amitabh_dss Posted April 3, 2006 Share Posted April 3, 2006 Our IP address 202.54.11.43 is getting blocked all the time by SPAMCOP. Could you please tell us as to why are we getting blocked?. We do not send any spam, Virus emails out of our company, we have a state-of-the art firewall and an upto date AntiVirus in our network monitoring the in and out flow of emails. Our IP address is getting blocked very often, could you please tell us the reason of us getting blocked. Thanks Link to comment Share on other sites More sharing options...
dra007 Posted April 3, 2006 Share Posted April 3, 2006 You realize you have a (or many) compromised machine(s) on your network?: Report History: -------------------------------------------------------------------------------- Submitted: Monday, April 03, 2006 12:59:45 AM -0400: FW: hello !.. 1707937409 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1707937408 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday, April 03, 2006 12:57:01 AM -0400: Gwd: Changes.. 1707937743 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1707937742 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:07:30 AM -0500: Gwd: Incoming message 1706154956 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706154955 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:07:16 AM -0500: India may soon mint money for world 1706155551 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706155543 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:07:09 AM -0500: =?iso-8859-1?Q?ERA's_Recruiting_News_-_30th_March,_2006?= 1706156056 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706156051 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:07:02 AM -0500: C3:USA's leading technology show 1706156412 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706156411 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:07:00 AM -0500: Workshop on Doing LPO Business in India 1706153116 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706153114 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:06:52 AM -0500: GOOD DAY 1706153208 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706153207 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday, April 01, 2006 12:06:51 AM -0500: Gwd: Forum notify 1706153213 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706153212 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday, March 30, 2006 12:08:06 AM -0500: Gwd: Incoming Msg 1704342511 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1704342503 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in looks like spammers have control over your network. 202.54.11.43 listed in bl.spamcop.net (127.0.0.2) If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 16 hours. Causes of listing SpamCop users have reported system as a source of spam about 10 times in the past week Additional potential problems (these factors do not directly result in spamcop listing) System administrator has already delisted this system once Because of the above problems, express-delisting is not available Listing History In the past 165.1 days, it has been listed 24 times for a total of 13.6 days Looks like you have done something to stop the spew? Report on IP address: 202.54.11.43 Volume Statistics for this IP Magnitude Vol Change vs. Average Last day 0.0 -100% Last 30 days 2.3 -46% Average 2.6 Link to comment Share on other sites More sharing options...
Merlyn Posted April 3, 2006 Share Posted April 3, 2006 Our IP address 202.54.11.43 is getting blocked all the time by SPAMCOP. Could you please tell us as to why are we getting blocked?. We do not send any spam, Virus emails out of our company, we have a state-of-the art firewall and an upto date AntiVirus in our network monitoring the in and out flow of emails. Our IP address is getting blocked very often, could you please tell us the reason of us getting blocked. 41756[/snapback] Your right about it not sending any spam because spam is a meat product sold by the Hormel Company. Your server IS sending a lot of spam though. You should ask the owners of this server to remove their spammers. Link to comment Share on other sites More sharing options...
petzl Posted April 4, 2006 Share Posted April 4, 2006 Our IP address 202.54.11.43 is getting blocked all the time by SPAMCOP. Could you please tell us as to why are we getting blocked?. We do not send any spam, Virus emails out of our company, we have a state-of-the art firewall and an upto date AntiVirus in our network monitoring the in and out flow of emails. Our IP address is getting blocked very often, could you please tell us the reason of us getting blocked. 41756[/snapback] You are not getting abuse reports? Strange because India is very white hat and responsive to spam complaints. My guess is you are not stamping the IP source with your email server 202.54.11.43 A Properly configured email server will show where the email was sourced from. In the link shown it shows SpamCop tracing back to my personal computer [iP 203.134.9.119] which is all that SpamCop wants to "block". For a email server to be blocked many abuse reports would of been sent first. SpamCop has been reporting 202.54.11.43 since February the 6th this year reports going to ip.admin[at]vsnl.co.in Link to comment Share on other sites More sharing options...
Jeff G. Posted April 4, 2006 Share Posted April 4, 2006 Report History for 202.54.11.43 follows: Submitted: Monday 2006/04/03 10:02:00 -0400: FW: e-nouncement: How to Be a Confident Public Speaker 1708324617 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1708324568 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/04/03 10:01:58 -0400: fw: Make sure you see this 1708324701 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1708324698 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/04/03 10:01:54 -0400: Gwd: Incoming message 1708324881 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1708324842 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/04/03 10:01:51 -0400: [spam] Hello 1708324962 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1708324961 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/04/03 00:59:45 -0400: FW: hello !.. 1707937409 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1707937408 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/04/03 00:57:01 -0400: Gwd: Changes.. 1707937743 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1707937742 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:07:30 -0500: Gwd: Incoming message 1706154956 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706154955 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:07:16 -0500: India may soon mint money for world 1706155551 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706155543 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:07:09 -0500: =?iso-8859-1?Q?ERA's_Recruiting_News_-_30th_March,_2006?= 1706156056 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706156051 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:07:02 -0500: C3:USA's leading technology show 1706156412 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706156411 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:07:00 -0500: Workshop on Doing LPO Business in India 1706153116 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706153114 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:06:52 -0500: GOOD DAY 1706153208 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706153207 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Saturday 2006/04/01 00:06:51 -0500: Gwd: Forum notify 1706153213 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1706153212 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/30 00:08:10 -0500: the file 1704342278 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1704342272 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/30 00:08:06 -0500: Gwd: Incoming Msg 1704342511 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1704342503 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/03/28 23:42:08 -0500: Re: we can help your web site.. 1703426682 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1703426681 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/03/28 23:42:07 -0500: Re: regarding your web site... 1703426688 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1703426687 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/03/28 23:41:51 -0500: RE: Huge news shows promise 1703425023 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in 1703425022 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/03/28 23:41:34 -0500: Gwd: Forum notify 1703422916 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1703422915 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/03/28 23:41:34 -0500: Good day 1703422918 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1703422917 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/23 23:12:18 -0500: [spam] OVERVIEW OF OUR EXCLUSIVE AND COMPLETE RANGE OF PRODUCTS 1698698044 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1698698040 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/23 23:11:57 -0500: RE: hello !.. 1698698064 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1698698062 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/23 23:09:50 -0500: [fwd] You need to review this 1698698111 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1698698110 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/23 23:09:04 -0500: Gwd: Incoming message 1698697866 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1698697865 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/03/21 22:56:46 -0500: Gwd: Document 1696647314 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1696647307 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/03/20 23:36:26 -0500: Cos may not need non-promoter holding of 25% to stay listed 1695731119 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in 1695731101 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/03/20 23:36:17 -0500: Error 1695731443 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in 1695731438 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/03/20 02:33:53 -0500: Gwd: crypted document 1694882766 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1694882761 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/03/15 01:36:12 -0500: Re[1]: hello ... 1690140738 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1690140737 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/03/15 01:35:43 -0500: Gwd: Site changes 1690140792 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1690140791 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/03/15 01:35:57 -0500: Hindujas to hold over 5% in Hutch Essar 1690140405 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1690140392 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/03/15 01:35:50 -0500: InTouch - The Monthly Newsletter from Servion 1690140662 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1690140654 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/03/13 00:29:01 -0500: the file 1687989038 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1687989032 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/03/13 00:27:07 -0500: the file 1687990343 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1687990341 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/03/12 23:53:01 -0500: the file 1687968427 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1687968424 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/03/05 23:13:32 -0500: [spam] =?iso-8859-1?Q?4th_International_Conference_=22Communications_Converge... 1680293648 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1680293632 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/03/05 23:13:24 -0500: Word file 1680293817 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1680293816 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/03/03 06:23:09 -0500: the file 1677421683 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1677421679 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/03/03 01:46:05 -0500: [spam] Seminar On Budget Changes in Service Tax & Central Excise ZDEZQIVVSY 1677219504 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1677219503 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/03/03 01:45:49 -0500: Word file 1677219512 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1677219509 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/02 13:05:51 -0500: Find your holiday destination - 42KM from Delhi. 1676682676 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1676682653 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/02 12:58:42 -0500: Fw: DSC-00465.jpg 1676683076 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1676683070 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/02 12:57:18 -0500: [spam] Indian Technology Overview |Week 9| 1676683515 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1676683490 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Thursday 2006/03/02 12:57:15 -0500: Optimize February 2006: Optimized Call Center Processes for Higher Productivity 1676683596 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1676683568 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/02/26 02:05:32 -0500: Invoice Payment 1671850507 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1671850506 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/02/26 01:21:29 -0500: RE: HI . 1671820041 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in 1671820028 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/02/26 01:21:06 -0500: NEW OPPORTUNITY 1671820148 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1671820122 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/02/26 01:15:08 -0500: Fw: Happy NEW YEAR ! 1671821180 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1671821178 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/02/26 00:56:14 -0500: [spam] Security Systems For YOur Residence, Office, Factory, Bunglow etc... ... 1671803881 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1671803880 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/02/10 04:44:10 -0500: The Who's Who of India's Business & Industry 1654164634 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1654164623 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/02/10 04:46:03 -0500: =?iso-8859-1?Q?ERA's_Recruiting_News?= 1654162751 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1654162713 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/02/10 04:44:20 -0500: NEW ARRIVALS-LAPTOP INTERNAL SLIM DRIVES 1654163716 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1654163666 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/02/10 04:44:03 -0500: [spam] Mobile Jammer 1654157104 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1654157074 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/02/08 02:56:42 -0500: =?iso-8859-1?Q?ERA_2006_Week?= 1652066966 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in 1652066950 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/02/08 02:56:38 -0500: CEBIT 2006, HANNOVER - GERMANY 1652067447 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in 1652067425 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Tuesday 2006/02/07 03:44:07 -0500: Invitation To Exhibit At Gitex Saudi 2006 1650296593 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1650296581 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Monday 2006/02/06 00:08:12 -0500: Postmaster notify: see transcript for details 1648776836 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1648776827 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Sunday 2006/02/05 23:47:06 -0500: eBay - Urgent Security Notification 1648750540 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1648750531 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/02/03 05:09:08 -0500: "Train the Trainer" - Open Corporate Program on 16th & 17th Feb organised by ... 1645396522 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1645396506 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Friday 2006/02/03 05:04:15 -0500: WeP Laser solutions 1645396794 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1645396785 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in -------------------------------------------------------------------------------- Submitted: Wednesday 2006/01/11 01:36:17 -0500: LogWatch for mx1.dss.co.in 1617596953 ( 202.54.11.43 ) To: postmaster[at]vsnl.co.in 1617596946 ( 202.54.11.43 ) To: ip.admin[at]vsnl.co.in Link to comment Share on other sites More sharing options...
amitabh_dss Posted April 4, 2006 Author Share Posted April 4, 2006 Hi Jeff Could you tell us as to how did you manage to get this information? We have not yet been able to narrow down to the source of the mails. And also from whose machine in our domain it has been sent from? Could you share with us the information from where you managed to get all these details and more? Thanks Link to comment Share on other sites More sharing options...
Derek T Posted April 4, 2006 Share Posted April 4, 2006 Could you tell us as to how did you manage to get this information? We have not yet been able to narrow down to the source of the mails. And also from whose machine in our domain it has been sent from? Could you share with us the information from where you managed to get all these details and more? 41787[/snapback] That information is available only to paid-up SpamCop members. You need to check your own server logs for the internal data. Link to comment Share on other sites More sharing options...
amitabh_dss Posted April 4, 2006 Author Share Posted April 4, 2006 Hi Derek Thanks for the quick answer, could you tell us if theres anything else that we can do besides check server logs. Some other information might ne helpful Thanks Link to comment Share on other sites More sharing options...
petzl Posted April 4, 2006 Share Posted April 4, 2006 Could you tell us as to how did you manage to get this information? We have not yet been able to narrow down to the source of the mails. And also from whose machine in our domain it has been sent from? Could you share with us the information from where you managed to get all these details and more? 41787[/snapback] Cmputer Ports all secure as well? Link to comment Share on other sites More sharing options...
amitabh_dss Posted April 4, 2006 Author Share Posted April 4, 2006 Hi Petz Could you please explain? Cmputer Ports all secure as well? 41791[/snapback] Link to comment Share on other sites More sharing options...
Derek T Posted April 4, 2006 Share Posted April 4, 2006 Could you please explain? 41792[/snapback] Petzl is offering the suggestion that the spam may not be coming from behind your server at all. It MAY be a trojanned machine on your network, it MAY be that someone has hacked into the server from outside. You can check the security of your machine by asking a security site to probe you from outside. Petzl's link is Symantec (IIRC) Gibson Research also do a good online service. https://www.grc.com/x/ne.dll?bh0bkyd2 Please also consider the SMTP/AUTH hack which you will find in the FAQs here. What server r u running? What build/version? Link to comment Share on other sites More sharing options...
Jeff G. Posted April 4, 2006 Share Posted April 4, 2006 Could you tell us as to how did you manage to get this information? We have not yet been able to narrow down to the source of the mails. And also from whose machine in our domain it has been sent from? Could you share with us the information from where you managed to get all these details and more? 41787[/snapback] Please see my new Topic How To Get Report History. More information is only available from the SpamCop Deputies via email to deputies[at]spamcop.net. Link to comment Share on other sites More sharing options...
petzl Posted April 5, 2006 Share Posted April 5, 2006 Hi Petz Could you please explain? 41792[/snapback] Try Symantec to scan your ports you will have to have Java activated and download their applet/activex scanner. They will of course try to sell you their solutions however it should give a heads up and you can decide options Link to comment Share on other sites More sharing options...
Simey Posted April 6, 2006 Share Posted April 6, 2006 It's got nothing to do with ports. Your mailserver is configured as open relay. Google 'secure open relay' and find a procedure to close it down. It isn't a big job, you'll have it sorted within half an hour. That is very poor tech support from SpamCop. Link to comment Share on other sites More sharing options...
Derek T Posted April 6, 2006 Share Posted April 6, 2006 It's got nothing to do with ports. Your mailserver is configured as open relay. Google 'secure open relay' and find a procedure to close it down. It isn't a big job, you'll have it sorted within half an hour. That is very poor tech support from SpamCop. 41844[/snapback] No it's not. Netabuse performed 17 tests all negative. Relay test result All tests performed, no relays accepted. Read the FAQs or FOAD. Link to comment Share on other sites More sharing options...
Jeff G. Posted April 6, 2006 Share Posted April 6, 2006 It's got nothing to do with ports. Your mailserver is configured as open relay. 41844[/snapback] Please post proof of that allegation. Thanks! Link to comment Share on other sites More sharing options...
Derek T Posted April 6, 2006 Share Posted April 6, 2006 Please post proof of that allegation. Thanks! 41858[/snapback] Herewith evidence to the contrary: Mail relay testing Connecting to 202.54.11.43 for anonymous test ... <<< 220 mx1.dss.co.in ESMTP Sendmail 8.12.11/8.12.11; Fri, 7 Apr 2006 00:56:11 +0530 >>> HELO www.abuse.net <<< 250 mx1.dss.co.in Hello www.abuse.net [208.31.42.77], pleased to meet you Relay test 1 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at]abuse.net> <<< 250 2.1.0 <spamtest[at]abuse.net>... Sender ok >>> RCPT TO:<securitytest[at]abuse.net> <<< 550 5.7.1 <securitytest[at]abuse.net>... Relaying denied. Proper authentication required. Relay test 2 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest> <<< 553 5.5.4 <spamtest>... Domain name required for sender address spamtest Relay test 3 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<> <<< 250 2.1.0 <>... Sender ok >>> RCPT TO:<securitytest[at]abuse.net> <<< 550 5.7.1 <securitytest[at]abuse.net>... Relaying denied. Proper authentication required. Relay test 4 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<securitytest[at]abuse.net> <<< 550 5.7.1 <securitytest[at]abuse.net>... Relaying denied. Proper authentication required. Relay test 5 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at]mail.dss.co.in> <<< 250 2.1.0 <spamtest[at]mail.dss.co.in>... Sender ok >>> RCPT TO:<securitytest[at]abuse.net> <<< 550 5.7.1 <securitytest[at]abuse.net>... Relaying denied. Proper authentication required. Relay test 6 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<securitytest%abuse.net[at][202.54.11.43]> <<< 550 5.7.1 <securitytest%abuse.net[at][202.54.11.43]>... Relaying denied. Proper authentication required. Relay test 7 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<securitytest%abuse.net[at]mail.dss.co.in> <<< 550 5.7.1 <securitytest%abuse.net[at]mail.dss.co.in>... Relaying denied. Proper authentication required. Relay test 8 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<"securitytest[at]abuse.net"> <<< 550 5.7.1 <"securitytest[at]abuse.net">... Relaying denied. Proper authentication required. Relay test 9 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<"securitytest%abuse.net"> <<< 550 5.7.1 <"securitytest%abuse.net">... Relaying denied. Proper authentication required. Relay test 10 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<securitytest[at]abuse.net[at][202.54.11.43]> <<< 553 5.1.3 <securitytest[at]abuse.net[at][202.54.11.43]>... Invalid route address Relay test 11 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<"securitytest[at]abuse.net"[at][202.54.11.43]> <<< 550 5.7.1 <"securitytest[at]abuse.net"[at][202.54.11.43]>... Relaying denied. Proper authentication required. Relay test 12 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<securitytest[at]abuse.net[at]mail.dss.co.in> <<< 553 5.1.3 <securitytest[at]abuse.net[at]mail.dss.co.in>... Invalid route address Relay test 13 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<[at][202.54.11.43]:securitytest[at]abuse.net> <<< 550 5.7.1 <[at][202.54.11.43]:securitytest[at]abuse.net>... Relaying denied. Proper authentication required. Relay test 14 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<[at]mail.dss.co.in:securitytest[at]abuse.net> <<< 550 5.7.1 <[at]mail.dss.co.in:securitytest[at]abuse.net>... Relaying denied. Proper authentication required. Relay test 15 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<abuse.net!securitytest> <<< 550 5.7.1 <abuse.net!securitytest>... Relaying denied. Proper authentication required. Relay test 16 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<abuse.net!securitytest[at][202.54.11.43]> <<< 550 5.7.1 <abuse.net!securitytest[at][202.54.11.43]>... Relaying denied. Proper authentication required. Relay test 17 >>> RSET <<< 250 2.0.0 Reset state >>> MAIL FROM:<spamtest[at][202.54.11.43]> <<< 250 2.1.0 <spamtest[at][202.54.11.43]>... Sender ok >>> RCPT TO:<abuse.net!securitytest[at]mail.dss.co.in> <<< 550 5.7.1 <abuse.net!securitytest[at]mail.dss.co.in>... Relaying denied. Proper authentication required. Relay test result All tests performed, no relays accepted. Link to comment Share on other sites More sharing options...
btech Posted April 10, 2006 Share Posted April 10, 2006 Please post proof of that allegation. Thanks! 41858[/snapback] Trolls often provide bunk info... why never anything positive/correct? hmmm. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.