Good morning
I am not a network expert by any means but really need some help. Our IP Address has been added to the Spamhaus Project blacklist. Please see results below;
XX.XXX.XX.XXX is listed in the CSS
A device (computer, server, mobile phone, etc), or an app on a device that is using your IP address is infected, insecure or compromised. It is making SMTP connections with forged HELO values on port 25. We very strongly advise securing your router/firewall to deny any outbound packets on port 25, except those coming from any email servers (if any) on your local network. Remote sending of email to servers on the Internet will still work if web-based, or configured properly using port 587 with SMTP-AUTH
XX.XXX.XX.XXX is listed in the XBL
A device (computer, server, mobile phone, etc), or an app on a device that is using your IP address is infected, insecure or compromised. It is making SMTP connections with forged HELO values on port 25.
The observed forged HELO value was ..
I have spoken with my ISP but they are not able to set our router to deny outbound traffic on port 25. I therefore need to establish which device is sending these spam messages via port 25.
Any help would be greatly appreciated!!
