spam problem - my ip is blacklisted

**mpi** · 11-14-2007 05:23 AM

spamhaus recently blacklisted my ip and now ALOT of important emails are getting bounced back.

what is the first step to finding out the source of the spam? this is a fresh RHEL 5 system.

1. i've already checked through 5 or 6 online external relay scripts and they all verified that it was not an open relay.

2. i've got iptables enabled

3. i edited antivirus.exim to log ALL the emails going through it and i didn't find any outgoing spam.

one thing that i found weird but don't know how to review/examine are the exim log files...i'm looking at exim_mainlog right now and from 3 days ago until now, there is 7,000 lines in it...but they are mostly:
"Could not complete sender verify callout"
there are also some apparent "relay attempts" and "timeouts"

can someone please point me in the right direction?

P.S. just enabled spamhaus through WHM for the server own incoming email and wow, very big different, ALOT less spam, i recommend it to everyone!

**jayh38** · 11-14-2007 09:36 AM

I would suggest running CSFirewall. There are many features that enhance control / warnings relating to relaying. Also CMM and CMQ are nice tools for a start.

www.configserver.com

**sarhosting** · 11-14-2007 01:46 PM

First off

check spamhaus.org >> then follow the process for AutoMatic removal.

**brooktdf** · 01-19-2008 06:02 AM

Definitely a very useful suggestions. I've had a same problem and didn't see any ways to solve. Now i hope this will help me.

LinkBack

Thread Tools