Reply to topic  [ 7 posts ] 
Blacklisting or reporting a spammer's IP address 
Author Message
Doesn't have much of a life
User avatar

Joined: Fri Apr 24, 2009 12:43 pm
Posts: 1798
Location: Manchester
Reply with quote
Our company has its own internal email server, running Kerio Mailserver. Just lately, things seem to have slowed down so I checked the error logs and noticed that we're getting bombarded by a load of incoming emails from the same IP address. I've looked up the IP address in question, here...

http://whois.domaintools.com/213.83.85.181

Basically, there are well over 4000 emails for yesterday and they seem to be going through the alphabet starting with alfonso@____ and using all possible first names you can think off - it's quite amusing to see some of the names they've come up with!! As far as I know they've all been rejected by our mail server, but I guess some will get through eventually when they get the first names correct.

Anyway, does anyone know of a site where I can report this IP address and get it blacklisted? I've looked in Kerio itself but can't see anything obvious, so I'm thinking is there a website that I can put that IP address into and add it to a blacklist? As far as I know, we've not used this company before, so I'm guessing it's a virus that's sending these out - they're probably not even aware of it.

_________________
* Steve *

* Witty statement goes here *


Mon Mar 12, 2012 12:45 pm
Profile
Doesn't have much of a life
User avatar

Joined: Fri Apr 24, 2009 12:43 pm
Posts: 1798
Location: Manchester
Reply with quote
Hmm, interestingly, on that domain register details page linked to above, there's an email address listed - now, I'm not going to email that, just in case they are a spammer! But, if I put in the last part of that email address into a web browser, opal-solutions.com then I get redirected to the TalkTalk Business website!

Now, what does that tell you?
:roll:

_________________
* Steve *

* Witty statement goes here *


Mon Mar 12, 2012 12:52 pm
Profile
Spends far too much time on here
User avatar

Joined: Fri Apr 24, 2009 8:38 am
Posts: 2967
Location: Dorchester, Dorset
Reply with quote
I suspect someone's running an open relay on their mail server. I'd email talk talk, so they can inform their customer.

_________________
I've finally invented something that works!

A Mac User.


Mon Mar 12, 2012 12:55 pm
Profile
I haven't seen my friends in so long
User avatar

Joined: Tue May 05, 2009 3:29 pm
Posts: 7173
Reply with quote
If you're company's not too large (so that it's free/cost is low) I'd highly recommend Google's Mail solution for private domains, it's exactly like Gmail and the spam filtering is industry-leading in my experience - you would be able to set the spam folder to clear regularly to keep the speed up.

_________________
timark_uk wrote:
That's your problem. You need Linux. That'll fix all your problems.
Mark


Mon Mar 12, 2012 11:19 pm
Profile
I haven't seen my friends in so long
User avatar

Joined: Thu Apr 23, 2009 6:58 pm
Posts: 8767
Location: behind the sofa
Reply with quote
Or if your company is of any size, you could just IP ban at the firewall.

_________________
jonbwfc's law: "In any forum thread someone will, no matter what the subject, mention Firefly."

When you're feeling too silly for x404, youRwired.net


Tue Mar 13, 2012 1:09 am
Profile WWW
What's a life?
User avatar

Joined: Thu Apr 23, 2009 8:25 pm
Posts: 10691
Location: Bramsche
Reply with quote
We get around 25,000 spam emails a day coming down our pipe. :(

You could try blocking, but it is porbably a bot machine on their network and it will move elsewhere, if you block it.

_________________
"Do you know what this is? Hmm? No, I can see you do not. You have that vacant look in your eyes, which says hold my head to your ear, you will hear the sea!" - Londo Molari

Executive Producer No Agenda Show 246


Tue Mar 13, 2012 5:10 am
Profile ICQ
Doesn't have much of a life
User avatar

Joined: Fri Apr 24, 2009 12:43 pm
Posts: 1798
Location: Manchester
Reply with quote
Well, our IT support company has been in and blocked that IP address at the router level and on the Kerio Mailserver software too. They also contacted the company whose IP address it is, Moonraker Books, and they were aware that their email was running slowly but didn't know they had a virus so they said thanks for letting them know!!

Not to self, and others, don't buy anything online from Moonraker Books!

_________________
* Steve *

* Witty statement goes here *


Tue Mar 13, 2012 11:46 am
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 7 posts ] 

Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software.