Hi all,
My site is on dedicated server by fasthosts.co.uk.
i get email from host server that my site has been placed on the Spamhaus SBL.
below is the content for that:
>> Web bot: port 80
>> IP address 217.174.241.205: on fasthosts.co.uk/live-servers.net
>> Canadian Pharmacy spammer[s] are using a botnet consisting of
>> compromised systems on which NGINX is installed listening on port 80
>> to proxy their pages unless the system, itself, is making use of that
>> port in which case nginx listend on port 8080. The nameservers
>> resolve hostnames which are spamvertized as port 80 (http://hostname)
>> to IP addresses of systems with nginx listening on port 80 and
>> resolve other hostnames, spamvertized on port 8080,
>> http://hostname:8080, to IP addresses with nginx listening on that port.
>>
>> The nameservers and hosts quickly rotate (double fast-flux) though
>> the nameserver IP addresses listed in the root servers ('glue'
>> records) may not change so quickly.
>>
>> If you know a hostname you can find it at both port 80 and port 8080
>> bots by forcing the resolution.
>>
>> Canadian Pharmacy is running a counterfeit luxury good ('replicas')
>> site along with their pharmacy site at these IP addresses.
>>
>> A currently resolvable (for some reason they seem often to lose
>> domains!) is discountprowatch.com (replicas site, spamvertized on
>> port 80) and a recent (unresolvable) pharmacy hostname is
>> buyviagraworld.com (spamvertized on port 8080). While they have
>> "lost" buyviagraworld.com (there are no nameserver records in the
>> root servers) they have not "retired" it (their nameservers, if you
>> can find them, still resolve it to port 8080 bots and you can find
>> the pharmacy site up by forcing the resolution).Now host support is saying to resolve all issues.
But i don't know what can i do to solve it.
M not aware of server settings.
Please all experts help me out.
Will wait for response.
