Hi i'm new to this forum and hoping that i am posting in the correct place

i'm not to sure how these things worked, im pretty sure that Spamcop have told my ISP that i have been spamming and they have deactivated my server...is this correct?

basically i received an email from my ISP that they had been sent from Spamcop

i have completed all the fields and queries and am now waiting for my server to be reactivated

can anyone tell me the timescale of this please?

will my ISP not reactivate me without Spamcop's say so

how did this work?

all help greatly appreciated and let me know if you need anymore information

thanks in advance

There are FAQs a-plenty that will tell you how spamcop works. Your server is not on the SCBL and there are no rteports (either human or spamtraps) listed against it. Please post the text of the email from your ISP: it may be that SpamCop is not involved at all.

http://www.spamcop.net/w3m?action=checkblo...p=66.96.251.170
66.96.251.170 not listed in bl.spamcop.net

http://www.senderbase.org/senderbase_queri...g=66.96.251.170
Hostname: server1.kiddfectious.com
Volume Statistics for this IP
Magnitude Vol Change vs. Last Month
Last day ...... 0.0 .. N/A
Last month .. 4.2

Slow traceroute 66.96.251.170
Trace 66.96.251.170 ...
66.28.4.234 RTT: 51ms TTL:170 (te4-3.ccr01.phl03.atlas.cogentco.com probable bogus rDNS: No DNS)
38.112.240.34 RTT: 50ms TTL:170 (hostnoc.demarc.cogentco.com probable bogus rDNS: No DNS)
64.191.116.246 RTT: 187ms TTL:170 (core.sctn01.volumedrive.com probable bogus rDNS: No DNS)
* * * failed
* * * failed
* * 66.96.251.170 RTT: 51ms TTL: 49 (server1.kiddfectious.com ok)

Fetching http://66.96.251.170/ ...
GET / HTTP/1.1
Host: 66.96.251.170
HTTP/1.1 200 OK
Date: Wed, 15 Apr 2009 11:47:17 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Last-Modified: Wed, 01 Apr 2009 19:41:18 GMT
Apache is working on your cPanel^&reg; and WHM™ Server</h1>
<p>If you can see this page,

http://www.spamcop.net/sc?track=66.96.251.170
Parsing input: 66.96.251.170
ISP believes this issue is resolved 66.96.251.170
ISP believes this issue is resolved: 66.96.251.170 - no date available

Partial list of the last 90 days of Reports sent out against that IP Address.

Submitted: Monday, April 06, 2009 3:12:27 PM -0500:
MOU at Sankeys this Friday check out exclusive footage
4008890123 ( http://www.kiddfectious.com/presspack/mou/eflyer ) To: abuse[at]burst.net
4008890119 ( http://www.kiddfectious.com/mou ) To: abuse[at]burst.net
4008890107 ( http://www.djalexkidd.com/pommo/user/login.php ) To: abuse[at]burst.net
4008890098 ( http://www.djalexkidd.com/pommo/user ) To: abuse[at]burst.net
4008890082 ( 66.96.251.170 ) To: abuse[at]burst.net
-------------------
Submitted: Thursday, March 26, 2009 10:35:07 AM -0500:
De Puta Madre this Saturday at Area 51 w/ Yousef
3975224705 ( http://www.new.facebook.com/group.php?gid=45587... ) To: spamcop[at]facebook.com
3975224704 ( http://www.djalexkidd.com/pommo/user/login.php ) To: abuse[at]burst.net
3975224703 ( 66.96.251.170 ) To: nomaster[at]devnull.spamcop.net
-----------------------
Submitted: Thursday, March 26, 2009 6:01:22 AM -0500:
Kiddfectious Recordings forthcoming releases, KF005 and KFX0
3974444945 ( 66.96.251.170 ) To: abuse[at]burst.net
----------------------------------
Submitted: Tuesday, March 24, 2009 6:56:09 PM -0500:
Kiddfectious Recordings forthcoming releases, KF005 and KFX0
3970087224 ( http://www.djalexkidd.com/pommo/user/login.php ) To: abuse[at]burst.net
3970087223 ( 66.96.251.170 ) To: nomaster[at]devnull.spamcop.net
------------------------
Submitted: Monday, March 23, 2009 6:47:41 AM -0500:
spam-LOW: Chaos Theory Tour
3965169428 ( 66.96.251.170 ) To: abuse[at]burst.net
----------------
Submitted: Friday, March 20, 2009 3:25:06 PM -0500:
Chaos Theory Tour
3958082321 ( http://www.chaostheorytour.com/ ) To: abuse[at]dreamhost.com
3958082320 ( http://www.djalexkidd.com/pommo/user/login.php ) To: abuse[at]burst.net
3958082319 ( 66.96.251.170 ) To: abuse[at]burst.net
------------------------
done copying stuff

No idea what your ISP asked you to do, fill in, whatever. Timescale is whatever your ISP decides. FAQs exist, a Wiki wxists, Dictionary, Glossary, in addition to countless other Topics and Discussion already in place. What exactly did you not find explained? How about starting with a look at What is SpamCop.net?

The way spamcop works is that reporters send copies of spam to spamcop. Spamcop has software called a parser that finds out what IP address sent the spam and sends a report to the abuse department of that IP address. The parser also looks at the websites advertised in the spam and sends a report to the web host. Your ISP decided that the spam came from your computer and forwarded the report to you.

If there is enough spam coming from an IP address, the IP address is added to the spamcop blocklist. ISPs use this blocklist to filter spam; some ISPs will actually block any email from that IP address. Spamcop does not make a blocklist of websites that are advertised in the spam. Other blocklists do list websites advertised in spam.

We do not know what fields and queries you have completed. The questionnaire you completed probably came from your ISP.

The IP address you have given is not listed on the spamcop blocking list. It has a 'good' listing in senderbase.

Your ISP does not want to be listed on the spamcop blocklist so they have cut your connection to the internet until you correct whatever caused the spamcop report.

At this point, we do not know whether your computer is infected with a trojan that is sending spam without your knowledge or whether you were sending unsolicited email to people advertising your website. You cannot buy lists of addresses.

This matter is between you and your ISP. People here might be able to help you understand what your ISP is asking you to do if you ask specific questions.

Miss Betsy

Hello, sorry you are having problems. I'm not sure that what you say is correct, however.

First of all, just to be clear, it wasn't SpamCop that deactivated your server -- it can't do this, only your ISP can do this. So, as Miss Betsy notes, it is ultimately between you and your ISP as to whether and when your server will be back online.

We don't know much about your situation because you haven't told us much. Based on the info that Wazoo uncovered, it appears that someone sent unsolicited mail promoting websites at your address. At least one of the recipients of the message filed a report via SpamCop, and this report reached your ISP, which (if what you say is correct) suspended your server.

Actually, I find that the links to this address uncovered by Wazoo actually work and point to live sites. Are these your sites? They seem no longer to be blocked.

Your address is NOT on the SpamCop blocking list, which means that it has not been spotted sending actual spam mailings (which is a good thing). This also means that there is little that SpamCop by itself can do about your problem.

If you are still blocked, you need to find out from your ISP exactly why you are blocked (e.g., "you sent spam mail," or "your website was advertised via spam," etc.) and what they expect you to do in order for them to unblock you.

-- rick

From the information available it seems that server1.kiddfectious.com is being reported sending out information about Kiddfectious eg: 'Kiddfectious Recordings forthcoming releases, KF005 and KFX0' So there's a direct link between the server and the content. So I think we can rule out trojans, open wireless networks and other similar security concerns.

So on the assumption that Kiddfectious is a legitimate service (and this is the OP's business) then it would look like some recipients are receiving stuff they think they didn't request.

So that would point to

a badly configured mailing list which allows other folks to subscribe a different person to the list
a mailing list where the OP has neglected to get permission to add recipients or the OP has presumed consent which evidently doesn't exist
recipients have forgotten that they signed up for the mailing list and have started to report this list
one of the many other reasons why folk might consider the these Emails to be spam.

Still presuming that the OP is Kiddfectious, I'd say that the Email list needs to be cleaned out and started with properly consenting recipients.

Andrew

Seems like a sound analysis to me. Other data -
nslookup, MX

Non-authoritative answer:
kiddfectious.com MX preference = 0, mail exchanger = kiddfectious.com
kiddfectious.com internet address = 66.96.251.170 (which is also server1.kiddfectious.com and ns1.kiddfectious.com)

According to DomainDossier, SMTP (mail) outgoing on port 25 is inactive for that domain (other services are fine, including mail inwards). Disabling outwards mail is apparently the action of the provider - as others have said.Exactly. Alternatively, if consenting subscribers have been mistakenly/maliciously misreporting material as spam that needs to be shown and it would then be they who are censured (having the vague notion that not all business competitors might be entirely scrupulous) and THAT would be a SC action.

I note there is provision for subscription on the kiddfectious.com website. Just what is the process from that point, when the "Subscribe" button is pushed?