[vcf-midatlantic] OT: help needed with network problem
William Dudley
wfdudley at gmail.com
Mon Mar 28 14:25:22 UTC 2022
This has naught to do with vintage computers, but I need help,
and this audience likely has one or more folks who can help.
I run my own mail server; I have for many years.
Lately, spamhaus.org has blocked me for ONE suspect
email from my network.
Here is ALL the bad activity from my IP for the last three months:
(IP address, timestamp (UTC), and HELO string)
98.109.205.15 2022-03-28 10:15:00 instructure.com
98.109.205.15 2022-03-15 08:05:00 instructure.com
98.109.205.15 2022-01-21 16:10:00 localhost
It's a funny kind of malware that sends two messages 15 days apart.
I can't figure out where it's coming from, and my knowledge of
iptables and tcpdump is insufficient to do the following jobs:
1. figure out where this bad email is coming from
2. block port 25 outbound at my firewall except from
the ONE machine authorized to send email.
I am willing to PAY for help with this.
Email me if you think you can help and would like to try.
Thanks,
Bill Dudley
This email is free of malware because I run Linux.
More information about the vcf-midatlantic
mailing list