Recovering from spam resulting from compromised account

• Previous message (by thread): Recovering from spam resulting from compromised account
• Next message (by thread): Recovering from spam resulting from compromised account
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/21/12, Suresh Ramasubramanian <ops.lists at gmail.com> wrote:
> Wait it out as in - you had better examine your mail queues and purge them
> of any of the spam that was sent and is still queued up.
>
> It'll still take a day or two after that's done for the blocks to subside.

The majority of blocking should in most cases, eventually clear up
after spamming stops, and you can work out delisting with the common
RBLs, using URLs in the bounce response;   the general rule is 72
hours, after there is a complete stoppage of bad traffic, and you
completed these steps:  you wipe all bad messages from queues, make
certain spam has completely stopped,  ensure dilligent 24 hour
monitoring,  and then proper delisting is requested from any common
blocklists that a lookup was available on.

It may be impossible for you to clean out some blocklist entries, or
you may have a limited number of "reset requests" available, that take
effect after 24+ hours,  E.g.  CSI.

For some blocklists,  entries autoexpire after 7 days or longer and
don't take manual requests, or some blocklists require a fee for
delisting requests,  and blocklist entries might otherwise be
permanent.    You can inspect bounces and raise the issues with
blocking providers on a case-by-case basis;   it is unlikely  you
reach someone at Google or Yahoo who will manually intervene.


You can also lookup various Hosted spam filtering services,  there are
some large trusted providers, that will provide an outgoing spam
filtering  option,  by using their servers as a smarthost,  you
offload mail deliverability issues to your service provider;  in
exchange, inbound/outbound spam filtering services typically charge
something  such as $12/mailbox.


Changing your outgoing IP address of SMTP mail to your service
providers,  or  rerouting mail towards servers blocking you, through a
different local mail relay,  may provide a temporary quick fix that is
faster than waiting a few days until "spam extermination",
on your current mail server is fully acknowledged.


> On Thu, Nov 22, 2012 at 7:59 AM, Dave Sotnick
> <sotnickd-nanog at ddv.com>wrote:
>> Thanks Matthew. Sadly, most of the bounce responses have URLs that
>> point you to a help page that doesn't have further contact information
>> or just tells you to wait it out.

--
-JH

• Previous message (by thread): Recovering from spam resulting from compromised account
• Next message (by thread): Recovering from spam resulting from compromised account
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]