Hi Santosh...
The reson that I am in the Spamhaus CBL / CSS databases is because my PC is infected...
They have made it clear that I need to resolve the problem on my machine before this matter can be effectively resolved.
Can you please escalate this to senior members of your team, as it is becoming increasingy clear to me that your team is not understading the situation.
I attach for your further information, an extract from the communication received from CSS who have now refused to unblock my machine... The extract below is designed to help you identify the problem.
A device (likely to be a computer or mobile phone), that is using your IP is infected, insecure or compromised. It is making SMTP connections to Spamhaus systems on port 25, with forged HELO values. There is a proxy installed on a device - an Android mobile or a Windows computer - that is using your IP to send spam DIRECTLY to the internet via port 25.
If you run your own mailserver, it is NOT your mailserver !
Consider the implications of a malicious proxy being active on your network: Spam is
what WE see coming from it, but proxies can be used for all sorts of malicious activities,
and they are inside your firewall.
Please close port 25 and secure your network and device(s).
The observed forged HELO identification was 2d1PO8BO.mokitmkoqzrh.yN72u2cYA0D.
The last detection occurred at : November 20 2020, 14:59 (UTC timezone, +/- 1 minute)
What should be done about it ?
The device that caused this issue should be found and cleaned. We recognize that this is
often not an easy task. The following information may help:
We are seeing some mobile devices turned into spam proxies as a result of installing heavily monetized or unofficial/sideloaded apps. Spamhaus has a WiFi and Home Networks FAQ with tips and links to help in this situation.
Preventively blocking port TCP 25 outbound on your router or gateway will prevent these listings, but will not fix the underlying problem.
Calling your ISP or taking your machine to a competent tech support service might also be useful.
I hope that the above extracts are useful to you... The example sources of infection above have removed refereces to wifi doorbells, servers, office environements etc...as we do not have any of these.
I look forward to your further response... and suggestions as to how this issue can be resolved.