Spamhaus tells me that the last detection was 3 days ago and says " The observed forged HELO identification was skoj.tc.rcwh.ruujlkeqfqzoi.com."
I have downloaded Wireshark and run a trace on my laptop and on the network as a Hotspot as suggested but there have been no results
What else can I do?
I have a PC and a laptop (both Windows 10), two phones and two tablets (Android) on the network. Defender, Avast AV and Spybot have failed to find anything but the previous posts suggest that is not unusual.
When following the instructions did you also do the part where you set you PC or laptop as a hotspot and connect you mobiles wireless to the hotspot, as if the PC comes up clean then there is something else that is causing the triggering of the spam detection on SpamHaus.
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
Yes, I followed the advice, set up the Hotspot, connected all the Android devices and ran Wireshark again. It was running for a few hours but would it detect anything if the last Spamhaus detection was 3 days ago?
I've also checked to see if any new Apps have been installed recently that might be causing a problem and can find none
My IP Address was removed from Spamhaus last week and Outlook functioned perfectly. The problem has now returned and, checking Spamhaus, I find the my IP is listed in CSS for Wednesday Sept 16 at 18:52 and listed in CBL for Friday Sept 18 at 08:55.
The puzzle is: I have been away from Tuesday, Sept 15 until today, Friday Sept 18 at around 17:10. During my absence, the PC and laptop have been switched off and the phones and tablets have been away from the house. The only thing left connected to the router is my HIVE controller for the central heating. Could this be causing the problem?
The September 16 listing disappeared shortly after my last post and everything worked well until it was blocked again on Monday 28 Sept. Spamhaus now says that the last detection occurred September 27 2020 at 13:37 (UTC). It also says - "The observed forged HELO identification was pjul.mwk.ttnlg.qpwdyzwirdozci.com." if that helps.
I can get round the problem using a VPN but, clearly, it is not a long term solution and any help you can give would be appreciated.
We've updated the lists again so this shouldn't be a problem anymore. We are still investigating how we can avoid this sort of thing in future though. Please do let us know if you continue to have issues!
Many thanks, I'd noticed that I was no longer blocked on Spamhaus and Outlook was working satisfactorily. All non essential devices have been disconnected from the network for now so will reconnect one by one to see if there are any further problems. Steve