that is sharing that same IP could have been used to send the unwanted email. Yeshttps://blog.mikrotik.com/security/winbox-vulnerability.html Been a few reports submited (you?) Submitted: 5/30/2019, 4:51:15 AM +1000: Ihr diskretes kleines Geheimnis 6962487765 ( http://qqi123.com/schiffer-ltd.php ) To: abuse@vultr.com 6962487764 ( 192.185.46.109 ) To: ipadmin#websitewelcome.com@devnull.spamcop.net 6962487763 ( 192.185.46.109 ) To: eig-abuse@maileig.com Submitted: 5/30/2019, 4:51:15 AM +1000: Ihr diskretes kleines Geheimnis 6962487749 ( http://qqi123.com/schiffer-ltd.php ) To: abuse@vultr.com 6962487748 ( 192.185.46.109 ) To: ipadmin#websitewelcome.com@devnull.spamcop.net 6962487747 ( 192.185.46.109 ) To: eig-abuse@maileig.com Submitted: 5/27/2019, 10:40:58 PM +1000: Rechnung "uber Ihre Verkaeufergebuehren bei Amazon.de [5/2019] 6961683604 ( https://sieuthikhoadientu.com/amzde ) To: netabuse@as20068.net 6961683603 ( 192.185.46.109 ) To: ipadmin#websitewelcome.com@devnull.spamcop.net 6961683602 ( 192.185.46.109 ) To: eig-abuse@maileig.com Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.