Good afternoon,

Server setup as follows:
- Ubuntu 8.04LTS Fully Upto date
- Plesk 9.5.1 (just upgraded)

Problem:
Server keeps getting added to the CBL blacklist, yet after weeks of trying we cannot ID the problem. We disabled the backscatter which kept the IP off the CBL for 4 days but now is back on again.

We have run a wide range of checks with nothing out of the norm.
RKhunter finds no issues at all (ran from ssh rather than in plesk).

Now a couple of issues that really bug me that may influnce the CBL?

The default server sent from email address is as follows:
anonymous@ip.address kiwi.domain.co.uk (obv ip and domain removed for this post).

Is it possible to change this to something else such as noreply@kiwi.domain.co.uk or kiwi@domain.co.uk for example?

Next thing is that my customer flat out refuses to pay for Spam Assasin, seeing as it is a free product that Plesk are milking customers for with having to buy a whole package of stuff not needed to get the one free application.

Is there any other software available or a work around to get SA working that is proven to work.

Also if anyone can point me in any direction of where to look i would be most gratful.

Here is the CBL Text:
IP Address xx.xxx.xxx.xx currently listed in the CBL. It appears to be infected with a spam sending trojan or proxy.

It was last detected at 2010-04-19 07:00 GMT (+/- 30 minutes), approximately 5 hours, 30 minutes ago.

It has been relisted following a previous removal at 2010-04-14 19:20 GMT (4 days, 17 hours ago)

Regards
Rob.
.