scarville

Members
  • Content count

    6
  • Joined

  • Last visited

Everything posted by scarville

  1. The domains have been around a while. However, the machines are strictly internal so they will never be seen in the external DNS view. I don't have anything for lereta.com in Mailhost right now. First time I attempted to register this new configuration I tried deleting the existing config and retrying. I will try to get each host in turn to act as a final destination for my address. ETA: There is an incomplete configuration in Mailhost but, so far, I've been unable to "Resolve incomplete mail host configuration".
  2. We recently added multiple agents for the Proofpoint system and I am unable to register the new configuration as a mailhost: ------------------------------------------------- Host scapp02.lereta.net (checking ip) IP not found ; scapp02.lereta.net discarded as fake. Sorry, SpamCop has encountered errors: The email sample you submitted for scarville@lereta.com appears to traverse more than one domain. Please ensure that you configure each mailhost individually and in order. Proceed here: <https://www.spamcop.net/mcgi?mhc2=ikZ6h9TJW2NhNjki> ------------------------------------------------- These are the headers from the account configuration email. Received: from mail.lereta.com [10.212.170.192] by scafs02-lnx.lereta.com with POP3 (fetchmail-6.3.17) for <stephen@localhost> (single-drop); Mon, 17 Jul 2017 09:54:22 -0700 (PDT) Received: from scaxc06.lereta.net (10.212.170.70) by scaxc05.lereta.net (10.212.170.139) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Mailbox Transport; Mon, 17 Jul 2017 09:51:58 -0700 Received: from SCAXC03.lereta.net (10.212.170.223) by scaxc06.lereta.net (10.212.170.70) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Mon, 17 Jul 2017 09:52:52 -0700 Received: from scapp02.lereta.net (10.212.165.125) by SCAXC03.lereta.net (10.212.170.223) with Microsoft SMTP Server id 15.0.1236.3 via Frontend Transport; Mon, 17 Jul 2017 09:52:53 -0700 Received: from pps.filterd (scapp02.lereta.net [127.0.0.1]) by scapp02.lereta.net (8.16.0.17/8.16.0.17) with SMTP id v6HGkjgh007366 for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 Received: from mx02.lereta.com ([198.204.112.74]) by scapp02.lereta.net with ESMTP id 2bqh180f40-1 for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 Received: from prod-sc-www02.spamcop.net (vmx.spamcop.net [184.94.240.112]) by mx02.lereta.com (Postfix) with SMTP id AB2266000F for <scarville@lereta.com>; Mon, 17 Jul 2017 09:52:52 -0700 (PDT) X-SpamCop-Conf: ikZ6h9TJW2NhNjki Received: from [204.45.182.99] by spamcop.net with HTTP; Mon, 17 Jul 2017 16:52:52 GMT From: SpamCop robot <mhconf.ikZ6h9TJW2NhNjki@cmds.spamcop.net> To: <scarville@lereta.com> Subject: [SpamCop] account configuration email Precedence: list Message-ID: <wh596ceb64g6a4d@msgid.spamcop.net> Date: Mon, 17 Jul 2017 16:52:52 +0000 X-Mailer: https://www.spamcop.net/ v4.8.6 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-07-17_13:,, signatures=0 X-Proofpoint-spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=1 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1706020000 definitions=main-1707170269 Return-Path: service@admin.spamcop.net Content-Type: text/plain X-MS-Exchange-Organization-Network-Message-Id: d90a198d-4e20-4e2f-235c-08d4cd344410 X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 X-MS-Exchange-Organization-AuthSource: SCAXC03.lereta.net X-MS-Exchange-Organization-AuthAs: Anonymous MIME-Version: 1.0 Another wrinkle is that the intermediate hop could also be scapp03.lereta.net. Any way I can fix this?
  3. The mail to service bounced. Service[at]admin.spamcop.net<mailto:Service[at]admin.spamcop.net> The recipient's e-mail address was not found in the recipient's e-mail system.
  4. Recently a user complained that he was getting emails from newsmax.com he never signed up for. After a bit of searching I found that Newsmax publishes polls and requires you enter an email to have your opinion recorded. I verified with the user that he had filled out just such a poll. The poll sounded suspicious so I located one and answered using a throw away address. Sure enough I started getting "News Alerts" several times a day. However, Newsmax seemed like a legitimate site so I used the unsubscribe link but was not removed from the list. I tried it two more time just to be sure. That failure, to me, makes them spammers so I started reporting them via spamcop. Reviewing a few reports I saw that was a strange (to me) listing for accredit.habeas.com which looks like a whitelist. 8.28.94.215 not listed in dnsbl.njabl.org ( 127.0.0.8 ) 8.28.94.215 not listed in dnsbl.njabl.org ( 127.0.0.9 ) 8.28.94.215 not listed in cbl.abuseat.org 8.28.94.215 not listed in dnsbl.sorbs.net 8.28.94.215 listed in accredit.habeas.com ( 1 ) <============ 8.28.94.215 not listed in plus.bondedsender.org 8.28.94.215 not listed in iadb.isipp.com I am not a big fan of whitelisting and only use it as last resort. Consequently, I've not paid a lot of attention to how the publically available whitelists operate. Is the above whitelist legitimate? A quick search on Google certainly makes it look legitimate but if a a spammer can use it, I have my doubts.
  5. As I said, I am not fan of whitelisteing but I can understand why spamassassin might use it to reduce false positives. I've had a few requests to whitelist addresses here because they were being labeled as spam. My first unsubscribe request to Newsmax was about three weeks ago and I waited about a week before I started reporting them to SpamCop. That seemed more than long enough to respond. Interestingly enough, I haven't received a single email from them since I posted my original question yesterday and the unsubscribe page linked in emails forwarded to me by a user has changed. Maybe in response to complaints forwarded by SpamCop? That would be nice.
  6. According to spamassassin Habeas Accredited Senders Last octet of the returned A record indicates the Habeas-assigned "Permission Level" of the Sender. 10 to 39 Personal, transactional, and Confirmed Opt In 40 to 59 Secure referrals and Single Opt In 60 to 99 Checked but not accredited by Habeas. The first range is HABEAS_ACCREDITED_COI The second is HABEAS_ACCREDITED_SOI The third is HABEAS_CHECKED They are scored: score HABEAS_ACCREDITED_COI 0 -8.0 0 -8.0 score HABEAS_ACCREDITED_SOI 0 -4.3 0 -4.3 score HABEAS_CHECKED 0 -0.2 0 -0.2 So it is obvious that Spamassassin trusts them. True. I am just curious about it now that I see email I would identify as spam being OKed because of it.