Lunarpages Web Hosting Forum

Author Topic: Comilla SMTP blocked by Spamhaus  (Read 2462 times)

Offline turula2

  • Spaceship Navigator
  • *****
  • Posts: 93
  • Peter in DG
Comilla SMTP blocked by Spamhaus
« on: September 14, 2015, 08:43:43 AM »
Outgoing message gets reply:
Connections will not be accepted from 74.50.7.240, because the ip is in Spamhaus's list
74.50.7.240 is camilla
How do we get spamhaus to allow camilla?

Offline MrPhil

  • Senior Moderator
  • Berserker Poster
  • *****
  • Posts: 6429
Re: Comilla SMTP blocked by Spamhaus
« Reply #1 on: September 14, 2015, 10:44:20 AM »
Report it to support: email to abuse@lunarpages.com or open a regular support ticket.
Visit My Site

E-mail Me
-= From the ashes shall rise a sooty tern =-

Offline turula2

  • Spaceship Navigator
  • *****
  • Posts: 93
  • Peter in DG
Re: Comilla SMTP blocked by Spamhaus
« Reply #2 on: September 14, 2015, 10:51:40 AM »
Yes, I've done both.  The reason I posted this here was to find out if other users have had the same problem.  I also called tech support and found out they were already aware of the problem, so maybe the Spamhaus listing it's already cleared.

Offline km99

  • Pong! (the videogame) Master
  • *****
  • Posts: 21
Re: Comilla SMTP blocked by Spamhaus
« Reply #3 on: September 17, 2015, 07:11:25 PM »
You can check yourself by going here:

http://www.spamhaus.org/query/bl?ip=74.50.7.240

where you will find:

Quote
74.50.7.240 is not listed in the SBL
74.50.7.240 is not listed in the PBL
74.50.7.240 is not listed in the XBL

Many people don't understand that these problems occur through having compromised web sites. It all happens automatically, via 'bots', and suddenly you're sending out emails left right and centre. The (not so) recent revslider wordpress vulnerability was a good example. You must keep patching up to date!

All the best.

Offline turula2

  • Spaceship Navigator
  • *****
  • Posts: 93
  • Peter in DG
Re: Comilla SMTP blocked by Spamhaus
« Reply #4 on: September 17, 2015, 08:15:06 PM »
I have no idea what you mean by "these problems occur through having compromised web sites."  What does my website have to do with other Lunar Pages customers on camilla sending out massive bulk email?  I don't think LP would like me to patch their server.

Offline km99

  • Pong! (the videogame) Master
  • *****
  • Posts: 21
Re: Comilla SMTP blocked by Spamhaus
« Reply #5 on: September 18, 2015, 12:37:59 AM »
I should have said "having compromised web sites on the same server" i.e. not necessarily your domain.

The point that I was trying to make was that it's mostly compromised accounts that send out loads of emails, not usually LP customers doing it deliberately.

And you're wrong, LP definitely encourages users to actively keep their installations updated and patched. If you don't, you are inviting trouble from these automated attacks that take advantage of security vulnerabilities in the software, then essentially take over your account (though you might not even notice).

Actually, the ones that send out thousands of emails are easy to spot. The smarter ones only send out a few at a time, then pause, sometimes for days, then send another batch.

Co-incidentally I see that Camilla is due for an upgrade on 23rd:

http://www.lunarforums.com/hosting-server-bulletins/apache-php-and-mysql-upgrade-scheduled-for-multiple-shared-servers

and you are specifically asked to make sure your scripts are up to date to avoid problems with the new software versions.


All the best.
« Last Edit: September 18, 2015, 12:54:44 AM by bakdong »

Offline turula2

  • Spaceship Navigator
  • *****
  • Posts: 93
  • Peter in DG
Re: Comilla SMTP blocked by Spamhaus
« Reply #6 on: September 18, 2015, 09:05:24 AM »
I don't know what "keep their installations updated and patched" means with respect to my kind of domain website.  All I have is simple html files with some very minimal java scripts, and 3 or 4 perl script files.  So I don't see what there is to be updated or patched.

Offline MrPhil

  • Senior Moderator
  • Berserker Poster
  • *****
  • Posts: 6429
Re: Comilla SMTP blocked by Spamhaus
« Reply #7 on: September 18, 2015, 11:04:23 AM »
The vast majority of site exploits are against canned software (whether commercial or free). Hackers seek out WordPress etc. sites and attack known deficiencies in older versions. That's why it's so critical to keep such installations up to date. They will even throw exploits against a wide range of software, hoping that something will get through. If yours is totally homebrew, hackers won't know what to attack or exploit, so you're a bit safer. However, a hacker may be able to guess an exploit based on common programming errors. so you're never totally safe. You need to be aware of common exploits and hacks, and check your code that it isn't vulnerable.
Visit My Site

E-mail Me
-= From the ashes shall rise a sooty tern =-