Search Results

Search found 1256 results on 51 pages for 'spam'.

Page 10/51 | < Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >

  • Exchange 2003 mail non-delivery (NDR), spam activity? events 7002 & 7004

    - by HighTechGeek
    Windows Server 2003 Small Business Server SP2 Exchange Version 6.5 (Build 7638.2: Service Pack 2) This network has been neglected and has been having email problems for years and was on many blacklists. I was called in after the server eventually crashed... I got the server back up and running, but email problems persist. Outgoing mail delivery is sporadic. Sometimes the mail goes through, sometimes a delayed delivery report is generated after a day or more, and sometimes it seems to go through, but the recipient never receives it. Not sure if spammers are successfully using the server as a relay (see event entries below after turning on maximum SMTP logging)... User PCs infected with viruses and server was blacklisted on many sites (I used mxtoolbox.com) I have cleaned all the PCs and changed all passwords (including administrator) I have requested removal from all of the blacklists - most have removed the listing, some take more time. I have setup rDNS pointer records with the ISP (Comcast) - that was one reason for some of the blacklistings. I have tested that it's not an open relay using telnet as described here: www.amset.info/exchange/smtp-openrelay.asp I followed the advise of a Spamhaus & Microsoft article to enable maximum SMTP logging. http://www.spamhaus.org/faq/answers.lasso?section=isp%20spam%20issues#320 which directed me to Microsoft KB article 895853, specifically, the part 2/3 down titled: "If mail relay occurs from an account on an Exchange computer that is not configured as an open relay" . The Application Event Log is filling with this type of activity (Event ID 7002, 7002 & 3018 errors): Event Type: Error Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7004 Date: 1/18/2011 Time: 7:33:29 AM User: N/A Computer: SERVER Description: This is an SMTP protocol error log for virtual server ID 1, connection #621. The remote host "212.52.84.180", responded to the SMTP command "rcpt" with "550 #5.1.0 Address rejected [email protected] ". The full command sent was "RCPT TO: ". This will probably cause the connection to fail. and this: Event Type: Warning Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7002 Date: 1/18/2011 Time: 7:33:29 AM User: N/A Computer: SERVER Description: This is an SMTP protocol warning log for virtual server ID 1, connection #620. The remote host "212.52.84.170", responded to the SMTP command "rcpt" with "452 Too many recipients received this hour ". The full command sent was "RCPT TO: ". This may cause the connection to fail. or a variant of: Event Type: Warning Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7002 Date: 1/18/2011 Time: 8:39:21 AM User: N/A Computer: SERVER Description: This is an SMTP protocol warning log for virtual server ID 1, connection #661. The remote host "82.57.200.133", responded to the SMTP command "rcpt" with "421 Service not available - too busy ". The full command sent was "RCPT TO: ". This may cause the connection to fail. also Event Type: Error Event Source: MSExchangeTransport Event Category: NDR Event ID: 3018 Date: 1/18/2011 Time: 9:49:37 AM User: N/A Computer: SERVER Description: A non-delivery report with a status code of 5.4.0 was generated for recipient rfc822;[email protected] (Message-ID ). Causes: This message indicates a DNS problem or an IP address configuration problem Solution: Check the DNS using nslookup or dnsq. Verify the IP address is in IPv4 literal format. Data: 0000: ef 02 04 c0 ï..À Any guidance and/or suggestions and/or tests to perform would be greatly appreciated.

    Read the article

  • All my emails to Yahoo!, Hotmail and AOL are going to Spam, though I've implemented every validation

    - by Chetan
    Hi, I've implemented everything and checked everything (SPF, DomainKey, DKIM, reverse lookup), and only Gmail is allowing my emails to go to Inbox. Yahoo, Hotmail and AOL are all sending my messages to Spam. What am I doing wrong? Please help! Following are the headers of messages to Yahoo, Hotmail and AOL. I've changed names and domain names. The domain names I'm sending mail from are polluxapp.com and gemini.polluxapp.com. Yahoo: From Shift Licensing Tue Jan 26 21:55:14 2010 X-Apparently-To: [email protected] via 98.136.167.163; Tue, 26 Jan 2010 13:59:12 -0800 Return-Path: X-YahooFilteredBulk: 208.115.108.162 X-YMailISG: gPlFT1YWLDtTsHSCXAO2fxuGq5RdrsMxPffmkJFHiQyZW.2RGdDQ8OEpzWDYPS.MS_D5mvpu928sYN_86mQ2inD9zVLaVNyVVrmzIFCOHJO2gPwIG8c2L8WajG4ZRgoTwMFHkyEsefYtRLMg8AmHKnkS0PkPscwpVHtuUD91ghsTSqs4lxEMqhqw60US0cwMn_r_DrWNEUg_sESZsYeZpJcCCPL0wd6zcfKmtYaIkidsth3gWJPJgpwWtkgPvwsJUU_cmAQ8hAQ7RVM1usEs80PzihTLDR1yKc4RJCsesaf4NUO_yN1cPsbFyiaazKikC.eiQk4Z3VU.8O5Vd8i7mPNyOeAjyt7IgeA_ X-Originating-IP: [208.115.108.162] Authentication-Results: mta1035.mail.sk1.yahoo.com from=example.com; domainkeys=pass (ok); from=example.com; dkim=permerror (bad sig) Received: from 127.0.0.1 (EHLO gemini.example.com) (208.115.108.162) by mta1035.mail.sk1.yahoo.com with SMTP; Tue, 26 Jan 2010 13:59:12 -0800 Received: from gemini.example.com (gemini [127.0.0.1]) by gemini.example.com (Postfix) with ESMTP id 3984E21A0167 for ; Tue, 26 Jan 2010 13:55:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=example.com; h=to :subject:from:content-type:message-id:date; s=mail; bh=bRIHfxE3S e+YeCrIOqziZsiESJA=; b=J+D56Czff+6wGjQycLEvHyT32+06Nngf+6h7Ep6DL SmmJv3ihiAFJIJiPxiwLNpUsOSHhwJYjYQtynbBnag40A6EUBIsucDR+VoEYD+Cc 9L0dV3QD5D77VpG9PnRQDQa91R+NPIt5og9xbYfUWJ1b/jXkZopb0VTM+H9tandM 24= DomainKey-Signature: a=rsa-sha1; c=nofws; d=example.com; h=to:subject :from:content-type:message-id:date; q=dns; s=mail; b=pO5YvvjGTXs 3Qa83Ibq9woLq5VSsxUD5uoSrjNrW9ICMmdWyJpb9oT5byFR9hMthomTmfGWkkh6 3VxtD0hb0HVonN+1iheqJ9QBBOctadLCAOPZV3mfA99XUu7Y0DR2qtkU/UkSe8In 5PENWFbwub88ZsRDiW3hCbNHl+UO8Jsc= Received: by gemini.example.com (Postfix, from userid 502) id 386DE21A0166; Tue, 26 Jan 2010 13:55:14 -0800 (PST) To: [email protected] Subject: Shift License For James Xavier From: "Shift Licensing" Content-type: text/html Message-Id: <[email protected] Date: Tue, 26 Jan 2010 13:55:14 -0800 (PST) Content-Length: 282` Hotmail: X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtTQ0w9Ng== X-Message-Status: n:0 X-SID-PRA: [email protected] X-AUTH-Result: NONE X-Message-Info: 6sSXyD95QpWzUBaRfzf3NMbaiSGCCYGXSczlzLw49r01I25elu3oYM0V2uNa8BV2O7DOiFEeewTBKMtN+PW+ig== Received: from gemini.example.com ([208.115.108.162]) by snt0-mc4-f7.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 26 Jan 2010 13:18:53 -0800 Received: from gemini.example.com (gemini [127.0.0.1]) by gemini.example.com (Postfix) with ESMTP id 9431321A0167 for ; Tue, 26 Jan 2010 13:18:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gemini.example.com; h=to :subject:message-id:date:from; s=mail; bh=DLF0k+uELpY6If5o3SWlSj 7j0vw=; b=nAMpb47xTVh73y6a2rf6V1rtYHuufr46dtuwWtHyFC85QKfZJReJJL oFIPjgEC28/1wSdy8VbfLG1g64W1hvnJjet3rcyv3ANNYxnFaiH5yt3SDEiLxydS gjCmNcZXyiVsWtpv7atVRO/t/Own+oFB9zz/9mj43Bhm4bnZ2cTno= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gemini.example.com; h=to :subject:message-id:date:from; q=dns; s=mail; b=sFpNxlskyz4MYT38 BA/rQ6ZAcQjhy7STkLPckrCDVVZcE4/zukHyARq7guMtYCCEjXoIbVEtNikPC97F cGpJGGZrppTGjx62N0flxG8hvwejiJYnUJF1EIP4JckGWyEI+21vtWLLQ27eegtN fs9OkIQ2iUPC/4u8N1eqiff0VZU= Received: by gemini.example.com (Postfix, from userid 504) id 8ED7221A0166; Tue, 26 Jan 2010 13:18:53 -0800 (PST) To: [email protected] Subject: Testing this Message-Id: <[email protected] Date: Tue, 26 Jan 2010 13:18:53 -0800 (PST) From: [email protected] Return-Path: [email protected] X-OriginalArrivalTime: 26 Jan 2010 21:18:54.0039 (UTC) FILETIME=[29CEE670:01CA9ECD] AOL: X-AOL-UID: 3158.1902377530 X-AOL-DATE: Tue, 26 Jan 2010 5:07:23 PM Eastern Standard Time Return-Path: Received: from rly-mg06.mx.aol.com (rly-mg06.mail.aol.com [172.20.83.112]) by air-mg06.mail.aol.com (v126.13) with ESMTP id MAILINMG061-a1d4b5f6787a4; Tue, 26 Jan 2010 17:07:22 -0500 Received: from gemini.example.com (gemini.example.com [208.115.108.162]) by rly-mg06.mx.aol.com (v125.7) with ESMTP id MAILRELAYINMG067-a1d4b5f6787a4; Tue, 26 Jan 2010 17:07:04 -0500 Received: from gemini.example.com (gemini [127.0.0.1]) by gemini.example.com (Postfix) with ESMTP id 32B3821A0167 for ; Tue, 26 Jan 2010 14:07:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gemini.example.com; h=to :subject:message-id:date:from; s=mail; bh=RL0GLHd3dZ8IlIHoHIhA/U cLtUE=; b=BKg4p3qnaIdFRjAbvUa+Hwcyc6W91v4B4hN95dVymJrxyUBycWMUSC nzKmJ5QllhCYjwO+S7GrRdmlFpjBaK8kt2qmdCyC2UuiDF6xY6MXx/DBF56QpYtZ YDY4kXdiEMSbooH14B4CCPhaCTdC1wCtV0diat3EANCLxSDYAYq5k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gemini.example.com; h=to :subject:message-id:date:from; q=dns; s=mail; b=fDSjNpfWs7TfGXda uio8qbJIyD+UmPL+C0GM1VeeV8FADj6JiYIT1nT3iBwSHlrLFCJ1wxPbE4d9CGl8 gQkPIV6T4TL7ha052nur0EOWoBLoBAOmhTshF/gsIY+/KMibbIczuRyTgIGVV5Tw GZVGFddVFOYgee7SAu0KNFm7aIk= Received: by gemini.example.com (Postfix, from userid 504) id 2D5F521A0166; Tue, 26 Jan 2010 14:07:03 -0800 (PST) To: [email protected] Subject: Testing Message-Id: <[email protected] Date: Tue, 26 Jan 2010 14:07:03 -0800 (PST) From: [email protected] X-AOL-IP: 208.115.108.162 X-AOL-SCOLL-AUTHENTICATION: mail_rly_antispam_dkim-d227.1 ; domain : gemini.example.com DKIM : pass X-Mailer: Unknown (No Version) Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit

    Read the article

  • How do I avoid spam domains pointing to my site or IP

    - by Amol Ghotankar
    I came across an issue where I saw some xyz.com is pointing to mydomain.com. How do I avoid spam domains pointing to my domain? I read some posts about setting my virtual hosts and such, but nothing specific about how to avoid it in the first place. I searched on Google but most answers are for HTTP servers and there are no exact answers for Tomcat 7. I am not using Apache or IIS, but Tomcat directly.

    Read the article

  • SEO Providers - Freelancers, Professionals, Or Spam Artists?

    Again, many of these offers you'll receive look legit enough. They come complete from a real email address, with a realistic name, a real phone number, and all of the other necessary credentials to look respectable. Sure, they're real people on the other end of the line, but unlike most reputable freelancers in the SEO business, these folks have chosen to use dubious tactics (sending mass emails and spam) to thousands and thousands of people in the hopes that one or two follow up and fall into the trap.

    Read the article

  • 'Grum' Botnet Leads Spam Charge

    According to a report by messaging security specialist MessageLabs, spam now accounts for close to 90 percent of all e-mail traffic....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Text after Control Sequence

    - by SPAM SPAM SPAM SPAM
    I am trying to parse the output of a command that expects to be writing to the screen. It has data separated by move-to-origin control sequences (for the VT220, ESC[1;1H). I only need the last part (i.e. after the last move-to-origin). I have tried doing this multiple ways (primarily awk and sed), but the problem is always that parts of the control sequence have special meaning (to the program, not just to the shell), and I cannot quote them when I substitute tput's output. Any suggestions?

    Read the article

  • Bayesian content filter for vbulletin [on hold]

    - by mc0e
    I've been tasked with coming up with a tool to automatically flag some posts for moderator attention on a large vbulletin forum. It's not spam per se, but the task has a lot in common with the sort of handling that might be done by a spam protection plugin (a mod in vbulletin speak). There's only so much I can say, but the task does not involve bad users, so much as particular kinds of posts which the moderators need to be aware of. Filtering out user registrations and links is therefore not useful, and we are talking about posts by real human users. What I'm looking for is an existing bayesian classification plugin, or something that I can study to get an understanding of how to do the vbulletin side of the interface in order to build such a thing. Ie I'd need ways for moderators to list flagged posts, and to correct the classification of posts which have been mis-classified. Ideally I want a 3 way split with an "unsure" category in order to reduce what has to be reviewed to find any mis-classifications. Any pointers? I've searched around a bit, and so far what I've found has been more or less entirely targetted at intervening in sign-ups (mostly using stopforumspam), captchas, and use of external services like akismet which are spam specific. I'm also considering an external solution, which might be ableto be interfaced i

    Read the article

  • Alternative to K9 spam handler?

    - by overtherainbow
    I've been using the free K9 spam handler for a couple of years now, but it hasn't been updated since 2004 and has a couple of bugs that bother me: The Find feature stops at the first e-mail found, and doesn't go further I'd like to copy the list of e-mails marked as either real or SPAM, but K9 only copies the first item in the clipboard For those of you who have researched desktop anti-SPAM handlers under Windows, what do you suggest as an alternative, either free or moderately priced?

    Read the article

  • Configure spamassassin to mark very similar messages as spam

    - by Caleb Gray
    Users on my server have been receiving spam, consistently, for some time now. I have most of spamassassin's plugins enabled, and I have made sure to enable verbose logging, where I can see that all of the plugins are working. Why is it, then, that my users are able to receive the same exact junk mail several times in a day without the message being flagged in some way? Here are the relevant headers of an email that I personally have received several copies of: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on sub.domain.tld X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=4.0 tests=BAYES_50,FSL_HELO_NON_FQDN_1, HELO_NO_DOMAIN,HTML_MESSAGE,RCVD_IN_BRBL_LASTEXT,RDNS_NONE autolearn=no version=3.3.1 Have I accidentally missed the plugin that can see that I, and others, have received the same message multiple times in a short period of time?

    Read the article

  • How to deal with overly aggressive "Link Take Down Demands"?

    - by Eoin
    I've been receiving a large number of emails recently requesting I clean from link spam from my forum. Initially the emails were very polite and professional, and I was happy to remove the links. Recently the email have gotten very abrasive, here is a particularly rude example: From: [email protected] To: [email protected] Hi, This is the second time we are reaching out to you regarding your link to our site hxxp://www.company-two.com from hxxp://www.my-forum.com/some-topic-id. We really do need to remove this link. We have to report to Google any link we were unable to remove, and I wouldn't want to have to include your site in the list. Could you please remove our link from this page and any other page on your site? Thank You, Name Changed Behind the superficial pleasantries I feel there is some very real maliciousness. Note the email address, DMCA Violations, I don't see how the DMCA is involved here, except as a word which tends to strike fear in many people. Also relating to the email address, it doesn't match the company being linked to at all. How am I to trust they are truely operating on behalf of company-two when they don't even use one of it's email addresses. My email is hidden by privacypost. While a service with legitimate uses, I feel it's highly unprofessional for communications between to companies. The claim "This is the second time..." Every email I've received has started like this, but a check of my spam filters has never revealed a 1st mail. Initially I gave them the benefit of the doubt, by now though it's clear this is a cheap ploy to start me off on the defensive. And finally worst of all- the threats of reporting me to Google if I don't do everything they ask. I sent a polite reply asking for more information. I have no idea if the email address was even valid but I never received any response. Much later I got this followup mail From: [email protected] To: [email protected] Hi, This is the final time we are reaching out to you regarding your link to our site hxxp://www.company-two.com from hxxp://www.my-forum.com/some-topic-id. We will soon be reporting to Google any link we were unable to remove, and currently your site will have to be on the list. Could you please remove our link from this page and any other page on your site? I appreciate your urgent attention to this matter. Thank You, Name Changed This time the from address was more personal, though still not obviously connected to the spammed company. Lets be honest, I don't for one second believe that the companies were the victim of a 3rd party spammer as they claim. The links in questions were generated well over a year ago, and I firmly believe the companies were directly responsible for the spam links in question, a type of spam that has plagued my forum. Now they have the audacity to demand I spend my time cleaning up their mess, using threats to ensure they get their way. Have recent changes in Googles algorithms meant all the cash they spent spamming the web has now turned into a liability? If so I can see why these companies are all of a sudden running scared. Frankly, cleaning up my forum is a good things, but the threats they are using sickens me. So my question here is specifically about the threats: Are they vaild, and would such reports to Google destroy my page rankings? Is there a way I can report this abusive behaviour to Google?

    Read the article

  • How can I cut down on this spam, and what is the point of it anyway?

    - by Steven
    I run a small, niche personal ads site. People post ads and then other people reply to them, which sends an email to the original creator of the ad telling them that someone is interested and giving them contact information for that interested person. Lately there's been some weird spam. People are receiving nonsense replies to their ads. Here is an example of one: Name: xkauwvyr Reply: vRYmbI <a href="http://rypmoxdkfblf.com/">rypmoxdkfblf</a>, url=http://pnjlwvhizwbq.com/]pnjlwvhizwbq[/url], [link=http://hmenwoujxrfv.com/]hmenwoujxrfv[/link], http://ogsekuhoyeud.com/ They vary in length and composition but they all look roughly like that. The first idea I had was to simply throw out any reply that contained the string " Also, is this spam just some ass playing a trick on my website, or is it something more malicious?

    Read the article

  • sendmail sending mail to recipients I don’t know of; possible spam host

    - by Quintin Par
    Recently I did an audit of my machine with logwatch and found out that my machine sends around 582 mails everyday. STATISTICS ---------- Messages To Recipients: 582 Addressed Recipients: 582 Bytes Transferred: 444985 Messages No Valid Rcpts: 0 SMTP SESSION, MESSAGE, OR RECIPIENT ERRORS ------------------------------------------ Next day STATISTICS ---------- Messages To Recipients: 153 Addressed Recipients: 279 Bytes Transferred: 8613451 Messages No Valid Rcpts: 0 SMTP SESSION, MESSAGE, OR RECIPIENT ERRORS ------------------------------------------ How can I audit more to find out the email ids to where did is send, program which schedules this etc?

    Read the article

  • Can a Barracuda Spam Filter 300 reject mail based on DNS?

    - by user84104
    Can a Barracuda SF 300 reject mail based on DNS? Specifically can it respond with a 4XX code for mail claiming to be from a domain without a valid MX or A record (similar to postfix's smtpd_sender_restrictions = reject_unknown_sender_domain). If so, how do I set it? (I realize it's probably something simple I've overlooked.) The barracuda can resolve using its configured name servers. The name servers can correctly resolve external domains.

    Read the article

  • How do you prevent spam being sent by your users?

    - by Ernie
    So, for the third time in about two weeks (maybe less), one of our customers has had their password compromised, and a spammer was sending mail with their account using our webmail. As a result, our outgoing mail server has been listed at Spamhaus, and a lot of our outgoing mail is being rejected. I can't think of any way to prevent this from happening (although now our webmail server is using Sendmail instead of SMTP, but that just limits the scope of the problem), yet the big ISPs never seem to have a problem like this.

    Read the article

  • Proper configuration for Windows SMTP Virtual Server to only send email from localhost, and tracking down source of spam emails

    - by ilasno
    We manage a server that is hosted on Amazon EC2, which has web applications that need to be able to send outgoing email. Recently we received a notice from Amazon about possible email abuse on that server, so i've been looking into it. It's Windows Server Datacenter (2003, i guess), and uses SMTP Virtual Server (you know, the one that requires IIS 6 for admin). The settings on the Access tab are as follows: - Authentication: Anonymous - Connection: Only from 3 ip addresses (127.0.0.1 and 2 others that refer to that server) - Relay: Only from 3 ip addresses (127.0.0.1 and 2 others that refer to that server) In the SMTP logs there are many entries like the following: 2012-02-08 23:43:56 64.76.125.151 OutboundConnectionCommand SMTPSVC1 FROM: 0 0 4 0 26364 SMTP - - - - 2012-02-08 23:43:56 64.76.125.151 OutboundConnectionResponse SMTPSVC1 250+ok 0 0 6 0 26536 SMTP - - - - 2012-02-08 23:43:56 64.76.125.151 OutboundConnectionCommand SMTPSVC1 TO: 0 0 4 0 26536 SMTP - - - - 2012-02-08 23:43:56 64.76.125.151 OutboundConnectionResponse SMTPSVC1 250+ok 0 0 6 0 26707 SMTP - - - - ([email protected] is sending quite a lot of emails :-/) Can anyone confirm if the SMTP server settings seem correct? I'm also wondering if a web application on the machine could be exposing a contact form or something that would allow this sort of abuse, looking into that (and how to look into that) further.

    Read the article

  • Sending out spam using Gmail with live spaces links?

    - by FurtiveFelon
    Hey guys, I am puzzled as to how my email can get compromised. As an example, (DON'T click on this address if you are not sure if you are safe: katikaj2Bennetth74.spaces.live.com), that's the only link sent using my account, and it seems that the username is randomly generated. After clicking into it on my linux machine, it seems that the only post is a viagra ad. I have never clicked into any of the links sent by any of my contacts. Anyone know what could be causing this? Thanks a lot! Jason

    Read the article

  • Spam link text when searching for company directors' name

    - by Alex
    It was brought to my attention that if you search for the name of one of our directors (with the intent to find there profile page on our site) They come up as the first link in most search engines as you would expect but the link text is just pure spam. the three search string I have tested on Google, Bing, Ask, and Yahoo have all returned similar results. Here is a list of the search strings: Paolo rossi futex Mark rossi futex Marco rossi futex Dan Goldberg futex Any idea what might be causing this I have searched through as much of the sites code as I can and cant find anything wrong with it.

    Read the article

< Previous Page | 6 7 8 9 10 11 12 13 14 15 16 17  | Next Page >