MX Toolbox blacklist consultants report a significant upward trend in the number of mass mailer worm infections leading to blacklisted mail servers. These infections are spewing third party spam from legitimate mail servers and landing businesses on email blacklists.
This is a perfect illustration of the symptom-cause paradigm. According to a Sr. Consultant, “When we speak with people who are getting email bounce backs, they believe that their problem is the blacklist, when in fact it is not. The blacklist issue is usually just a symptom of a deeper problem- open relay, virus/botnet infection, etc.”
Currently, the most common root cause is worm infection. Administrators have to bear in mind that the blacklist problem will continue to occur unless and until the worm or other root cause is fixed. They must also be vigilant, as threats change almost daily.
In the case of the worm infection, administrators have two options- find and remove the worm, which can be next to impossible; or, use a better email filtering and security service to keep the bad stuff off of your network and to neutralize any of it that may altready be there.