Email Server blacklisted...

[Sir Asvald]

So I've spent the past 4 days setting up my Exchange Server. I had previous issues with. I found out from someone who I though I trusted to help set up the server while I was away. I knew him for past 9 years... anyway. I get back and I get an email telling that there's Trojan installed with a backdoor (I set it up with the antivirus) The server was used to spam. The server has been taken out of production, wiped and using new drives, not the same old ones. Now it's blacklisted by everyone. My customers are saying that they can send me an email, but I can't.. 

 

What can I do? 

 

[Anghammarad]

7 minutes ago, Abdul201588 said:

So I've spent the past 4 days setting up my Exchange Server. I had previous issues with. I found out from someone who I though I trusted to help set up the server while I was away. I knew him for past 9 years... anyway. I get back and I get an email telling that there's Trojan installed with a backdoor (I set it up with the antivirus) The server was used to spam. The server has been taken out of production, wiped and using new drives, not the same old ones. Now it's blacklisted by everyone. My customers are saying that they can send me an email, but I can't.. 

 

What can I do? 

 

for example go to spamcop website, and check your ip. then file a removal. This takes a few days because they check if there is still spam coming from your IP. 

 

[Sir Asvald]

11 minutes ago, Anghammarad said:

for example go to spamcop website, and check your ip. then file a removal. This takes a few days because they check if there is still spam coming from your IP. 

 

It's not on spamcop. It's blacklisted by Baracuda, Blacklisted by SORBS DUHL and Blacklisted by Spamhaus ZEN

[Sir Asvald]

2 minutes ago, valdyrgramr said:

Call them?

It was working before the server got comprised...before it was spamming..  

 

I'm never letting him come near my network again. 

[Sir Asvald]

5 minutes ago, valdyrgramr said:

I mean call whoever blacklisted it, and explain the situation.

I've requested it on their website.. 

[ITOUTLAW]

You'll have to request that they remove your IPs from the blacklist. We have multiple IPs, so if anything terrible were to happen we would just switch over to a new IP while we sort out the blacklist. 

[ITOUTLAW]

30 minutes ago, Abdul201588 said:

So I've spent the past 4 days setting up my Exchange Server. I had previous issues with. I found out from someone who I though I trusted to help set up the server while I was away. I knew him for past 9 years... anyway. I get back and I get an email telling that there's Trojan installed with a backdoor (I set it up with the antivirus) The server was used to spam. The server has been taken out of production, wiped and using new drives, not the same old ones. Now it's blacklisted by everyone. My customers are saying that they can send me an email, but I can't.. 

 

What can I do? 

 

Is your Exchange exposed to the internet? I would recommend that you use a smart host. Something like: https://www.spamtitan.com

[Sir Asvald]

5 minutes ago, ITOUTLAW said:

You'll have to request that they remove your IPs from the blacklist. We have multiple IPs, so if anything terrible were to happen we would just switch over to a new IP while we sort out the blacklist. 

I've got a static IP. I restart my router to get an IP... Nothing works..  

[Sir Asvald]

5 minutes ago, ITOUTLAW said:

Is your Exchange exposed to the internet? I would recommend that you use a smart host. 

Well it is I'll need to access my server from outside.., everything has been removed from the old server. Scanned the whole network. The Virus has been removed. 

 

EDIT: It seems that I can send emails, they just go to the spam box..  

[CptCarbonat]

Well thats why I don't run my own email server, its just too much trouble. Maybe check again if you are blacklisted somewhere here.

[Chaz042]

5 hours ago, Abdul201588 said:

It's not on spamcop. It's blacklisted by Baracuda, Blacklisted by SORBS DUHL and Blacklisted by Spamhaus ZEN

If you get off every list, give it a few days, it should return to normal in a lot of cases, you're playing the game of propagation now. Below is a list of the pages to get started. Good luck with Spamhaus, I've never had to deal with them but I've heard stories in the past where basically it was extorsion to get your IP(s) removed.

 

Barracuda: http://www.barracudacentral.org/rbl/removal-request

SORBS/DUHL: http://www.sorbs.net/overview.shtml

Spamhaus: https://www.spamhaus.org/sbl/delistingprocedure/

 

Just a heads up, in the future, have a spare system on a different IP block or different ISP where you can do a manual failover in the event something like this happens again. It sounds like you are just starting out but email is the lifeblood of a lot of business, the next time this happens you could lose all your clients.

 

Best of luck.

[Mikensan]

See how much it will cost to buy a new domain name ($10-$20 usually), so if it's example.com see if example.net is available. Use your existing DNS servers (do a transfer) and call it a day. If the IP is static which it sounds like it is, see what it would take to get a new IP. Either to change the IP or buy a small block. Otherwise you'll have to do as @Chaz042 suggests.

 

Guess my last comment from your other thread hit home about it being compromised. Sorry about your luck, email is great when it works and a nightmare when it breaks.

[Sir Asvald]

20 minutes ago, Mikensan said:

See how much it will cost to buy a new domain name ($10-$20 usually), so if it's example.com see if example.net is available. Use your existing DNS servers (do a transfer) and call it a day. If the IP is static which it sounds like it is, see what it would take to get a new IP. Either to change the IP or buy a small block. Otherwise you'll have to do as @Chaz042 suggests.

 

Guess my last comment from your other thread hit home about it being compromised. Sorry about your luck, email is great when it works and a nightmare when it breaks.

Well, the domain I've got is for my business soo.. Yeah. 

[Mikensan]

16 minutes ago, Abdul201588 said:

Well, the domain I've got is for my business soo.. Yeah. 

Literally your company as in you're the owner? Even easier then. Otherwise pitch it to the boss, tell him email addresses will become .net and that customers/clients/who-ever can still send to the .com addresses. Just that the reply will have .net and new emails going forward will have .net. Then just be sure to have the website forward to the .com address.

 

How long can the business afford to tell external people (customers/clients/associates) to check their spam? You could be hammering nails for months. Don't decide on behalf of the boss, offer options.

 

.com/.net are just being used as examples, not sure what your case would/may be.

[Sir Asvald]

32 minutes ago, Mikensan said:

Literally your company as in you're the owner? Even easier then. Otherwise pitch it to the boss, tell him email addresses will become .net and that customers/clients/who-ever can still send to the .com addresses. Just that the reply will have .net and new emails going forward will have .net. Then just be sure to have the website forward to the .com address.

 

How long can the business afford to tell external people (customers/clients/associates) to check their spam? You could be hammering nails for months. Don't decide on behalf of the boss, offer options.

 

.com/.net are just being used as examples, not sure what your case would/may be.

My business. I'm the owner/CEO.  I've got a 3 people starting soon. (Actually friends)  Also, I've had the domain for 3 years. I've been using it for past 3 years and I've decided that we need an exchange server. I've looked at other options. Currently a bit expensive at the moment.

 

 

EDIT: The emails only started to have problems 3 days ago. We've been using a gmail account for now until we get everything sorted out. 

 

[Mikensan]

1 hour ago, Abdul201588 said:

My business. I'm the owner/CEO.  I've got a 3 people starting soon. (Actually friends)  Also, I've had the domain for 3 years. I've been using it for past 3 years and I've decided that we need an exchange server. I've looked at other options. Currently a bit expensive at the moment.

 

 

EDIT: The emails only started to have problems 3 days ago. We've been using a gmail account for now until we get everything sorted out. 

 

Very cool, hope to one day run my own business but we'll see.

 

You wouldn't change your domain, you'd be getting an additional domain specifically for email use if that makes sense. I'm not sure if it's still this way or not, but gmail allows up to 5 email accounts for free with their google.com/a which is now called g suite I think.

[Guest]

12 hours ago, Abdul201588 said:

My business. I'm the owner/CEO.  I've got a 3 people starting soon. (Actually friends)  Also, I've had the domain for 3 years. I've been using it for past 3 years and I've decided that we need an exchange server. I've looked at other options. Currently a bit expensive at the moment.

 

 

EDIT: The emails only started to have problems 3 days ago. We've been using a gmail account for now until we get everything sorted out. 

 

Do away with running your own Exchange server: it's too much of a hassle plus to properly license it, it's quite expensive. 

 

Exchange Online is USD$4 per user per month with support included for shared mailboxes and a 99.9% SLA.

[Sir Asvald]

3 hours ago, Windspeed36 said:

Do away with running your own Exchange server: it's too much of a hassle plus to properly license it, it's quite expensive. 

 

Exchange Online is USD$4 per user per month with support included for shared mailboxes and a 99.9% SLA.

The Exchange license was provided when I downloaded Exchange. It was given to me by my university. I downloaded from Microsoft Imagine. If nothing works, I'll look at other alternatives.

 

 

[Chaz042]

3 hours ago, Abdul201588 said:

The Exchange license was provided when I downloaded Exchange. It was given to me by my university. I downloaded from Microsoft Imagine. If nothing works, I'll look at other alternatives.

 

 

 

Just an FYI, I believe Microsoft Imagine's license forbids the use of its software in a production environment, where a development environment is okay, please check into this! 

[Sir Asvald]

13 minutes ago, Chaz042 said:

Just an FYI, I believe Microsoft Imagine's license forbids the use of its software in a production environment, where a development environment is okay, please check into this! 

I know this... Trust me. There's are ton of people out there using pirated version of Windows... in their place of work.