New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
About Spamming Report
I got abuse request
Good afternoon,
Your Ip address (x.x.x.x) is actually listed on UCEPROTECT
You can check it with the form available on their website : http://www.uceprotect.net/en/rblcheck.php
Thank you to take the necessary action to stop all the spam sending as soon as possible.
Feel free to contact Online.net technical assistance for more information
Online.net Abuse service
But I did not install any mail server or application that send email on my server. Was anyone in same situation? Any help are appreciated.
Comments
Lol every IP is on that extortion racket. Major fail, online.net
Maybe they just don't want you as a customer anymore?
@jarland my experience has been UCE level 1 listing generally is a leading indicator of spammers on our network and most times we'll pickup a primary RBL listing days to a week later. I've yet to see a false positive. Their portal tells you the exact date of the incident. If it's a UCE level 2 it's likely someone on your subnet triggered enough level 1 alerts to light up the entire subnet.
@tneilvn i would carefully check your process list for anything you don't intend to be running. Keep in mind you don't need an MTA daemon to send mail.
You can setup an iptables rule to catch smtp outgoing (check all three ports) and have it count connections. You can also check lsof/netstat in realtime for connections.
I'll concede to that, but Level 3 is such an extortion racket that I throw the baby out with the bathwater. I simply don't trust them because of that. No abuse complaints, no evidence provided, attempted shakedown for cash.
Yeah, some years ago whole UPC ranges and romtelecom were listed in Romania because dynamic ranges were infected with various trojans and the provider ended up on level 3. They changed the methods a bit since then and things got much better.
Level 1 is real spammer, I have yet to find a false positive too.
For OP, check if you have a webserver with wordpress or similar, those get infected and are used as proxy to send spam.
UCEPROTECT detects real spam no doubt about that, the issue and scam is when you want to delist from them.
I'll believe that when I see sample emails from an IP on their level 3 list
They once wouldn't delist me as long as I had multiple A records for a hostname (PTR matched on all, I'm a rebel). Then I grew smarter and realized it didn't matter, they don't even matter lol
I think I'll switch to OVH