I hate to type, but here goes.The Boss must have picked up a spamBot virus. Her computer apparently was sending spam crap all over the world. We have Norton antivirus on all 5 of our networked computers. A virus called cutwail spamBot somehow got through our protection. We discovered this when spamhaus.org blacklisted our IP. We read all (most) of their How to get rid of the problem information. We ran Norton full system scan, Microsoft Malicious Software Removal Tool, and Malwarebytes' Anti-Malware on all 5 computers. Nothing showed up so we requested to be de Blacklisted. 30 minutes later we were off the BL! 3 hours later we were back on. Seems none of our anti virus scans found the cutwail. What to do?
Spamhause.org's Composite Blocking List says "If this IP is a NAT firewall/gateway, you MUST configure the NAT to prevent outbound port 25 connections to the Internet except from your real mail servers. Please see our recommendations on NAT firewalls" Everything says block OUTBOUND port 25 but nothing says how. I run a Linksys WRT54G wireless router and think is how I THINK I did it.
Use your browser to log into your router. Tab to Access Restrictions. In the Blocked Services section there are 2 drop down menus with "None" in them. In the top menu select SMTP and port 25 will default. Get out and we were good (So Far!) At this point I Hope this blocked outgoing port 25!
To Summerize:
1) Even with a anti virus software you can get infected.
2) We did not know our situation until we were prevented from sending email (Black Listed) by somebody known as spamhaus.org!
3) To clean up the mess can be a BITCH!
I truely hope this doesn't help any of you, that is, I hope you don't get into this mess.
George