Important: when posting, please provide your Club Number at a minimum, and as many details as possible.
For further info, please read This page before posting.

Sudden spam problem

kerint
Topic Author
Offline
New Member
Posts: 14
Thanks: 4

Re: Sudden spam problem

6 years 9 months ago

#75203

OH right I forgot you requested code formatting. I pulled headers from 3 others if you want to compare. Here's one. I thought it might be toward the bottom of this where it says Received: from glidewife.icu ([70.96.202.4]). Could that be it?

Code:

Received: from BN3NAM01HT181.eop-nam01.prod.protection.outlook.com
 (2603:10b6:5:177::22) by DM5PR0101MB2988.prod.exchangelabs.com with HTTPS via
 DM6PR02CA0045.NAMPRD02.PROD.OUTLOOK.COM; Wed, 29 May 2019 21:40:04 +0000
Received: from BN3NAM01FT048.eop-nam01.prod.protection.outlook.com
 (10.152.66.54) by BN3NAM01HT181.eop-nam01.prod.protection.outlook.com
 (10.152.67.175) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1922.16; Wed, 29 May
 2019 21:40:03 +0000
Authentication-Results: spf=pass (sender IP is 50.19.253.65)
 smtp.mailfrom=toastmastersclubs.org; outlook.com; dkim=fail (body hash did
 not verify) header.d=toastmastersclubs.org;outlook.com; dmarc=pass
 action=none header.from=toastmastersclubs.org;
Received-SPF: Pass (protection.outlook.com: domain of toastmastersclubs.org
 designates 50.19.253.65 as permitted sender) receiver=protection.outlook.com;
 client-ip=50.19.253.65; helo=toastmastersclubs.org;
Received: from toastmastersclubs.org (50.19.253.65) by
 BN3NAM01FT048.mail.protection.outlook.com (10.152.66.124) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id
 15.20.1922.16 via Frontend Transport; Wed, 29 May 2019 21:40:03 +0000
X-IncomingTopHeaderMarker: OriginalChecksum:57306BA8721987974A141438AC97F385498270C1E926E1FA00EDCB466D4B064A;UpperCasedChecksum:62AD6308B8BF864717AF9F6F368AFBB4BE55D7993072179A8F5741CE91E72D12;SizeAsReceived:2008;Count:19
Received: from localhost.localdomain (toastmastersclubs.org [127.0.0.1])
	by toastmastersclubs.org (8.14.4/8.14.4) with ESMTP id x4TLe3bB028775
	for <KERIN'S EMAIL@ outlook.com>; Wed, 29 May 2019 21:40:03 GMT
Message-ID: <201905292140.x4TLe3bB028775@toastmastersclubs.org>
Received: from glidewife.icu ([70.96.202.4])
	by toastmastersclubs.org (8.14.4/8.14.4) with ESMTP id x4TLdwHE028723
	for <OUR CONTACT US EMAIL@ toastmastersclubs.org>; Wed, 29 May 2019 21:40:01 GMT
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=mail; d=glidewife.icu;
 b=je9QNLT5JGlXLjAfqLwbyTETfffwGz2ysGPRkol8kL30ZtjomEfH67OlNzhBp/bMudo1NG/Z8sD1
   NW5rvSchBSPVpanjpmi6RpbegkOfPxQoQAAgSIp1PD0P94NOjsP+TDJRx/zKT4dK/9apiiUdIYIb
   YZJnQHLRxT/1GZPRgZ0=;
Date: Wed, 29 May 2019 16:32:52 -0500

The topic has been locked.

SteveTheTechie
Offline
Emeritus
Posts: 11492
Thanks: 3057

Re: Sudden spam problem

6 years 9 months ago - 6 years 9 months ago

#75207

I think you are probably correct. Brian can add a block for a range of IP addresses in the FTH server firewall config.

(Hoping Brian chimes in here.)

Last edit: 6 years 9 months ago by SteveTheTechie.

The topic has been locked.

Brian
Offline
Administrator
Posts: 11374
Thanks: 3722

Re: Sudden spam problem

6 years 9 months ago

#75211

Originating IP are

Received: from steamjury.icu ([70.96.202.5])

Received: from glidewife.icu ([70.96.202.4])

They have been blocked

Thank you,

Brian McDonald DTM
Silver and Wiser Online Toastmasters Club #777940

Technical Support Consultant for FreeToastHost

The following user(s) said Thank You: SteveTheTechie, kerint

The topic has been locked.

kerint
Topic Author
Offline
New Member
Posts: 14
Thanks: 4

Re: Sudden spam problem

6 years 9 months ago

#75335

Thank you both so much for your help with this issue, and for all you do. And thank you for teaching me how to find th originating IP! I hate to jinx anything, but the problem seems to have subsided. Nothing new since you blocked these. Fingers crossed! Have a great day!

Kerin

The following user(s) said Thank You: SteveTheTechie

The topic has been locked.

Moderators: Brian, Heni, Pam, rhtaylor3, marc33, NotLiable, NSB, jgavin, Lcala305, peterb323, DebbieT

Time to create page: 0.139 seconds

Powered by Kunena Forum

Latest Forum Posts

- ToastHost mailing list failure (officers alias)
- In Public Forums / Support Requests
- by Brian
- 1 hour 43 minutes ago
- Club 1187454 site is down
- In Public Forums / Support Requests
- by LisaBurnside
- 1 day 4 hours ago
- Software Error - cannot access our site
- In Public Forums / Support Requests
- by Brian
- 1 day 4 hours ago
- Club #7939477 website is down
- In Public Forums / Support Requests
- by Brian
- 1 day 4 hours ago
- Cannot Access FTH
- In Public Forums / General Discussion
- by Brian
- 1 day 4 hours ago