HELP !!! Listed in CBL and SMTP locked by Spamhaus

[uollan]

Hi Jeff,

Thank you for your replay!
I'm worried.... i'm listed againg (but my customers use their own ISP provider as SMTP)

I'm not sure what you mean. Do you use abc.com to represent the domain on your server that receives the spam? Or do you use it to represent the domain that's sending it?

It represent the domain that receive the spam!

Maybe that domain has made enemies?

mmmhh... i was thinking about it also

Generally email in the queue is not waiting for delivery to your server, but rather for delivery off your server. Generally a properly configured DirectAdmin server won't accept email it can't immediately deliver. Often mail stuck in the queue is mail that misconfigured email servers think was sent by you, so they send it back to you, and your system can't return it to the real sender. If it's been in the queue four or more days then it's probably going to get removed shortly, but you can change settings in exim.conf so it won't stay that long, or you can clean the queue at any time; there are posts in these forums that tell you how to do that.

I 'll change settings in exim.conf... i think someone already send e-mails trought the server! i'll kill them !!!!

I will attach a queued e-mail,
- staff@*****.it is the RCPT
- 81-31-149-36.vm.myprovider.it is my provider... i don't want to put the real name here

1LYJoH-0004GK-Ba-H
mail 8 8
<[email protected]>
1234615193 0
-helo_name localhost
-host_address 116.22.148.238.2810
-interface_address 81.31.149.36.25
-received_protocol esmtp
-body_linecount 179
-deliver_firsttime
-host_lookup_failed
XX
1
staff@*****.it

219P Received: from [116.22.148.238] (helo=localhost)
	by 81-31-149-36.vm.myprovider.it with esmtp (Exim 4.67)
	(envelope-from <[email protected]>)
	id 1LYJoH-0004GK-Ba
	for staff@*****.it; Sat, 14 Feb 2009 13:40:02 +0100
057I Message-ID: <[email protected]>
067F From: "=?windows-1251?B?QWxhc3RhaXIgQmFrZXI=?=" <[email protected]>
024T To: <staff@*****.it>
085  Subject: =?windows-1251?B?SVQgY29uc3VsdGFudCBvZiBwZXJmZWN0IGxvdmUgbWFraW5nIGFydC4=?=
038  Date: Sat, 14 Feb 3610 20:34:04 +0800
018  MIME-Version: 1.0
093  Content-Type: multipart/alternative;
		boundary=----=_NextPart_000_0023_04_187C1DBE.7A39A438
014  X-Priority: 3
026  X-MSMail-Priority: Normal
051  X-Mailer: Microsoft Outlook Express 6.00.2900.2180
057  X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
073  X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

Thank you... i will work all the week end to fix it... so... i hope to start a new week without these bugs....

Respect!
Uollan

 

[nobaloney]

Is this account: staff@*****.it hosted on your server? If so, then the email should be delivered there.

If the email is NOT on your server but the domain is, then you haven't properly told DirectAdmin that the email isn't being served on this server; look here and search for MX Records.

If neither the email nor the server are hosted on your server, then if you want you can block the IP# 116.22.148.238 but you do so at your own risk.

Jeff

 

[uollan]

Is this account: staff@*****.it hosted on your server? If so, then the email should be delivered there.

Yes! this is a valid address hosted in my server!
I've cleared the queue yesterday and i've 4 pages of queue in about 20 hours!

Can i trace in a log of a mail sent using a php form? and.. how can i recognize it?!?

Uollan

 

[uollan]

I'm looking the queue and i've 10 pages of DA mail-queue...
a lot of these are sent by from blu0-omc3-s35.blu0.hotmail.com
with different IP addresses... i think this may be a virus or spyware. (?!?)

So i'm not listed again in CBL and i've NOT messages in queue sent by my server... so i think i've solved the problem....... maybe...

 

[uollan]

no way...

listed again on CBL...

i'm nervous and worried.... now i can send e-mail throught telnet from any address resident on my server to everyone...

i have request assistance from my provider...

thank you to all of you!

worried&Exausted-Uollan