Hi,

Email from our PowerMTA email server has generated problem stating we are running an open proxy on the server.

The port 8080 had been open on the server but has now been closed by a firewall. Is there anyway to perform the same test Spamcop did to verify the problem has been resolved?

The IP address in question is 83.137.133.216.



Thanks,

David

Is there a particular reason why you believe that the open proxy report came from SpamCop? At this point your IP is not listed in the SCBL. There is only one report from a user for your IP in the last 90 days. There may have been spam-trap reports that aren't open to the public to view.

You are, however, listed at cbl.abuseat.org and pbl.spamhaus.org You'll have to deal with those lists through their own operators.

Andrew

The reason is we received the email with the following details [SpamCop (83.137.133.216) id:3200297675] but thank you for your thoughts regarding the problem.

We are aware of the CBL & PBL issues and are following that up with the respective groups.

Hi David, can't help with the specific process used by SC but discussions here usually suggest the telnet relay-test.mail-abuse.org - as suggested http://forum.spamcop.net/forums/index.php?...ost&p=27379 other resources are shown in http://spamlinks.net/prevent-secure-relay-test.htm
HTH
[added on edit - a test with http://www.antispam-ufrj.pads.ufrj.br/cgi-...=83.137.133.216 was inconclusive. It appears to show an accepted relay in Test 8 but that is no proof by itself.]

That represents one report (probably the one I found) but one report would not constitute an entry in the SCBL.

Andrew

And SpamCop itself does not test for open proxies. It does submit to other tests (by other blocklists) those that show signs of being submitted through an open proxy.

Hi, David, and welcome!
...Nor would SpamCop list your server solely because it met an open proxy test. See SpamCop FAQ (there's a link to it near the top left of each SpamCop Forum page) entry labeled "What is on the list?."

None of us can see the email report referenced by that ID number, but I rather doubt that it was telling you that you had an open proxy...perhaps it only mentioned the possibility. In any case, it wasn't the result of a test, but rather a specific piece of email reported as spam by a SpamCop user.

DT

Yeah, would have to be the same one AndrewTrue enough but just for the benefit of new users, the foregoing limited detail can be pulled up by entering the report number in the "Jump to report ID:" box in any member's "Past Reports" tab on the member (log in) page.

Open Proxy???? I don't think so more like spamming.

---------------------------------------------------
See: http://www.spamhaus.org/sbl/sbl.lasso?query=SBL65317

83.137.133.0/24 is listed on the Spamhaus Block List (SBL)

16-Jun-2008 22:16 GMT | SR04

PUR3.NET

Sending not-Confirmed-Opt-In spam from most IPs in this range. Content is casino, vistaprint, etc.
---------------------------------------------------

According to senderbase every IP in the /24 is in multiple blocklists. Looks like spam to me.

You followed up with the cbl and it looks lke they put you back on.

------------------------------------------------------------------------------------------------------
IP Address 83.137.133.216 is currently listed in the CBL.

It was detected at 2008-06-15 23:00 GMT (+/- 30 minutes), approximately 1 days, 20 hours, 30 minutes ago.

It has been relisted following a previous removal at 2008-06-13 10:18 GMT
----------------------------------------------------------------------------------------------------

The problem is if you ask to be delisted you should not spam the same address again

David are you a customer of pur3.net?
Do you work for pur3.net?
do you own pur3.net?
what is your involvement with pur3.net?