Recovering from spam resulting from compromised account

• Previous message (by thread): Road Runner route server, AS20001 / 7843
• Next message (by thread): Recovering from spam resulting from compromised account
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello, oh knowledgeable NANOG.

I am the technical lead for network for Pixar. (Note: I am not the
mail admin, he's on vacation.) Yesterday we had an account compromise
that resulted in ~2.5M messages being sent through our two MTAs.

I have acknowledged/closed the two SpamCop incidents, and mail is
starting to flow, slowly, however we are still receiving bounces (some
hard!) and I am looking for assistance in getting Pixar's IPs cleared
from the blacklists.

I was pointed to:

http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a12.25.180.66
http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a12.25.180.94

Which shows we're still listed on Backscatterer and SPAM Cannibal.

Also had reports that we're still seeing bounces to Gmail, Comcast and
Yahoo accounts.

What can we do to speed things along? We have a ticket open with Gmail
folks since we have a studio who uses Gmail for Corporate mail. Any
Comcast or Gmail SMTP contacts on NANOG that can help? Would love to
get all out stuck mail out of these folks' MTAs.

Or do we need to just remove ourselves from the last two blacklists at
mxtoolbox?

Thanks,
David Sotnick
--
Pixar
Emeryville, CA

• Previous message (by thread): Road Runner route server, AS20001 / 7843
• Next message (by thread): Recovering from spam resulting from compromised account
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]