The company mail server is down i cant send mails.. i was told to check on the rbl list and it wrote that we were blaclisted ..Please advice Thanks
Hey Brian, You either have a spambot in your network that's using your mail server to send out spam or your server is on open-relay [relaying messages from other domains but yours]. I had the same problem last year, that's when I learnt such terms 'toka watu hapa hapa skunkworks :) Find out what the problem is, fix it and get your mail server whitelisted. On 16 April 2010 13:24, Brian Mang'oli <brayous@gmail.com> wrote:
The company mail server is down i cant send mails.. i was told to check on the rbl list and it wrote that we were blaclisted ..Please advice Thanks
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
@Brian building on what @Simon added, check your firewall stats. Most likely your network has an infected machine causing smtp hits. Goto mx tool site, check your server for open relay and port number. On your firewall, check out the traffic hits on the port out and which machine. Disconnect this machine/s, check your net stats again and start to slow the outbound traffic by adding the smtp protocol to a managed bandwidth. Whitelisting takes atleast 24 hours, so consider a redundant smtp for future use. HTHs. On Fri, Apr 16, 2010 at 2:06 PM, Simon Mbuthia <simon.mbuthia@gmail.com> wrote:
Hey Brian,
You either have a spambot in your network that's using your mail server to send out spam or your server is on open-relay [relaying messages from other domains but yours]. I had the same problem last year, that's when I learnt such terms 'toka watu hapa hapa skunkworks :) Find out what the problem is, fix it and get your mail server whitelisted.
On 16 April 2010 13:24, Brian Mang'oli <brayous@gmail.com> wrote:
On Fri, Apr 16, 2010 at 2:06 PM, Simon Mbuthia <simon.mbuthia@gmail.com> wrote:
Hey Brian,
You either have a spambot in your network that's using your mail server to send out spam or your server is on open-relay [relaying messages from other
And in the meantime, ask your ISP to provide you with an mail relay, configure your server to forward all outbound mail to it. BR, S -- Sent from my socks®
Thanks will do... On Fri, Apr 16, 2010 at 3:35 PM, Steve Muchai <smuchai@gmail.com> wrote:
On Fri, Apr 16, 2010 at 2:06 PM, Simon Mbuthia <simon.mbuthia@gmail.com> wrote:
Hey Brian,
You either have a spambot in your network that's using your mail server to send out spam or your server is on open-relay [relaying messages from other
And in the meantime, ask your ISP to provide you with an mail relay, configure your server to forward all outbound mail to it.
BR, S
-- Sent from my socks® _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet
http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On Fri, Apr 16, 2010 at 3:49 PM, Brian Mang'oli <brayous@gmail.com> wrote:
Thanks will do...
If you have a router that's capable of doing so, you could restrict outgoing SMTP to only your mail server. If it can log the blocked traffic, even better, you'll instantly hunt down the rogue machine(s). BR, S -- Sent from my socks®
The first place you want to start is by running an open relay test on your mail server. Google for "open relay test" and from any of the top listed sites, give the IP address of your mail server and it will test the server for open relay. Once you find the holes - some may not be too obvious, you can proceed to submit your IP for removal from the RBL list. This often takes from 24 - 48hrs. In the meantime, please ask your ISP to allow your mail-server to relay through their SMTP server. This should get your emails going until RBL listings are removed. I recently had an experience where the Nigeria 419 folks (i looked up the IPs that used the server for relay) took advantage of the test accounts we had created. Since the SMTP server was accepting SMTP-Auth, the test account as is the norm in most cases has a simple password. After many attempts they managed to get crack the password. Within a very short time, i had over 4 unique IP's registered to different providers (in different states in Nigeria according to AfriNIC whois) all using the server to send out 419's. Therefore, if you pass the open relay tests, its will be a high time to look at your logs and figure out how they managed to get your MTA to relay for them. HTH. Michuki. Brian Mang'oli wrote:
The company mail server is down i cant send mails.. i was told to check on the rbl list and it wrote that we were blaclisted ..Please advice Thanks
------------------------------------------------------------------------
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Server donations spreadsheet http://spreadsheets.google.com/ccc?key=0AopdHkqSqKL-dHlQVTMxU1VBdU1BSWJxdy1f... ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (5)
-
aki -
Brian Mang'oli -
Michuki Mwangi -
Simon Mbuthia -
Steve Muchai