Sorry I'm not really answering your question but haven't you got outbound port 25 blocked at your firewall by default for anything other than machines you know explicitly require it?
If not it might be something to think about in case anything gets infected in the future? cheers, Paul -- Paul Hutchings Network Administrator, MIRA Ltd. Tel: 44 (0)24 7635 5378, Fax: 44 (0)24 7635 8378 mailto:[EMAIL PROTECTED] > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Tony Nguyen > Sent: 26 May 2006 16:04 > To: Exchange Discussions > Subject: Blacklisted > > Any seem this before. One of or sale guy came back from a trip and his > laptop was infected with maybe a virus I am not sure but it > put a file call > "s2842p03.exe" on the c:\ and when I delete the file it come > back after a > reboot. The next thing I know we were blacklisted by > cbl.abuseat.org. I > think the laptop is sending out multi SMTP packet but not > sure. Anyone know > of a way to track this down and remove it? > > Thank and sorry about the long disclaimer. It just a company policy. > Tony > > [Disclaimer] The receiving party represents and warrants that > no technical data furnished by the disclosing party shall be > exported from the United States without first complying with > all requirements of the International Traffic in Arms > Regulations and the Export Administration Act and regulations > hereunder, including the requirement for obtaining any export > license, if applicable. > > The receiving party shall first obtain the written consent of > the disclosing party prior to submitting any request for > authority to export any such technical data. > > The receiving party shall indemnify and hold the disclosing > party harmless of all claims, demands, damages, costs, fines, > penalties, attorney's fees and all other expenses arising > from failure of the > Receiving party to comply with this clause or the > International Traffic in Arms Regulations and the Export > Administration Act and applicable regulations. > > The receiving party may make the technical data furnished > available only to its employees, contract employees and other > parties working on the program within the receiving party's > facility and having a "need to know" with respect to said > purpose. In connection therewith, the parties shall advise > each such employee, contract employee or other party of its > obligations under this agreement. > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange > To subscribe: http://e-newsletters.internet.com/discussionlists.html/ > To unsubscribe send a blank email to > [EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
