[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: IP Black listing problem



samuel dinakar sama wrote:
> HI all,
> 
> Straight to the  problem I am facing in my organization.  I am maintaining
> mail server Sendmail (fedora) .we  have a recurring problem , Public IP
> (internet gateway s/m) is getting black listed because of Spam.. I couldn't
> trace anything , How Trojan spam generated ? How to provide the security ?
> 
> For this problem I have been changing the public IP , but it not a solution
> 
> The below message is  thrown  by CBL.abuse.org for black listing :
> 
> *ATTENTION: **This IP is infected with, or NATting for a computer infected
> with a high volume spam sending trojan - it is participating in a botnet. *
> 
> *This is the Srizbi BOT *

<snip>
That's a WinDoze trojan. Either someone on your network, and going through your
gateway, is infected, or some scum out there is munging emails and putting your
address as the last "received from" address.

Start out by a) looking at your mail logs, and b) have everyone (if possible)
update their virus signatures and make *SURE* that they scan their systems. Or
have your techs go through with bootable CDs and verifiably scan everybody.

	mark



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]