Calling computer nerds...

This is a discussion on Calling computer nerds... within the Off Topic & Humor Discussion forums, part of the The Back Porch category; I'm having the weirdest computer problem I've ever run across. If you don't have a very in-depth background with computers, don't bother reading this. I ...

Page 1 of 2 12 LastLast
Results 1 to 15 of 22

Thread: Calling computer nerds...

  1. #1
    Senior Member Array Pete Zaria's Avatar
    Join Date
    Nov 2007
    Location
    Pacific Northwest
    Posts
    737

    Calling computer nerds...

    I'm having the weirdest computer problem I've ever run across.
    If you don't have a very in-depth background with computers, don't bother reading this.

    I know this is a gun-oriented forum but I didn't get any replies on my usual IT forum, so I thought I'd C&P this here. I know there are a few other network administrators on this forum.

    A little background info:

    I'm a network administrator, self-employed for a small IT consulting firm in the Seattle, WA area. I'm Cisco and A+ certified, and I'd like to think I know what I'm doing

    The Problem:

    For the last few days, on my home network, I've been receiving a generic SMTP error when I try to send email through my primary account (hosted on Site5).

    Anyone that's self employed knows the following feeling: By the time I get home from work every day, the *last* thing I want to do is troubleshoot MY network. So I've been doing it in bits and pieces for the last few days.
    I tried reinstalling my mail client (Thunderbird), double-checking all of the mail settings, tried alternate ports, tried checking my firewall (and router, which is actually a Linux box but hey) for blocked traffic... Finally I gave up and called Site5 and asked what was up.

    They then informed me that my IP address has been blacklisted for spamming.

    My jaw dropped.

    I have five machines running at my home IP address, which is provided to me via Comcast, a 12 megabit cable connection I cough up $50 a month for. I have two Linux boxes and three Winblows boxes, of which 2 are always on.

    My first inclination was "Holy cow, maybe one of the boxes here has a virus/spyware/etc... problem and is broadcasting email without my knowledge".
    So I checked. Thoroughly. I checked startup lists, config files, ran HiJackThis (great tool if you're not familiar with it), even WireShark'ed some traffic.

    It's all squeaky clean. I even read through a few dozen pages worth of traffic logs, and I see nothing remotely spam-like.
    I know my wifi is not being abused by war-drivers; I'm running WPA2 with rotating keys and MAC authentication, and I checked the router logs just to be sure.

    Before I call Comcast and ask them to change my IP address, or call Site5 and tell them that they're insane, does anyone have an idea for anything I may have overlooked?

    Thanks for your time

    Peace,
    Pete Zaria.
    Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it is the only thing that ever has.
    - Margaret Mead


    "Booger Hook Off the Bang Switch" - unknown

  2. Remove Ads

  3. #2
    Senior Member Array PaulJ's Avatar
    Join Date
    May 2008
    Location
    Florida
    Posts
    616
    can you post logs?
    I never considered a difference of opinion in politics, in religion, in philosophy, as cause for withdrawing from a friend. (Thomas Jefferson)

  4. #3
    Senior Member Array Pete Zaria's Avatar
    Join Date
    Nov 2007
    Location
    Pacific Northwest
    Posts
    737
    Quote Originally Posted by PaulJ View Post
    can you post logs?
    Which logs? Router logs, firewall logs, system event logs?

    Peace,
    Pete Zaria.
    Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it is the only thing that ever has.
    - Margaret Mead


    "Booger Hook Off the Bang Switch" - unknown

  5. #4
    Senior Member Array PaulJ's Avatar
    Join Date
    May 2008
    Location
    Florida
    Posts
    616
    whatever logs you have that show the error (mail logs, system logs should do) ;-) maybe a link to a tcpdump file with a connection attempt?
    I never considered a difference of opinion in politics, in religion, in philosophy, as cause for withdrawing from a friend. (Thomas Jefferson)

  6. #5
    Senior Member Array Pete Zaria's Avatar
    Join Date
    Nov 2007
    Location
    Pacific Northwest
    Posts
    737
    I think I just found the problem.

    Checking my modem logs, my IP was changed (by Comcast's DHCP system) several days ago, around the same time the problem started.

    I think, by chance, whoever had this IP address before I got it, had been broadcasting spam and was blacklisted by Site5 (and probably other hosts). When the IP's changed, I got this one assigned by random, and through some bad luck....

    I'll call Comcast and ask for a new IP and report back.

    Peace,
    Pete Zaria.
    Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it is the only thing that ever has.
    - Margaret Mead


    "Booger Hook Off the Bang Switch" - unknown

  7. #6
    Senior Member Array PaulJ's Avatar
    Join Date
    May 2008
    Location
    Florida
    Posts
    616
    i you got a dynamic IP, try this:
    - turn off the modem (remove power cord)
    - change the mac address of the system connected to the modem
    - turn off that system
    - turn the modem back on
    - power up the system
    depends a bit on the system you are on with comcast. It may also help if you configure the comcast mail server as a your "smarthost" to relay all your mail through.

    To check if you are blacklisted anywhere: mailradar.com/rbl
    (or relays.osirusoft.com/cgi-bin/rbcheck.cgi)
    I never considered a difference of opinion in politics, in religion, in philosophy, as cause for withdrawing from a friend. (Thomas Jefferson)

  8. #7
    Senior Member Array Pete Zaria's Avatar
    Join Date
    Nov 2007
    Location
    Pacific Northwest
    Posts
    737
    I already hard-reset my modem twice and was issued the same IP each time.

    I'll check out that mailradar site now, thanks.

    I'm on hold with Comcast as we speak.

    Peace,
    Pete Zaria.
    Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it is the only thing that ever has.
    - Margaret Mead


    "Booger Hook Off the Bang Switch" - unknown

  9. #8
    New Member Array sph33r's Avatar
    Join Date
    Apr 2008
    Location
    Michigan
    Posts
    7
    FWIW .. I always get the same IP from Comcast. They say it's dynamic but I've had a dyndns account pointed at this IP for 7 months and it's never changed. I imagine they're going to have to do something on their end to have their DHCP server hand you a new IP.

  10. #9
    Senior Member Array Pete Zaria's Avatar
    Join Date
    Nov 2007
    Location
    Pacific Northwest
    Posts
    737
    Confirmed:

    Comcast changed my IP and the problem went away. I think my theory was correct, the previous owner of this IP address was spamming, or had a virus that was broadcasting spam.

    What a weird and unlucky problem to run across.

    Thanks, guys.

    Peace,
    Pete Zaria.
    Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it is the only thing that ever has.
    - Margaret Mead


    "Booger Hook Off the Bang Switch" - unknown

  11. #10
    Member Array doobie's Avatar
    Join Date
    Dec 2007
    Location
    New Hampster
    Posts
    233
    Check your sendmail(or other mail server logs), if you had an open mail server someone else might have used it to spam from it.... depending on which service blacklisted you it could be anywhere from easy, to not worth your trouble to un-blacklist your IP addr.
    Criminals For Gun Control
    Brady's Campaign Pro-Gun Forum

    Member: NRA, PG-NH, GO-NH
    Life Member: JPFO, GOA
    Clubs: LF&GC

  12. #11
    Ex Member Array FN1910's Avatar
    Join Date
    Aug 2007
    Location
    SC
    Posts
    1,235
    Quote Originally Posted by Pete Zaria View Post
    I think I just found the problem.

    Checking my modem logs, my IP was changed (by Comcast's DHCP system) several days ago, around the same time the problem started.

    I think, by chance, whoever had this IP address before I got it, had been broadcasting spam and was blacklisted by Site5 (and probably other hosts). When the IP's changed, I got this one assigned by random, and through some bad luck....

    I'll call Comcast and ask for a new IP and report back.

    Peace,
    Pete Zaria.
    Saved me a post as I just read this. That is the first thing I though of. I have a static IP address on my home account so if I get blacklisted I am in trouble. I wonder why your IP was changed if you didn't log off. Normally even if you log off and back on within a reasonable time (couple of hours) you usually get the same IP back. Of course with the cable companies they may change the entire class without warning and reason. Did I mention I hate Time Warner and AOL.

  13. #12
    Senior Member Array PaulJ's Avatar
    Join Date
    May 2008
    Location
    Florida
    Posts
    616
    your IP may change at any time. Some operators (e.g. Comcast) usually don't change it, other change it daily. But even Comcast will change your IP at times if they re-organize the network. E.g. they may be short of IPs in some area or they add a new address block to yours.

    If you have a home based business, and are reasonably computer literate, checkup the Comcast business plan. Its a bit more expensive, but has options like multiple static IP addresses. Service is much better in my experience. You typically have a truck in front of your door in a couple hours and you get to talk to the next level tech support right away.
    I never considered a difference of opinion in politics, in religion, in philosophy, as cause for withdrawing from a friend. (Thomas Jefferson)

  14. #13
    Senior Member Array dnowell's Avatar
    Join Date
    Aug 2007
    Location
    USA
    Posts
    587
    The ideal way to avoid this kind of problem in the future is to relay your mail through someone who you pay for that service. Also you should consider a backup MX service if you don't have one already, in case your DSL goes down, so that undeliverable mail gets delivered once the connection comes back up. Shouldn't have to cost a whole lot unless you get and send tons of mail.

  15. #14
    Senior Member Array Pete Zaria's Avatar
    Join Date
    Nov 2007
    Location
    Pacific Northwest
    Posts
    737
    Quote Originally Posted by dnowell View Post
    The ideal way to avoid this kind of problem in the future is to relay your mail through someone who you pay for that service. Also you should consider a backup MX service if you don't have one already, in case your DSL goes down, so that undeliverable mail gets delivered once the connection comes back up. Shouldn't have to cost a whole lot unless you get and send tons of mail.
    I don't think you understand; I do pay a host (Site5) to host my POP3 and SMTP servers; I do not host them at home for exactly the reason you mentioned.

    Thanks for the input, everyone.

    It was a weird, one-in-ten-thousand problem, and I should have thought of it before.

    Peace,
    Pete Zaria.
    Never doubt that a small group of thoughtful, committed citizens can change the world. Indeed, it is the only thing that ever has.
    - Margaret Mead


    "Booger Hook Off the Bang Switch" - unknown

  16. #15
    Senior Member Array dnowell's Avatar
    Join Date
    Aug 2007
    Location
    USA
    Posts
    587
    Gotcha - I thought you were hosting it yourself - sorry about that.

Page 1 of 2 12 LastLast

Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Calling all computer (Apple) experts--I have a question
    By DM2 in forum Off Topic & Humor Discussion
    Replies: 5
    Last Post: April 20th, 2010, 06:16 AM
  2. Computer help anyone?
    By XD in SC in forum Off Topic & Humor Discussion
    Replies: 29
    Last Post: May 6th, 2009, 02:22 AM
  3. Puter nerds only!
    By P95Carry in forum Off Topic & Humor Discussion
    Replies: 12
    Last Post: January 21st, 2008, 02:20 PM
  4. DC nerds unite!
    By SIXTO in forum Off Topic & Humor Discussion
    Replies: 46
    Last Post: June 18th, 2007, 09:23 AM
  5. Nerds
    By Bumper in forum Off Topic & Humor Discussion
    Replies: 0
    Last Post: August 31st, 2004, 01:24 AM