Lena Posted March 28, 2016 Posted March 28, 2016 Stevie got into the CBL blacklist (and as a consequece info the widely user ZEN blacklist):http://www.abuseat.org/lookup.cgi?ip=65.19.143.2IP Address 65.19.143.2 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet. This IP is infected (or NATting for a computer that is infected) with the smtpauth spambot. In other words, it's participating in a botnet.That means that some user's password was stolen and used for spamming. How to detect and block stolen passwords automatically in Exim:https://github.com/Exim/exim/wiki/BlockCracking
wolstech Posted March 28, 2016 Posted March 28, 2016 Thanks for the report. Escalating so we can get this cleaned up.
Krydos Posted March 29, 2016 Posted March 29, 2016 IP Address 65.19.143.2 is not listed in the CBL. It was previously listed, but was removed at 2016-03-29 00:36 GMT (2 hours, 24 minutes ago)
Recommended Posts