Jump to content

Jeff G.

Membersph
  • Content Count

    3,727
  • Joined

  • Last visited

Everything posted by Jeff G.

  1. Jeff G.

    Spamcop after virus / spyware attack

    Yes, but: If he were to forget what he did and then get a new NIC (or have a visitor with a NIC), the NIC new to his network wouldn't be able to connect. His IP Address would still be listed by the SCBL for at least 21 hours.
  2. AFAIK, a similar database already exists at SpamCop, but it is private and only contains bouncing and report-denying email addresses, not IP Addresses. Re WHOIS, any incorrect data in a name-based WHOIS record is a violation of RFC1032 - please see Listing policy for the whois.rfc-ignorant.org zone for details. Thanks!
  3. Jeff G.

    Spamcop after virus / spyware attack

    If releasing and renewing any DHCP lease is going to help Steve, it will only be releasing and renewing the DHCP lease that the wireless router is getting from Telewest through the cable modem. The exact model and version of the wireless router would certainly help in advising how to do that. Steve could also try sending mail through a Telewest or Blueyonder recommended SMTP server, rather than a webhost recommended SMTP server.
  4. Jeff G.

    Spamcop after virus / spyware attack

    Do your computers connect to your wireless router using wireless or wired connections? If either one or both connect using wireless connections (or you expect any visitors that might use wireless), please implement security on your wireless connections. The simplest security would be 64-bit WEP (Wireless Encryption Protocol). If both connect using wired connections and you aren't expecting any wireless visitors, you should be safe in turning off the wireless capability of your wireless router. If you check the DHCP (Dynamic Host Control Protocol) leases given out by your wireless router, and you find one given to a NIC (Network Interface Card) you don't possess (the offending MAC (Media Access Control) Address), you should be able block that offending MAC Address. If you have any difficulty with the above, it would be very helpful to know the manufacturer, make, model, and version of your wireless router and your cable modem.
  5. Jeff G.

    Spamcop after virus / spyware attack

    All of the 11-20 items that caused the SCBL listing for 82.41.221.43 appear to have been SpamTrap hits.
  6. Jeff G.

    Spamcop after virus / spyware attack

    That page is at http://www.senderbase.org/search?searchString=82.41.221.43, which currently shows: Volume Statistics for this IP Magnitude Vol Change vs. Average Last day 4.3 13750% Last 30 days 2.7 223% Average 2.2
  7. Jeff G.

    why, we need your help

    218.244.47.25 will be delisted 24 hours after the last spam report. Perusing http://www.spamcop.net/sc?track=218.244.47.25, http://www.spamcop.net/bl.shtml?218.244.47.25, and http://www.spamcop.net/w3m?action=blcheck&ip=218.244.47.25: Report History for 218.244.47.25 follows:
  8. "193.67.39.131 not listed in bl.spamcop.net" per http://www.spamcop.net/w3m?action=blcheck&ip=193.67.39.131. Report History for 193.67.39.131 follows: Submitted: Tuesday 2006/01/17 08:00:47 -0500: =?windows-1251?B?RndkOiDC4PEgIP3y7iAg5+Do7fLl8OXx8+XyICBmaGtubHp3dWdj?= 1625092385 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1625092370 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/17 01:40:11 -0500: =?windows-1251?B?RndkOiDC4PEgIP3y7iAg5+Do7fLl8OXx8+XyICBzZmJhYXpld3dw?= 1624753791 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1624753786 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 10:21:12 -0500: =?windows-1251?B?UmU6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIHhxZmliemRsbg==?= 1623985726 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623985723 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 10:19:10 -0500: =?windows-1251?B?UmU6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIHdzeG1rdW55?= 1623998400 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623998388 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 10:18:13 -0500: =?windows-1251?B?UmU6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIHdzeG1rdW55?= 1623996061 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623996060 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 10:10:36 -0500: =?windows-1251?B?UmU6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIHNvdmZ6?= 1623979392 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623979381 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 10:10:34 -0500: =?windows-1251?B?RndkOiDC4PEgIP3y7iAg5+Do7fLl8OXx8+XyICBnaXRvandx?= 1623978863 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623978854 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 09:25:14 -0500: =?windows-1251?B?Rnc6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIGhpeWRzdg==?= 1623925462 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623925006 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 08:37:06 -0500: =?windows-1251?B?RndkOiDC4PEgIP3y7iAg5+Do7fLl8OXx8+XyICBzbm9scA==?= 1623869888 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623869872 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 08:06:24 -0500: =?windows-1251?B?Rnc6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIGtmbm1wbGJj?= 1623845920 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623845915 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 07:14:31 -0500: =?windows-1251?B?UmU6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIGt3bmFr?= 1623787281 ( 193.67.39.131 ) To: mole[at]devnull.spamcop.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 07:00:33 -0500: =?windows-1251?B?UmU6IMLg8SAg/fLuICDn4Ojt8uXw5fHz5fIgIGtvamhkY214eg==?= 1623782964 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623782957 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/16 02:58:18 -0500: =?windows-1251?B?RndkOiDC4PEgIP3y7iAg5+Do7fLl8OXx8+XyICB0cHdkZXp3Zg==?= 1623564239 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1623564214 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 08:28:33 -0500: Re: Поздравляю с НГ и посмотри ..... 1607961061 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607961045 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 08:28:24 -0500: Fwd: Поздравляю с НГ и посмотри ..... 1607960885 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607960880 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 08:28:18 -0500: Re: Поздравляю с НГ и посмотри ..... 1607960761 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607960742 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 08:26:29 -0500: Fwd: Поздравляю с НГ и посмотри ..... 1607943546 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607943515 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 05:34:51 -0500: =?windows-1251?B?UmU6IM1Pwk/CwsXExc3I3yAgIMIgICDNIEEgyyBPIMMgTyBPIMEgyyBPIMYg... 1607721979 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607721951 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 05:34:51 -0500: =?windows-1251?B?UmU6IM1Pwk/CwsXExc3I3yAgIMIgICDNIEEgyyBPIMMgTyBPIMEgyyBPIMYg... 1607721746 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607721731 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 05:34:50 -0500: =?windows-1251?B?UmU6IM1Pwk/CwsXExc3I3yAgIMIgICDNIEEgyyBPIMMgTyBPIMEgyyBPIMYg... 1607721360 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607721355 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 05:34:49 -0500: =?windows-1251?B?Rnc6IM1Pwk/CwsXExc3I3yAgIMIgICDNIEEgyyBPIMMgTyBPIMEgyyBPIMYg... 1607721018 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607721008 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 04:47:48 -0500: =?windows-1251?B?RndkOiDNT8JPwsLFxMXNyN8gICDCICAgzSBBIMsgTyDDIE8gTyDBIMsgTyDG... 1607681693 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607681659 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Tuesday 2006/01/03 02:59:46 -0500: =?windows-1251?B?UmU6IM1Pwk/CwsXExc3I3yAgIMIgICDNIEEgyyBPIMMgTyBPIMEgyyBPIMYg... 1607596593 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1607596568 ( 193.67.39.131 ) To: abuse[at]nl.uu.net -------------------------------------------------------------------------------- Submitted: Monday 2006/01/02 17:07:14 -0500: 1606998444 ( 193.67.39.131 ) To: spamcop[at]imaphost.com 1606998399 ( 193.67.39.131 ) To: abuse[at]nl.uu.net
  9. Jeff G.

    contact form abuse by header injection

    I do think that you giving those service providers a heads-up ASAP is a good idea. If not you, who? If not now, when?
  10. Jeff G.

    DJB & Spamcop

    If you have a specific question about a section of the FAQ that confuses you, please identify/post that section here with your question and we will attempt to help you understand. If you haven't looked at a FAQ yet, please see the information provided at What is SpamCop?
  11. Jeff G.

    contact form abuse by header injection

    The presence of those email addresses in those Bcc headers doesn't prove anything - what matters is what was attempted in a MAIL FROM field. However, the AOL Postmaster Team may still be interested in your evidence - you may contact them at postmaster[at]aol.com or via their AOL Postmaster Hotline at 1-888-212-5537 (in the US) or at +1-703-265-4670 (international callers).
  12. Jeff G.

    Problems with reluctant mail server admin

    I think your server farm administrator is shining you on, and doesn't know the difference between PTR Records, reverse DNS, IN-ADDR records, and IP WHOIS. What IP Address (or range of them) is he administering? Thanks!
  13. Jeff G.

    Problems with reluctant mail server admin

    Hi, and welcome! Please see http://forum.spamcop.net/forums/index.php?...027entry36027 for details on that. Yes, I think it is ok. Doing so does not violate any RFC I know of, and complies with the "My server, my rules" concept. You can complain to the DNS Administrator for that IP Block (per its SOA Record), the people responsible for that IP Block (per IP WHOIS), your server farm administrator, and the people you are paying (perhaps all the same people). You are paying for professional service and you are getting amateur service. This website helps to support users of www.spamcop.net and other hosts in the spamcop.net domain. It appears that Julian Haight (founder of SpamCop.net) registered spamcom.com on September 18th, 2000 because so many people were misspelling spamcop.net. He doesn't appear to be using it for anything meaningful. Julian appears to have sold it to IronPort with SpamCop.net in mid-2003. If you meant spamcop.com, that was usurped by a domain squatter on August 9th, 2000.
  14. Jeff G.

    Forwarding emails

    No, sorry, Courier (the basis for the SpamCop Email System backend) doesn't appear to do that. I suggest either leaving your current email on the server and accessing it with Webmail and/or IMAP, or POPping it directly from the server without going through a third party and accessing the backlog with Webmail when you can't POP. I currently do the latter, with the addition of an IMAP connection (for ease of archival and testing).
  15. Sorry if I wasn't clear enough. To access that URL (if it's not accessible already), one would need to: Log out of any ISP Account Log in to a Reporting Account Pay (if necessary)
  16. That information (Report History) is available at http://www.spamcop.net/mcgi?action=showhis...id;val=62640177 for any Paid SpamCop Reporter (minimum investment US$2 at http://www.spamcop.net/mcgi?action=paymenu after signing up for a free account at http://www.spamcop.net/anonsignup.shtml). If you haven't already, please see , please see FAQ Entry: Am I Running Mailing Lists Responsibly?. Thanks!
  17. Jeff G.

    Outside Spam Reports

    Beware that email messages sent to ABUSE[at]NA.nic.it end up in a database that is posted to the web.
  18. Jeff G.

    login

    Assuming that you meant the main SpamCop.net site, you should start with SpamCop.net - Beware of cheap imitations and proceed with What Is This? and Register Now.
  19. Jeff G.

    hosting server blocked question

    Report History for expedition.websitewelcome.com [70.85.144.194] follows:
  20. Jeff G.

    DJB & Spamcop

    131.193.178.160 appears to have 21-30 Spamtrap hits, and no other Report History.
  21. Jeff G.

    qmail toaster - no source ip address fo

    The problem here appears to be that mx.gmail.com is not one of your configured Mailhosts. http://www.spamcop.net/sc?id=z890550989z42...e70d32474f1212z (cancelled) shows the following:
  22. While you wait for the SpamCop Deputies to respond, you could look at your logs from your NAT and firewall for connections from the inside to Port 25 somewhere outside.
  23. Jeff G.

    Postfix Blocks my e-mail

    It would seem that Nikkikitty's problem is that host forward1.us4.outblaze.com [208.36.123.89] was listed by the SCBL. It is not currently listed. Its Report History is as follows:
  24. Please see my reply to "E-Mail spam submittals blocked by your ISP" and my reply to "help mail blocked". Thanks!
  25. Jeff G.

    Ready to PAY to be whitelisted by SPAMCOP

    canada.com appears to have one host that sends email, sendmail.canada.com [199.71.40.31]. http://ws.arin.net/whois?queryinput=199.71.40.31 shows the sole contact as dnsadmin[at]canwest.com. http://www.abuse.net/lookup.phtml?DOMAIN=canwest.com shows that canwest.com has no abuse.net record. Therefore, SpamCop's Parser wants to send Reports to postmaster[at]canwest.com; however, it thinks that "postmaster[at]canwest.com bounces (9 sent : 6 bounces)". http://www.spamcop.net/sc?track=199.71.40.31 shows "199.71.40.31 not listed in bl.spamcop.net". Report History shows about 10-19 Spamtrap hits and one Mole Report as follows: The behavior "Dec 7 10:22:29 mx2 postfix/smtp[27351]: 8C37D8B38C: to=<postmaster[at]canwest.com>, relay=smtp.canwest.com[204.187.151.131], delay=3, status=bounced (host smtp.canwest.com[204.187.151.131] said: 501 #5.1.1 bad address postmaster[at]canwest.com (in reply to RCPT TO command))" shown at http://www.rfc-ignorant.org/tools/detail.p...able=postmaster is no longer happening (so I suggest that a SpamCop Deputy or SpamCop Admin reset its bounce flag), but the behavior "Dec 7 10:19:45 mx1 postfix/smtp[8580]: 264F08B4BF: to=<abuse[at]canwest.com>, relay=smtp.canwest.com[204.187.151.131], delay=2, status=bounced (host smtp.canwest.com[204.187.151.131] said: 501 #5.1.1 bad address abuse[at]canwest.com (in reply to RCPT TO command))" shown at http://www.rfc-ignorant.org/tools/detail.p...263&table=abuse is still happening. Is that the IP Address that you claim is getting blocked? If not, please post the IP Address that you claim is getting blocked. Thanks!
×