1

I am quite new in server managing, and I have a vps with Centos 6.5 / Plesk 11.5.

My problem is that after having two mail accounts hacked, and used to send spam mail, I now can't send to most parts of the net. I can send to gmail, but yahoo, hotmail and many other get only a connection timed out message.

E790A1167E7     1589 Mon Sep 22 18:29:35  jbk@spotter.gr
(delivery temporarily suspended: connect to mx4.otenet.gr[62.103.147.223]:25: Connection timed out)
                                     yarntex@otenet.gr

These are some headers I can show: 

X-No-Relay: not in my network
Received: from JBKHELLASPC (adsl-217.91.140.34.tellas.gr [91.140.34.217])
    by vps74899.ovh.net (Postfix) with ESMTPSA id 1C96B1167DB
for <a.stavridis@hotmail.com>; Wed, 24 Sep 2014 08:25:01 +0200 (CEST)
From: "Jim Bantanis-Kapirnas" <jbk@spotter.gr>
To: "'Achilleas Stavridis'" <a.stavridis@hotmail.com>
References: <DUB112-W21ED700E61D3C827EDED89F5B00@phx.gbl>
In-Reply-To: <DUB112-W21ED700E61D3C827EDED89F5B00@phx.gbl>
Subject: =?iso-8859-7?B?UkU6IPP17eHt9Ofz5w==?=
Date: Wed, 24 Sep 2014 09:24:59 +0300
Message-ID: <001901cfd7c0$45141370$cf3c3a50$@spotter.gr>
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_NextPart_000_001A_01CFD7D9.6A654310"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQF7ultAGMgQh3d632JmQdcY2ZG4apy4C6Ew
Content-Language: el

The problem did not exist before the hacking.

Please, if I have missed any obvious info I should have included, please let me know.

PS: I flushed the queue.

UPDATE: I have removed the IP from any blacklister list.

peterh
  • 5,017
Jim Bantanis-Kapirnas
  • 113

2 Answers2

2

This has happened to me many times as I handle many email servers. This happens when your IP address is blacklisted.

In case your IP is in a commonly used blacklist you can use mxtoolbox.com to find it and then send a whitelist request to those blacklists.

However with yahoo,hotmail and gmail if they are blocking you because you are in their blacklists you will have to wait a day or two before they allow you to connect to them.

Also make sure you delete any spams left in the mailqueue before proceeding with the whitelisting and also make sure the passwords are strong too.

eranga
  • 164
1

Whenever your server was compromised and starting to pump out a spam flood, then you might consider that everyone is going to blacklist you.

  • For first step, you should stopped the spam flood. Find out what causing it and ensure that this incident will be likely happened again.

  • Then, you can try to send the removal request to public DNSBL such as Barracuda. As other answer said, using mxtoolbox you can check the blacklist quickly.

  • For big provides like Yahoo, Gmail, Hotmail, they have their own private reputation system. So, for this provider you should waiting.

  • The last step is ensuring that your (VPS/ISP) provider doesn't blocking your email traffic. They may receive some abuse complaint from your 'victim' and put your IP in their blacklist.

masegaloeh
  • 18,498