Long time listener. First time caller.
I run IT/system of a small network of 45 computers. Beginning last week, users had numerous emails returned undeliverable with MTA's poor reputation and CBL blacklist errors. I have a static IP in the building and went to each individual computer and run Adwcleaner and Mailwarebytes. I found cookies and minor infections on networked machines and cleaned them in safe mode.
I changed my smtp to another outgoing server to successfully send mail. However, my VPS smtp continues to be blacklisted. My ISP who hosts the VPS email server ran extensive captures on the server and through the exim configs, and they claim everything is normal. Here are two of the blacklistings.
My questions for the gurus.
- Can I still get relisted on the CBL if my entire network was off during the weekend?
- Could the trojan be on my network and still be on the CBL if it doesn't use the VPS smtp to send mail?
- What tools/service would you suggest to find the source?
- What spam settings on Cpanel do you suggest for the maximum benefits?
I'll hang up and listen. Thanks in advance for your help.