|I am a web developer who has a customer who host's on my virtual server. Over the last two months they have been blacklisted numerous times. Scans ran on the server find nothing. The most recent returned header sent me to cbl.abuseat.org. |
IP Address ##.7#.#8.1#2 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy. (I erased part of the ip)
It was last detected at 2012-04-30 14:00 GMT (+/- 30 minutes), approximately 3 days, 3 hours, 59 minutes ago.
I talked with tech support for my server and so they say that since the ip address belongs to the local machines in their office that one or several of those computers must be infected and must quietly be spamming. Would the mail server people not see this? Is this really possible? NO ONE in their contact lists are receiving anything odd from them.
I want to make sure I return a proper answer to my customer, since we have now been dealing with this for 2 months. Any help would be appreciated.