I just had a message that I sent using "smtp.cesmail.net" blocked by a provider using the Barracuda Networks technology. Here's the error:

5.1.0 - Unknown address error 554-'Service unavailable; Client host [c60.cesmail.net] blocked using Barracuda Reputation; http://bbl.barracudacentral.com/q.cgi?ip=216.154.195.49'

According to the Barracuda URL:

The IP address 216.154.195.49 is listed in the Barracuda Reputation System as "poor" as of 05/05/08 10:43:42 PST.

So I did a lookup on the OpenRBL, where there was a listing at the "LashBacks Unsubscribe Blacklist." So I tried delisting there and it said:

"This IP was delisted before. To delist this IP again, please email delist[at]lashback.com with the IP address that you wish to remove from the blacklist."

Also, according to the CompleteWhois RBL lookup, the IP was recently listed at TQMCube, but I think that listing expired.

I did a lookup in the SpamCop reporting history and found a lot of potential backscatter hits, like this:

Submitted: Friday, May 02, 2008 7:39:11 PM -0700:
Delivery Status Notification (Failure)

* 3078160525 ( 216.154.195.49 ) To: mailsys[at]admin.spamcop.net

So, it seems that someone whose computer is permitted to use the outbound SMTP is spewing out junk that's affecting the reputation of the IP (the senderbase stats show an alarming 248% increase in the last day), and we're starting to have our messages blocked.

I just sent the following alert to JT:

Received: from c60.cesmail.net (localhost [127.0.0.1])
by barracuda.1.uofdn.org (Spam Firewall) with ESMTP id 418F6A8A91
for <=redacted=@uofdn.org>; Mon, 5 May 2008 14:22:55 -0700 (PDT)
Received: from c60.cesmail.net (c60.cesmail.net [216.154.195.49]) by barracuda.1.uofdn.org with ESMTP id 3IN09np9B42ZtFtI for <=redacted=@uofdn.org>; Mon, 05 May 2008 14:22:55 -0700 (PDT)
Received: from unknown (HELO delta2) ([192.168.1.50])
by c60.cesmail.net with ESMTP; 05 May 2008 13:59:18 -0400
Received: from 62.32.32.77 ([62.32.32.77]) by webmail.spamcop.net (Horde
MIME library) with HTTP; Mon, 05 May 2008 12:59:11 -0500
Message-ID: <20080505125911.q66nbabr40ssg8cs-jrergrqql[at]fcnzpbc.arg[at]webmail.spamcop.net>
Date: Mon, 05 May 2008 12:59:11 -0500
From: Joseph Poon <=redacted=@yahoo.cn>
Reply-To: =redacted=@hotmail.com
To: undisclosed-recipients:;
Subject: [BULK] BUSINESS PROPOSAL
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.1.4)

MR.JOSEPH POON
HANG SENG BANK LTD.
83, Des Voeux Road,
Central HK,
Hong Kong.
Dear Friend,
My name is Joseph Poon, I work with HANG SENG BANK, HONG KONG.I have a
Business Proposal of ($22,400,000.00) for you to handle with me from my
bank.I will need you to assist me in executing this Business Project
from Hong Kong to your country. I need to know if you will be able to handle
this with me before I explain to you in details ? Should you be interested
please send me your full names,private phone/fax and current residential
address and finally after that I shall provide you with more details of this
operation.You can contact me via this email: =redacted=@hotmail.com
Kind Regards
Joseph Poon
=redacted=@hotmail.com


Received: from c60.cesmail.net (c60.cesmail.net [216.154.195.49])
by barracuda.assistguide.net (Spam Firewall) with ESMTP id 7307F33A4B
for <=redacted=@actsinc.net>; Mon, 5 May 2008 09:08:14 -0500 (CDT)
Received: from unknown (HELO epsilon2) ([192.168.1.60])
by c60.cesmail.net with ESMTP; 05 May 2008 10:08:15 -0400
Received: from 81.199.149.98.ipplanet.com (81.199.149.98.ipplanet.com
[81.199.149.98]) by webmail.spamcop.net (Horde MIME library) with HTTP;
Mon, 05 May 2008 09:08:10 -0500
Message-ID: <20080505090810.yaxz6dicgg84okks-jrergrqql[at]fcnzpbc.arg[at]webmail.spamcop.net>
Date: Mon, 05 May 2008 09:08:10 -0500
From: ECOWAS/SHELL DONATIONS 2008 <=redacted=@walla.com>
Reply-To: =redacted=@hotmail.com
To: undisclosed-recipients:;
Subject: Congratulations Your Email Won($1,000,000.00)
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.1.4)

This is to inform you that you have won a prize money of One Million
United States Dollars, ($1,000,000.00) for this year 2008 Lottery
promotion which is organized by ECOWAS DONATIONS 2008.These are your
identificationnumbers: Batch number..ECW
09102XNReffnumber..ECW35447XNWinningnumber..ECW09788 These numbers
fall within yourLocationfile, you are requested to contact the events
manager/ClaimsDepartment, send your winningidentification numbers to
her,to enable herverify your claims.(CONTACT FINANCE
DEPARTMENT)Name:Mrs.Jane Okeke
Tel:+2348060056926E-mail:,=redacted=@hotmail.com,=redacted=@yahoo.no,
To
claim your prize, please contact:with the following
information..1.Name,Address, Occupation, Age, Phone number,
Occupation, Country Thank you and Accept my hearty congratulationsonce
again! Yours faithfully,Mrs.Mary Jones


Received: from c60.cesmail.net (c60.cesmail.net [216.154.195.49])
by cuda.lamar.com (Spam Firewall) with ESMTP id A81C680D541
for <=redacted=@lamar.com>; Mon, 21 Apr 2008 06:00:46 -0500 (CDT)
Received: from unknown (HELO epsilon2) ([192.168.1.60])
by c60.cesmail.net with ESMTP; 21 Apr 2008 07:00:25 -0400
Received: from 70-3.vgccl.net (70-3.vgccl.net [41.220.70.3]) by
webmail.spamcop.net (Horde MIME library) with HTTP; Mon, 21 Apr 2008
07:00:17 -0400
Message-ID: <20080421070017.zf0wtsr8o4s80800[at]webmail.spamcop.net>
Date: Mon, 21 Apr 2008 07:00:17 -0400
From: Free Lottery Game <=redacted=@lotterygame.com>
Reply-To: =redacted=@jmail.co.za
To: undisclosed-recipients:;
Subject: Our Esteemed Winner
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.1.4)

WINNING DETAILS:
Ref. No: KPC/9080118308/02/TCA
Batch No: 12/25/0034
Ticket Number: ZZ 3502 /8707-01
Dear Winner
We are pleased to inform you of the final announcement that you are one
of our year winner of the Microsoft Award Team, held on the
1st of March, 2008.You have therefore been approved to claim a total
sum of =A3500,000.00 Pounds.
Please contact Claims Officer for the claim of your winning prize.
Mrs.Eva pedro
Email:=redacted=@jmail.co.za
Congratulation once more and have a nice day.
Your's Sincerely,
Jimmy Phillips
Online Co-ordinator.

I'll send these to JT, and perhaps Don D'Minion has already taken a close look at the stuff coming from the IP that's been reported.
If these are valid messages, then there's a BIG problem with the SpamCop webmail system, and therefore also with those of us who use the SMTP services.

Per Don's post at http://forum.spamcop.net/forums/index.php?...ost&p=64243 ... yet another bit of an idiotic action taken in reference to the phishing spam, resulting in yet another compromised SpamCop e-mail account being used by a spammer.

This entire thing was stated as to why JT hesitated going into the SMTP business in the first place, spammers would LOVE to gain access to the spamcop system and start getting it listed throughout the internet. I hope this episode does not end the "Beta" that has been going on.

I just received a phone call from one of the admins at Barracuda Networks, clarifying their recent blocking of the SpamCop Email System IP. Seems there's a bit of sensitivity WRT blocking a competitor (Ironport) so they wanted to make sure I was fully informed.

It does seem a bit curious about the difference between items like;
3085066446 ( 216.154.195.49 ) To: mailsys#admin.spamcop.net[at]devnull.spamcop.net
and
3078160525 ( 216.154.195.49 ) To: mailsys[at]admin.spamcop.net