[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: mail "spamlists" again:cbl.abuseat.org

Guess I skipped a few details...

It was my client's IP address that got blacklisted, not mine. The virus was sending spam directly and not trying to relay. When my client called and said they had problems mailing, I had him send while I was tailing the mail log and saw the rejects from spamhaus. I then did a lookup on the cbl web site. Once I confirmed, I got the client to check their computers. One was infected. They pulled the plug on the offending pc and I submitted the form for removal.

Peter A. Dumpert
Innovative Computer Services, LLC
The Diamond Standard of Internet Business
P: 732-683-0092 x 102 F: 732-577-9390

Boris Pavlov wrote:
Anyway, how it can be tracked down? Peter, can you tell me how did you manage to track down the problem? Any info about some contacts with the people behind cbl.abuseat (did not find on the web site), to find and track down 1) the source "component" which pushed this particular ip ... any place i've seen it mentined was claiming that it was "mentioned on cbl".

Right now, the ip is back on the list, not being anywhere else (at least I can not find it). Ok, hitting the button again, let's see if they will remove it.

Really, if someone knows hot to contact the guys at cbl, please advise.


Andy Smith wrote:

On Tue, Jun 06, 2006 at 04:26:31PM -0300, Djalma Fadel Junior wrote:
On Tue, 06 Jun 2006 14:45:42 -0400
Peter Dumpert <pdumpert@innovativebusiness.net> wrote:

I had the same experience with the spamhaus list twice. Both times it was legitimate - a client's pc got infected with a virus and was spewing out spam. Once you fix the problem it is fairly easy to get off the list. There is a form on their site - http://cbl.abuseat.org/
but, how could a ISP keep control under its users computers?
Is there a way to drop these viruses traffic for outgoing?

The smarthost is getting listed for relaying the spam.  While I am
not suggesting this is trivially easy or without cost, the smarthost
can do all the relevant antispam and antivirus checks on emails it
is being asked to relay out, just as oncoming mail servers do for
mails going out.  In fact it should be easier than for incoming
since the outgoing email rate should be much lower.

The ISP could also investigate rate-limiting for its own customers.


Reply to: