Below is the reason of my ip blacklisted, I have blocked this ip "220.127.116.11" in firewall. Moreover scan all accounts with clamav. Kindly let me know any other preventive measures. Code: IP Address 18.104.22.168 [B]is listed[/B] in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet. It was last detected at 2015-04-10 14:00 GMT (+/- 30 minutes), approximately 30 minutes ago. This IP is infected with, or is NATting for a machine infected with s_gozi Note: If you wish to look up this bot name via the web, remove the "s_" before you do your search. This was detected by observing this IP attempting to make contact to a s_gozi Command and Control server, with contents unique to s_gozi C&C command protocols. This was detected by a TCP/IP connection from 22.214.171.124 on port 40182 going to IP address 126.96.36.199 (the [URL='http://cbl.abuseat.org/sinkhole.html']sinkhole[/URL]) on port 80. The botnet command and control domain for this connection was "domain.com".