I'm the admin for the mail server on 126.96.36.199. This server is currently listed on bl.spamcop.net.
We are an ISP, and the server in question is an outgoing mail relay for the use of our business customers. It is restricted to relaying for the IP ranges that we assign to those customers only. We DO have a no-spam policy.
Unfortunately, from time to time, we get a customer who is either deliberately sending spam through the relay in defiance of our policy, or unknowingly has an insecure mail server themselves, and has it set to use our relay as a smart host.
In such cases, our standard course of action is to immediately block the offending customer from using the relay and then contact them to inform them of what is happening. Only after they have told us that they have secured their mail server do we lift the block on the relay server.
I would like to do that in this case, but I don't have enough information to proceed. To identify the customer, I need to see all the Received: headers of the spam message so that I can identify the IP address that sent the mail to our relay.
However, the listing on spamcop only shows a small portion of the headers of the offending mail, with much of the information masked out.
I'm stuck now. I'm unable to identify the abuser of our relay, and thus I'm unable to stop them. I DO want to act responsibly here and prevent this spam from being sent.
Can anyone suggest what I should do?