on 18-02-2023 10:26
Hi all
I have been posting on here below. Ifor a few week snow and all help especially from ravenstar64 has been much appreciated. I am unable to set up any VM email account and send or forward emails as spamhaus have said that i have a spmbot on my port 25. I use a hp laptop and an iphone 13 pro. Laptop has had a deep dive via maleware and is clean. Spamhaus removed the CSS block yesterday but within 20 mins they had reblocked it saying what ever i have is still there. VM wont help they say its my isse. Ravenstar64 then gave me this post to follow but when i get to instrution 4 to 5 i dont see the capture window that is shwn mine is stll blank , can anyone help?
Searching for Spambots on your network. - Virgin Media Community - 4087596
Answered! Go to Answer
on 28-02-2023 08:04
As an update to this thread - I've been working with @owengriff and managed to help him set up the Wireshark scan on his hotspot and connected his wireless devices to the hotspot. He messaged me this morning.
The culprit appears to be on one of his Firesticks.
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
18-02-2023 11:15 - edited 18-02-2023 11:31
Could there be an SMTP program on your laptop that looks like an open relay ?
Perhaps an external port scan from ShieldsUP or similar might show if the Hub's public IP is exposing an SMTP port.
18-02-2023 12:36 - edited 18-02-2023 12:38
Recently @ravenstar68 mentioned a video showing how to use Wireshark to find spambot here Re: Intermittent SMTP Failure - Virgin Media Community - 5254579. See if that is of help.
Apart from the iPhone and laptop can you confirm there are no other devices on the same network, for example door bells, Amazon Fire Stick, etc?
--
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer and solved, or use Kudos to say thanks
on 18-02-2023 16:54
I have used ravenstars wire shark but can’t get the instructions between 4 & 5 to work. I have 3 fire sticks but have done a sweep on them and they are all clear. No ring doorbell. Have a laptop and iPhones and iPad.
on 18-02-2023 17:20
Can you explain how to do this please
on 18-02-2023 17:22
I will watch the video to see if instructions are any different
thanks
on 18-02-2023 19:45
I believe the video tries to help clarify existing instruction.
Do keep in mind that you can verify Wireshark capture is working from a desktop or laptop device connected to the network being monitored by repeating the telnet command.
on 20-02-2023 08:54
Hi owengriff, thanks for the message and welcome back to the forums.
Can you confirm how it went? Do you still have issues with this?
Kind regards, Chris.
on 20-02-2023 14:56
Hi
yes I posted yesterday to say I still had issues. I cannot set up a new vm email account as Spamhaus is still blocking me. I contacted ravenstar64 for more advice as I followed the wireshark video but I cannot seem to get instruction 4&5 right. I don’t see the capture packet like he does on the video.Spamhaus have said I have the following so I have done scans o 3 fire sticks and all clean. Also a led smart tv is clean so a bit lost now
Thank you for contacting Spamhaus CSS Removals,
The current suspect given the HELO's is ANDROID.
Now, this _could_ be the Virgin Media hotspot (you need to log in to your VM account to opt out of that somewhere.)
Most often, this has been amazon firesticks with dodgy apps.
on 24-02-2023 16:37
Hi all
I have posted a lot recently and thanks for all help but I can’t get some replies and so cannot fix issue. My port 25 is spamming and I followed a video posted by ravenstar64 but I cannot get the scan to work. I cannot set up a new vm email account as Spamhaus is still blocking me. I contacted ravenstar64 for more advice as I followed the wireshark video but I cannot seem to get instruction 4&5 right. I don’t see the capture packet like he does on the video.Spamhaus have said I have the following so I have done scans on 3 fire sticks and all clean. Also a led smart tv is clean so a bit lost now , also not signed up to hotspot.
Thank you for contacting Spamhaus CSS Removals,
The current suspect given the HELO's is ANDROID.
Now, this _could_ be the Virgin Media hotspot (you need to log in to your VM account to opt out of that somewhere.)
Most often, this has been amazon firesticks with dodgy apps.