Email crisis!

There is no a/v on the machine that I am currently using.

I conducted some tests a short while ago... Here is what I then sent to justhost, as an update on my Ticket...

---

I have tried to send emails from my client and webmail now.

All of the emails sent via webmail arrived.

Four emails were sent through my client, Thunderbird: two solo emails and two including CC addresses. One of the solo emails has arrived, so far.

Amongst all of the test emails were four, with typical Spam-like keywords in the Subject line; two through webmail and two through my client. None of these have arrived, whether sent back to my own address or to an external webmail service.

---

I have tried emailing my address from an external webmail service, trying the same Spam-in-the-Subject approach and they have not reached me.

I'm sure that it is some strange anti-Spam anomoly.
 
As an addendum to my last reply...

I have now had communication from an email user on my domain who is now receiving multiple bounced emails, dated some time back, to addresses that he is not familiar with.

The user is reporting messages in the emails stating the maximum number of emails per hour has been exceeded.

No users of this domain send anywhere near this number of emails per hour, at any hour. We are all private users.

Server config' error? Pooling the max' permissable email sends for a shared server, perhaps?
 
The host has notified me that one of the email users on my domain has a compromised account. It is apparently sending out approximately 420 emails per hour, to unknown addresses.

This, apparently, is why I am also having trouble; because the mail server sending limit is being breached.

I have changed the password for the user in question, so now I'm waiting to see what becomes of my woes...
 
This problem persists...despite the user with the compromised account being offline for days now.

Random emails sent from my account make it and as for incoming emails, I have no idea.

This has now dragged on for weeks and has cost me countless jobs and sales. FFs. :(
 
You need to firstly make sure that the compromised account is no longer sending spam and then find out which rbl's have blacklisted your server/domain and systematically clear the blacklists. Almost all mail servers check against one or more rbl's and will simply reject mail from blacklisted servers. Often they won't even bounce the mail, but just silently ignore it.
 
Merlin said:
This problem persists...despite the user with the compromised account being offline for days now.
Click to expand...

When you say offline, what do you mean exactly? Is his machine offline? Because it is obviously possible for his machine to be infected and it simply being turned on can result in all these mails being sent.
 
gfmalan,

I'm pretty much living out of a bag, in another part of the world, at the moment, so I'm in no state to think about handling the logistics involved with moving servers. :(

eddie,

That user and his machine have been physically offline for days now.

garp,

Would Blacklistlisting explain the randomly disappearing email? Do excuse my newb' ignorance, but what is an RBL and how how on earth do I go about clearing one, please?

Thanks for your help, everybody.
 
An RBL is a real time black list. It is a list of IP addresses that are known to send spam. There are a few known providers of these lists such as SpamCop, Barracuda, Spamhaus etc..

The server you're hosting on was likely listed when the user on your domain was compromised and sent the spam emails. It can take some time for your host to remove and manually clear their IP from blacklists. When an email is received by a server it would do a check on the IP, find it in an RBL and bounce the email, hence the bad delivery rates of your emails.

Have you looked at using an alternative SMTP provider? If you'd like drop me a PM, we can assist as we run a SpamExperts email cluster for incoming & outgoing email.
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X