Blacklisted for spam

Thank you. The problem is that I use my PC on my home network to connect, and it's the IP address of the router that is being rejected. I can't send from my work PC laptop or any machine connected via the router b/c that's the blacklisted address. (Oddly, I can send email to Comcast's mail server through my home email account, but I can't send email to different ISPs that use Spamcop and other blacklists to filter rouge IP addresses. My LAN addresses, of course, aren't seen on the internet.

I know I can re-set my router's MAC address (it's currently using my PB's ethernet MAC address, cloned) and re-boot to get a new and likely different IP address, but if I don't fix the holes, the same problem will likely re-cur.

So, I've been working on a forum on Spamcop to get some technical info and have closed down and eliminated all problems (I think) with the open wireless system and cleared the PC of any problems (none found with a variety of checks - I'm generally pretty careful).

What I haven't yet found, and need to figure out, is how to scan my Powerbook for viruses, spyware, etc. Any help with that? I don't want to request de-listing or change my IP address until I know I've fixed all the likely problems. While I know the Mac isn't likely the source of the problem, I just want to know if/how I can scan it too. Symantec says they have a web-based virus check for Macs, but I haven't been able to get it to work.

Thanks again,
Carl

I do have a router with firewall, and had it quite shut down from the internet. But I left the wireless open as it SEEMED I wouldn't have a problem given my neighborhood, weak signal even within the house, etc. But it seems pretty clear someone was using my connection b/c my two computers on my home network don't have the MAC address I saw. Having seen the odd MAC addresses, how can I check them? I wrote down one and may have seen another before turning on WEP encryption.

As for Symantec, I used to use it (back under OS 7.5.3 or so) but don't anymore on the Mac.

Carl

I did talk to my work ISP (we're a small non-profit with only a dialup and I'm the only IT person - in fact, I'm the only staff!). Basically, they blocked me b/c spamcop and others listed me. My ISP is terrific but they need to protect their own "reputation" so are unlikely to open up to my IP address unless I can assure them I've fixed the problem. I've since checked and my IP address 24.62.250.158 comes up on a number of lists (some b/c I'm on Comcast, some for my specific IP address). Interestingly, since closing up my wireless and posting this, my IP has been dropped from a number of lists and I can now send email via the ISPs email server. That was quick!

Still interested in confirming that my system is clean and not trying to send out spam.

I had already checked several sites including ORDB, but your links are helpful and will likely help anyone else who encounters a similar problem.

I'm pretty sure Comcast isn't blocking port 25, b/c I've done this for a long time without problems, and since closing down my wireless, I've dropped off several blacklists and my ISP is now accepting my email traffic!

In fact, I know they aren't blocking port 25 b/c I can now send mail to my ISP as well as through comcast. And Charles is correct that you pretty much need to change the MAC address on Comcast to get a new IP - that or power off for 30 days or more!

As for changing MAC addresses, I agree it's dicey if you choose one randomly. But when I set up my router, I cloned my laptop's MAC address for the connection b/c I thought I should. I have the router MAC address which I could use instead and ENSURE I don't cause havoc.

Carl

Ah, right you are JulieJulieJulie. So I guess in essence Comcast is preventing users from setting up their own mail servers, so I couldn't open port 25 to traffic if I wanted. Now as I'm thinking about it, I'm not making port 25 mailings. I'm simply sending email directly to my work ISP's port 25 SMTP server directly from a Comcast-owned IP address, and that's where the problem lies. I'm not directly connected to their service, so any foreign mail requests get scanned for blacklisting before they decide whether or not to accept them.

Interestingly, my work ISP only rejects blacklists where individual IPs are listed, and not those that list entire blocks (as SORB and othes do with Comcast IPs). While that allows me to "telecommute" rather easily as far as email is concerned, it seems to me if another Comcast user has allowed their machine to be hijacked as mine appears to have been, then that connection could be used to send out spam via my work email account. I should discuss this with them.