Hi , My public IP's are being blacklisted ....How do i go about it.
Scan your network PCs for spambots and ensure that your mail server isn't on open relay.... then ask whatever RBL people who've blacklisted it to whitelist it On 29 June 2010 10:23, ibtisam jamal <ibty.jamal@gmail.com> wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
Hi, Somebody on your network is spamming.. Do you gateway outgoing mail scanner in place? -- NB On Tue, Jun 29, 2010 at 10:31 AM, Simon Mbuthia <simon.mbuthia@gmail.com>wrote:
Scan your network PCs for spambots and ensure that your mail server isn't on open relay.... then ask whatever RBL people who've blacklisted it to whitelist it
On 29 June 2010 10:23, ibtisam jamal <ibty.jamal@gmail.com> wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, NB...
On Tue, Jun 29, 2010 at 10:23 AM, ibtisam jamal <ibty.jamal@gmail.com>wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it.
Where does it get blacklisted? What reasons do they give for the action? -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube
Ask your ISP to do for you a PTR record; mail domain against Public IP. Then go to all sites blacklisting you and whitelist. Some learn from others so if you get whitelisted from others it will take a few days to come out of all lists. Also like they said ensure your network is clean brother. On Tue, Jun 29, 2010 at 10:23 AM, ibtisam jamal <ibty.jamal@gmail.com>wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Edmund C. O. Okumu P.O Box 8490-00200, Nairobi, Kenya. TEL: 254-721-734935
The blacklisted IP is a virtual IP and not the mail servers IP. Recently there is alot of outbound traffic to the internet almost nearing the download. On Tue, Jun 29, 2010 at 1:41 PM, Edmund Okumu <edmund.okumu@gmail.com> wrote:
Ask your ISP to do for you a PTR record; mail domain against Public IP. Then go to all sites blacklisting you and whitelist. Some learn from others so if you get whitelisted from others it will take a few days to come out of all lists. Also like they said ensure your network is clean brother.
On Tue, Jun 29, 2010 at 10:23 AM, ibtisam jamal <ibty.jamal@gmail.com> wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Edmund C. O. Okumu P.O Box 8490-00200, Nairobi, Kenya. TEL: 254-721-734935
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an outgoing mail scanner e.g. Brightmail Gateway... Run a spambot check on the endpoints on your network as well.... -- NB On Tue, Jun 29, 2010 at 1:57 PM, ibtisam jamal <ibty.jamal@gmail.com> wrote:
The blacklisted IP is a virtual IP and not the mail servers IP. Recently there is alot of outbound traffic to the internet almost nearing the download.
On Tue, Jun 29, 2010 at 1:41 PM, Edmund Okumu <edmund.okumu@gmail.com> wrote:
Ask your ISP to do for you a PTR record; mail domain against Public IP. Then go to all sites blacklisting you and whitelist. Some learn from others so if you get whitelisted from others it will take a few days to come out of all lists. Also like they said ensure your network is clean brother.
On Tue, Jun 29, 2010 at 10:23 AM, ibtisam jamal <ibty.jamal@gmail.com> wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f...
------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Edmund C. O. Okumu P.O Box 8490-00200, Nairobi, Kenya. TEL: 254-721-734935
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f...
------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, NB...
I was also having the same problem over the last few weeks with one of my Linux mail servers and it really stressed me. From my research, note these:- - Having/not having reverse DNS records does not contribute to an IP being blacklisted - Changing your server's IP and then the MX records is just running away from the real problem - Most spam generating spyware/malware rarely ever sends out mail through your mail server; your network/router is NATting for a host that's doing spamming on it's own. The solution is initially to clean up your network. Note that normal anti-virus programs even when up to date rarely arrest spamming applications. You need a good anti-malware; try Spyware Doctor Also consider deploying a firewall with a rule that only allows your server's IP to be the only host allowed to send out mail; i.e. a rule that allows outbound SMTP traffic (port 25 and 587 in some instances) from the server only. Hope that helps you. Regards, Martin Mugo On Tue, Jun 29, 2010 at 2:40 PM, Nawaz Bagha <nawazb@gmail.com> wrote:
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an outgoing mail scanner e.g. Brightmail Gateway... Run a spambot check on the endpoints on your network as well....
-- NB
On Tue, Jun 29, 2010 at 1:57 PM, ibtisam jamal <ibty.jamal@gmail.com>wrote:
The blacklisted IP is a virtual IP and not the mail servers IP. Recently there is alot of outbound traffic to the internet almost nearing the download.
On Tue, Jun 29, 2010 at 1:41 PM, Edmund Okumu <edmund.okumu@gmail.com> wrote:
Ask your ISP to do for you a PTR record; mail domain against Public IP. Then go to all sites blacklisting you and whitelist. Some learn from others so if you get whitelisted from others it will take a few days to come out of all lists. Also like they said ensure your network is clean brother.
On Tue, Jun 29, 2010 at 10:23 AM, ibtisam jamal <ibty.jamal@gmail.com> wrote:
Hi ,
My public IP's are being blacklisted ....How do i go about it. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f...
------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Edmund C. O. Okumu P.O Box 8490-00200, Nairobi, Kenya. TEL: 254-721-734935
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f...
------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Regards, NB...
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On Tue, Jun 29, 2010 at 2:40 PM, Nawaz Bagha <nawazb@gmail.com> wrote:
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an
Not a particularly good idea, just running away from the problem. Your new IP will get blacklisted anyway. I've seen very helpful posts, cleaning your network is the way to go. Out of curiousity, what's your setup like (what router do you use, does your server have public IPs or is SMTP dnat'd from the router, etc). With more details folks here will suggest exactly what to do. BR, S -- This message represents the official view of the voices in my head.
It's kind of tricky because the network is divided in three -Office LAN -Corporate clients (Fixed Broadband) users - Packet Core (SGSN's) The IP's blacklisted are virtual IP's of the GPRS network . We allow customers to browse anything no rules but we do have firewalls for protection. Customers use dynamic IP's . So how do we solve it . On Wed, Jun 30, 2010 at 4:03 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Tue, Jun 29, 2010 at 2:40 PM, Nawaz Bagha <nawazb@gmail.com> wrote:
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an
Not a particularly good idea, just running away from the problem. Your new IP will get blacklisted anyway.
I've seen very helpful posts, cleaning your network is the way to go. Out of curiousity, what's your setup like (what router do you use, does your server have public IPs or is SMTP dnat'd from the router, etc). With more details folks here will suggest exactly what to do.
BR, S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On Wed, Jun 30, 2010 at 4:15 PM, ibtisam jamal <ibty.jamal@gmail.com> wrote:
It's kind of tricky because the network is divided in three -Office LAN -Corporate clients (Fixed Broadband) users - Packet Core (SGSN's)
The IP's blacklisted are virtual IP's of the GPRS network . We allow customers to browse anything no rules but we do have firewalls for protection. Customers use dynamic IP's .
So how do we solve it .
Block all traffic on port 25 leaving your network. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "If you have nothing good to say about someone, just shut up!." -- Lucky Dube
redirect all smtp traffic to a smarthost and block the offending users from there. -----Original Message----- From: skunkworks-bounces@lists.my.co.ke [mailto:skunkworks-bounces@lists.my.co.ke] On Behalf Of ibtisam jamal Sent: Wednesday, June 30, 2010 4:15 PM To: Skunkworks Mailing List Subject: Re: [Skunkworks] Public IP blacklisted It's kind of tricky because the network is divided in three -Office LAN -Corporate clients (Fixed Broadband) users - Packet Core (SGSN's) The IP's blacklisted are virtual IP's of the GPRS network . We allow customers to browse anything no rules but we do have firewalls for protection. Customers use dynamic IP's . So how do we solve it . On Wed, Jun 30, 2010 at 4:03 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Tue, Jun 29, 2010 at 2:40 PM, Nawaz Bagha <nawazb@gmail.com> wrote:
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an
Not a particularly good idea, just running away from the problem. Your new IP will get blacklisted anyway.
I've seen very helpful posts, cleaning your network is the way to go. Out of curiousity, what's your setup like (what router do you use, does your server have public IPs or is SMTP dnat'd from the router, etc). With more details folks here will suggest exactly what to do.
BR, S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f bjAwOUE&hl=en
------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f bjAwOUE&hl=en ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke --
You could also try running a network scan using wireshark to identify the infected host... On 30 June 2010 16:27, Tony Gacheru <tonyg@arcnetkenya.com> wrote:
redirect all smtp traffic to a smarthost and block the offending users from there.
-----Original Message----- From: skunkworks-bounces@lists.my.co.ke [mailto:skunkworks-bounces@lists.my.co.ke] On Behalf Of ibtisam jamal Sent: Wednesday, June 30, 2010 4:15 PM To: Skunkworks Mailing List Subject: Re: [Skunkworks] Public IP blacklisted
It's kind of tricky because the network is divided in three -Office LAN -Corporate clients (Fixed Broadband) users - Packet Core (SGSN's)
The IP's blacklisted are virtual IP's of the GPRS network . We allow customers to browse anything no rules but we do have firewalls for protection. Customers use dynamic IP's .
So how do we solve it .
On Wed, Jun 30, 2010 at 4:03 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Tue, Jun 29, 2010 at 2:40 PM, Nawaz Bagha <nawazb@gmail.com> wrote:
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an
Not a particularly good idea, just running away from the problem. Your new IP will get blacklisted anyway.
I've seen very helpful posts, cleaning your network is the way to go. Out of curiousity, what's your setup like (what router do you use, does your server have public IPs or is SMTP dnat'd from the router, etc). With more details folks here will suggest exactly what to do.
BR, S
-- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f bjAwOUE&hl=en<http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f%0AbjAwOUE&hl=en>
------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f bjAwOUE&hl=en<http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f%0AbjAwOUE&hl=en> ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
--
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
better still pay a consultant to sort your network. this is a big problem where inexperienced techies try to prove to their bosses they can fix everything and end up messing everyone. Please note I've no problem with people learning new things and getting experience but I believe they should be guided expecially in urgent issues like spamming. so get a good consultant and be ready to ask questions so that the next time you can do it yourself. TonyG. -----Original Message----- From: skunkworks-bounces@lists.my.co.ke [mailto:skunkworks-bounces@lists.my.co.ke] On Behalf Of Steve Muchai Sent: Wednesday, June 30, 2010 4:04 PM To: Skunkworks Mailing List Subject: Re: [Skunkworks] Public IP blacklisted On Tue, Jun 29, 2010 at 2:40 PM, Nawaz Bagha <nawazb@gmail.com> wrote:
had something similar in our office... ask your ISP to change your IPs.... and then redirect any AX/MX records to the new IP... And try getting an
Not a particularly good idea, just running away from the problem. Your new IP will get blacklisted anyway. I've seen very helpful posts, cleaning your network is the way to go. Out of curiousity, what's your setup like (what router do you use, does your server have public IPs or is SMTP dnat'd from the router, etc). With more details folks here will suggest exactly what to do. BR, S -- This message represents the official view of the voices in my head. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f bjAwOUE&hl=en ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke --
participants (8)
-
Edmund Okumu -
ibtisam jamal -
m mugo -
Nawaz Bagha -
Odhiambo Washington -
Simon Mbuthia -
Steve Muchai -
Tony Gacheru