R: google is my primary outgoing server, then swampdancer.com. Good to know. K: Will check out JED, once again. Got a call into my host. S On 5/17/12 1:16 PM, B. Kimo Lee wrote: > ** Be sure to fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > > > Hi Stacy, > > As suggested below, visit Spamhaus.org <http://Spamhaus.org> and have > them remove your IP from the blocklist. It could be due to other > infected virtual hosts on the same IP, but you ought to have your host > do a malware scan on your domain files, anyway. And they ought to be > made aware of their IP being on the blocklist. > > Script kiddies probe sites for vulnerable scripts/extensions > constantly. I do Joomla hardening for clients, and recovery for "new" > clients. Search on the JED for "SQL Injection" and/or "XSS > vulnerabilities", or "LFI " (local file inclusion). > > Best, > Kimo > > AZURELINK :: "Simply Connected!" > ------------------------------------------------------------------------------- > Web Site Design & Scalable, Managed Web Hosting > Joomla! Content Management System Implementation > eCommerce Development > ------------------------------------------------------------------------------- > 321 Main Street, Suite 4 > Amherst, MA 01002 > (413) 549-2020 > For more information, please visit: www.azurelink.com > <http://www.azurelink.com> > Follow Azurelink on Twitter: http://twitter.com/azurelink > ------------------------------------------------------------------------------- > > > > > > On May 17, 2012, at 11:23 AM, Rich Roth wrote: > >> ** Be sure to fill out the survey/skills inventory in the member's >> area. >> ** If you did, we all thank you. >> >> >> Stacy, >> you better look closer at how you send and receive email - you are >> not sending via gmail - you are sending via your web site (hosting >> service) >> >> 174.127.119.210 is the IP for www.swampdancer.com >> <http://swampdancer.com> >> >> host www.swampdancer.com >> www.swampdancer.com is an alias for swampdancer.com. >> swampdancer.com has address 174.127.119.210 >> swampdancer.com mail is handled by 0 swampdancer.com. >> >> Rich >> >> On 5/17/2012 9:01 AM, Stacy Kontrabecki wrote: >>> >>> >>> >>> My stacy at swampdancer dot com emails, which I run through my gmail >>> account, keep getting blocked. Outgoing server is through >>> smpt.googlemail.com. The latest message is below. Apparently "IP >>> Address 174.127.119.210*is listed*in the CBL. It appears to be >>> infected with a spam sending trojan or proxy." per >>> http://cbl.abuseat.org/lookup.cgi?ip=174.127.119.210 >>> >>> I actually have no idea how to resolve the core problem, despite the >>> directions at the weblink above. Do you? I don't know who/where >>> 174.127.119.210 is. This is not the IP on my Mac when I look it up >>> in settings. Could Thuderbird be doing something? Help! >>> Stacy Kontrabecki, MBA >>> MA Lic. Forester #311 >>> FSC and ISO 9001 Consultant >>> www.swampdancer.com >>> >>> +1 (413) 625-9203 office >>> +1 (413) 834-3423 mobile >>> >>> >>> -------- Original Message -------- >>> Subject: Mail delivery failed: returning message to sender >>> Date: Thu, 17 May 2012 06:44:12 -0600 >>> From: Mail Delivery System <Mailer-Daemon at slmp-550-7.slc.westdc.net> >>> To: stacy at swampdancer.com >>> >>> >>> >>> This message was created automatically by mail delivery software. >>> >>> A message that you sent could not be delivered to one or more of its >>> recipients. This is a permanent error. The following address(es) failed: >>> >>> e.crumley at us.fsc.org >>> SMTP error from remote mail server after RCPT TO:<e.crumley at us.fsc.org>: >>> host mail.global.frontbridge.com [213.199.180.150]: >>> 550 5.7.1 Service unavailable; Client host [174.127.119.210] blocked using Spamhaus Blocklist, mail from IP banned; To request removal from this list seehttp://www.spamhaus.org/lookup.lasso. >>> >>> ------ This is a copy of the message, including all the headers. ------ >>> >>> Return-path:<stacy at swampdancer.com> >>> Received: from c-75-69-117-82.hsd1.ma.comcast.net ([75.69.117.82]:52141 helo=Stacy-Kontrabeckis-MacBook-Pro.local) >>> by slmp-550-7.slc.westdc.net with esmtpsa (TLSv1:AES256-SHA:256) >>> (Exim 4.77) >>> (envelope-from<stacy at swampdancer.com>) >>> id 1SV03v-002owt-1S >>> fore.crumley at us.fsc.org; Thu, 17 May 2012 06:44:11 -0600 >>> Message-ID:<4FB4F299.4000609 at swampdancer.com> >>> Date: Thu, 17 May 2012 08:44:09 -0400 >>> From: Stacy Kontrabecki<stacy at swampdancer.com> >>> Organization: Swampdancer Resources >>> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 >>> MIME-Version: 1.0 >>> To:e.crumley at us.fsc.org >>> Subject: Re: Q: move to credit based product group >>> References:<4FB3E1B9.1050109 at swampdancer.com> >>> In-Reply-To:<4FB3E1B9.1050109 at swampdancer.com> >>> Content-Type: multipart/alternative; >>> boundary="------------010606080405050701050600" >>> >>> This is a multi-part message in MIME format. >>> --------------010606080405050701050600 >>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >>> Content-Transfer-Encoding: 7bit >>> >>> >>> >>> >>> >>> No virus found in this message. >>> Checked by AVG - www.avg.com <http://www.avg.com/> >>> Version: 2012.0.2176 / Virus Database: 2425/5004 - Release Date: >>> 05/16/12 >>> >> >> >> -- >> Rich Roth >> Webmaster/Steering Committee Member >> Hidden-techhttp://www.hidden-tech.net >> The Talent you need is right here, >> Join and share your skills >> ((Sponsored by Thrives Media)) >> _______________________________________________ >> Hidden-discuss mailing list - home page: http://www.hidden-tech.net >> Hidden-discuss at lists.hidden-tech.net >> <mailto:Hidden-discuss at lists.hidden-tech.net> >> >> You are receiving this because you are on the Hidden-Tech Discussion >> list. >> If you would like to change your list preferences, Go to the Members >> page on the Hidden Tech Web site. >> http://www.hidden-tech.net/members > > > > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech Discussion list. > If you would like to change your list preferences, Go to the Members > page on the Hidden Tech Web site. > http://www.hidden-tech.net/members -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.hidden-tech.net/pipermail/hidden-discuss/attachments/20120517/7c8a92c2/attachment.html