• United States

The accidental spammer

Mar 22, 20043 mins

Ron Nutter shows an IT exec how to clear the name of his mail server, which had been used to send spam without his knowledge and now is on several blacklists

Starting a couple of days ago, users are reporting that messages they send to those outside the company are starting to get returned. They tell me there’s something in the message that says the message was refused because it is considered a possible source of spam. I run a respectable company, so I’m a little confused what this message is telling me. Can you help?

– Via the Internet

It would appear that either your mail server is allowing individuals outside your company to send e-mail using your server or you have an account on the server that has been compromised or hacked into, and is being used to send e-mail. Depending on the mail server software you’re using, there should be some type of checklist that can walk you through the process of making sure your users have to authenticate to the server before they are allowed to send mail. Also, ensure you have the latest updates/patches applied as sometime vulnerabilities are found that could allow someone to use your mail server without your permission.

After you’ve made sure that the mail server and or one or more user accounts are not the source of the problem, the next step will be to examine some of the returned e-mail. Somewhere in the body of the e-mails you should see some reference to which blacklist site is reporting you as a source of spam. Go to that site and follow the instructions to see what the site thinks is your problem. The more returned e-mail you have to work with the easier it will be to figure out the problem.

After going through the server and user checklists, there will be instructions on each blacklist site as to how you can get your mail server removed from the list so you can start sending e-mail again. This process can occur either very quickly or take several hours depending on how often sites are retested as spam sources. Depending on how the site disperses information to the mail servers that use the information, it could be several hours or  more before you find yourself able to send e-mail to the companies rejecting your e-mail. Keep track of the sites you get listed on and check them periodically whenever changes are made to the mail server to catch a problem before it becomes serious.