Jump to content

Help! Mail from x.x.x.x refused, see RBL server bl.spamcop.net


Norman

Recommended Posts

There are two smtp anti-spam appliances for receiving the internet mailsin my company, RBL(real-time blackhost list) function is enabled to include 'bl.spamcop.net' for checking the sender's mail address.

however, our appliance couldn't receive some internet email with error 'Mail from x.x.x.x refused, see RBL server bl.spamcop.net', I checked against the refused email's sender address which should not in the blacklist. And my company's domain is not in the blacklist as well.

So, my question is why the bl.spamcop.net will refuse those the mail sent from a non-blocking sender list. I would be appreciated if someone have an advice. Thank you.

Link to comment
Share on other sites

First up - the SCbl works on IP addresses, not domains. You need to give specific details (IP addresses involved, how you checked the SCbl) to the Deputies - deputies[at]admin.spamcop.net. If you care to post that detail here one of we, the volunteers might be able to assist but we have no record of past listings, if that is actually a factor so we're limited in what we can do to help you.

Link to comment
Share on other sites

...So, my question is why the bl.spamcop.net will refuse those the mail sent from a non-blocking sender list. I would be appreciated if someone have an advice. Thank you.
Sorry, previous post was a bit rushed. On reflection, it seems like you haven't a clue how the SpamCop blocklist works do you? That's OK, just that we anticipate a certain amount of familiarity or, if not, some homework being done (hence the "Read this before you post" clues, the Wiki, the FAQs, etc.).

Anyway, hold off on contacting the Deputies, let's just assume for the moment that the bl is working as intended - as it very nearly always does. The IP address you carefully 'X'd out in your post is the key. If the rejection message was accurate (not always the case) entering that quad number at http://www.spamcop.net/bl.shtml will show if the IP address is on/still on the bl. If it is, the only way a message from that source will get through filtering involving the SCbl would be to whitelist your correspondent - so mail from his/her email address bypasses the blocking part of your filtering. Which (email address), as said, has nothing to do with the SC blocklist. Hundreds, thousands even of individuals could share the IP address and one or more of them would be machines used by one or more heavy duty spammers (owner may not even be aware). The other side of the coin, nearly all spam uses forged (but real) email addresses on a rotating basis.

And if your own server is listed that should have no effect on your ability to receive mail (unless you have a broken sort of setup). It will make a difference trying to send from a blocklisted server however. Again it is the IP address address used for outwards mail is the key - which might or might not be the one shown at http://www.danasoft.com/

Waiting for clarification if you need more help.

Link to comment
Share on other sites

I think Farelf explained it pretty well. It would help if you would explain also why you think the sender's emails should NOT be tagged as spam.

The scbl is a very aggressive blocklist. Because it lists the IP address, other senders from that IP address who are not sending spam are also blocked. It is recommended that the scbl be used to tag suspected emails rather than block them.

IMHO, it is a good idea to block them because the sender gets a message that the IP address he is using also has someone at that IP address who is spamming (or his computer is compromised). It is only the *sender* who can stop spam. If the sender is an end user, then he can contact his service provider and find out why the email service he is paying for is unreliable. If the service provider is unresponsive, then the *sender* needs to complain more loudly or use another email service. That would go a long way toward making service providers more responsible about allowing spam to leave their network.

Another point of semantics that might help you to understand how blocklists work. You are blocking email based on the list of IP addresses provided to you by spamcop (the scbl). Blocklists list certain IP addresses based on certain criteria - they are your tools to use to help filter spam rather than creating blocklists on your own. Knowing what the criteria are for creating the list helps the user of the list decide whether, or how, to use it.

Server admins use a combination of blocklists generally because of those different criteria in building the blocklist. Using spamcop alone is not very good at filtering spam. However, it does identify the IP addresses that are /currently/ sending spam. Since I am not a server admin, I don't know how it works exactly, but my impression is that an incoming email goes through a series of checks. If it gets past the zombie list and some of the more conservative spam lists at the server level, then it gets checked against spamcop (because spam sources are listed more quickly by spamcop) and spamvertized website list and maybe some other lists or content filters which tag it as spam, and then it is compared to the customer's whitelist. Even if it has been tagged as spam, then it will be delivered to his inbox. If it doesn't pass that series of checks, it is either dumped or sent to a junk mail folder (Held mail in the spamcop email system).

Miss Betsy

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...