Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blocked email / IP from Trendmicro


  • Please log in to reply
5 replies to this topic

#1 notamondayfan

notamondayfan

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 January 2017 - 06:45 AM

Hello,

 

I have a business email address, which appears to be blocked by Trendmicro and just after some advice.

 

There's a link in the bounce back email https://ers.trendmicro.com/reputations/index?ip_address=69.89.18.3 and it says this IP is on a blacklist.

 

I'm guessing my client uses Trendmicro, so he can't accept my emails. 

 

Now as far as I know, I have never spammed anyone. 

 

I get this message when I send from home (Virgin media), or from the studio (which is in a shared office).

 

I can't remove the IP from the banned list.

 

Does anyone know what I should do?

 

Thanks,
Dean



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,878 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:17 AM

Posted 16 January 2017 - 07:45 AM

Contact my ISP...that's what I would do.  You don't control or influence the IP, the ISP does.

 

Louis



#3 notamondayfan

notamondayfan
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 January 2017 - 08:12 AM

I've contacted my email hosting, as this is happening over multiple ISPs, and they say their request to whitelist the email will work. Let's see if it does. 

Cheers



#4 Trikein

Trikein

  • Members
  • 1,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:06:17 AM

Posted 16 January 2017 - 08:18 AM

Your ISP can't control what email spam lists the person belongs to. The IP belonged in 5 spam lists, including 2 honey pots, so that IP is likly sending spam.I removed it from 2, but it's still on Lackback and Sorbs. If it's your IP, I would check your firewall for a email relay server. 



#5 notamondayfan

notamondayfan
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 January 2017 - 09:04 AM

Thanks Trikein, I have requested from Lackback to be removed, and I guess the Sorbs is some kind of automated process / removal?

 

Also, how do I check my firewall and email relay server, and what am I checking?

 

Thanks,

Dean



#6 Trikein

Trikein

  • Members
  • 1,321 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:06:17 AM

Posted 16 January 2017 - 03:29 PM

Yea, good luck with SORBS. Hopefully the person you are sending to doesn't subscribe to them. They are the ambulance chasing lawyers of the Anti-spam world. They are very good at putting IP's on their spam lists, but unless you pay, it takes a long time to get off. See here for some good (but disturbing) info.

 

As for your system and network, it depends on many things. First, what method are you using to send out legitimate mail? Is your SMTP server on site? Or do you own one off site? Or do you use a providers/ISP SMTP server? Once you have a idea of what mail transactions SHOULD be on your network, then it's a matter of looking for SMTP transactions which shouldn't be there by checking your firewall/router logs. You can also use the time stamp on the blacklists to give you a idea of a timeframe of when they are sending. If any particular system is having a hard time sending mail, like the one you made a post about being slow, I would start my suspicions there. I noticed several different kind of remote desktop programs installed and configured on the machine.


Edited by Trikein, 16 January 2017 - 03:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users