Jump to content

Derek T

Memberp
  • Content Count

    602
  • Joined

  • Last visited

Everything posted by Derek T

  1. Derek T

    Blocklist Help: (66.238.175.30)

    The fact that de-listing had been requested in two BL's without first solving the problem. OK I was wrong and apologise as later postings show him/her to be much more clueful than the initial evidence suggested.
  2. Derek T

    Blocklist Help: (66.238.175.30)

    Seems that you, or someone has manually de-listed this IP without solving the problem. IPis still spamming. Suggest you hire someone who has a clue, as you obviously don't.
  3. 1720% all afternoon (GMT). OP and I both in UK on GMT.
  4. I am not an admin but time spent in here leads me to suggest checking your firewall logs and making sure that NOTHING except your mailserver has access to port 25. AIUI many trojans install their own mailserver and don't go through the 'official' one so no other machine should be able to access the 'out' port. Or something like that. Someone who knows more about it will be along soon, I'm sure! Edit: and as I typed someone did!
  5. www.linuxmint.com and never worry about a trojan again
  6. If you're not being refused at the time of the SMTP transaction with a 5xx then they are getting through but sitting in the recipient's 'held-mail', 'spam' or equivalent folder. I'm surprised that there is no postmaster[at]prometheus.co.uk. account. Can you simply not create one? Then you can express de-list BUT as I said in my edit above, Senderbase shows no sign yet of a slowing down of the spew so be VERY sure the problem really has been solved before using it. It's a one-time-only get-out-of-jail-free! If you hit the spamtraps again after de-listing you'll be listed for longer (second offence, mi'lud). Spamcop is entirely automatic, de-listing happens within 24hrs of the last spam detected.
  7. You can send out as many emails as you like. Spamcop has no control over your server. Whether the recipients will choose to receive them or not is another matter... Those using the SCBL in blocking mode (not recommended, but it's their server, their rules) will reject with a 5xx. Those using it to tag possible spam will find it their held mail. No business should rely on email alone to contact its customers. You could phone those you are having difficulty reaching and ask them to whitelist you. Why can you not add your own? Because you could be just anybody! Only the registered abuse, postmaster etc. address for the IP can do it. If you are not he then talk to your provider about being registered. Do you work for prometheus press? or are they your upstream provider? Edit: I see the BT are your upstream and that there is no registered abuse address: contact BT about this. Senderbase shows no evidence of the spew having halted.
  8. Then no-one in this peer-peer forum can possibly help you. No reason not to mark this resolved or move it to the lounge.
  9. Rejecting with a 5xx at the time of the SMTP connection is exactly the right thing to do and will not get you listed. Please make sure that your system is not generating new mail to the (spoofed) 'from field'. See the FAQ on bounces and backscatter. An email to the administrators might result in your being told what sort of 'spam' is hitting their spamtraps.
  10. Derek T

    False Positive?

    Perhaps it's time to ditch Mailwasher pro then and get a SpamCop account at $30 p.a.? Not only is that not listed, there is no history of it's having been listed recently The IronPort 'reputation' for it is Good. I see you are from the UK so you will know what I mean when I say that Mailwasher seems to be 'talking out of its arse'
  11. Derek T

    [APEWS]APEWS: Large IP Block is listing my range

    It says 'OXO' on buses but they don't sell it! SCBL doesn't list those IPs. Move on, there's nothing to see here.
  12. Derek T

    [APEWS]APEWS: Large IP Block is listing my range

    What, exactly, has this to do with spamcop? NONE of those IPs is listed by spamcop!
  13. Derek T

    [Resolved] Erroneous blocking IP

    1550 GMT Counter reset again (23hrs) and a further user report submitted yesterday. Time to unplug that server from the internet until it's been cleaned up, I think.
  14. Derek T

    [Resolved] Erroneous blocking IP

    Despite your protestations, you are still spewing spam. 1330 GMT: Counter reset to 24 hours - spam still coming from that IP FIX IT! Looking at the reports, it does not appear to be back-scatter.
  15. Derek T

    [Resolved] Erroneous blocking IP

    Yours IP have rightly blocked 213.186.195.179 listed in bl.spamcop.net (127.0.0.2) If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 22 hours. Causes of listing * System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop) * SpamCop users have reported system as a source of spam less than 10 times in the past week please fix your server. De-listing is automatic when the spam stops.
  16. Derek T

    blocklisted 38.104.99.170

    You might point out that if instead of using a windows server and windows PCs behind it, they had all been running (free) linux, then none of this would have happened
  17. Derek T

    Blocked But Not Listed

    I can find no evidence at all of your IP having ever been listed by SpamCop (SpamCop doesn't 'do' domains). Any reports would have been sent to abuse[at]radiant.net. Have you contacted them to see if they have received any? It may well be a mis-formed error message blaming SC or SORBS when (perhaps) it's an unknown recipient or full mailbox. Other than that I'm afraid I can't help.
  18. Derek T

    [Resolved] Blocked IP please help

    Clearly. Let's hope I'm wrong.
  19. Derek T

    [Resolved] Blocked IP please help

    As someone else has said here, spam comes from IPs, not domains. Domain names in spam are always forged. he domain name will not help you to identify the source of the spam. It may yet be you or one of your customers.
  20. Derek T

    [Resolved] Blocked IP please help

    Again I ask: how can you possibly know that? How can you be so sure that one of your machines or one of those of your 'VIP customers' has not been trojanned or hacked? I ask this because I've seen literally hundreds of people come to this forum asserting that the spam is nothing to do with them, only to find that they have a compromised system on their network. You wouldn't be the first and certainly won't be the last.
  21. Derek T

    [Resolved] Blocked IP please help

    How do you know that?
  22. Derek T

    [Resolved] Blocked IP please help

    I read your original post to mean that you were responsible for the reselling, do you mean that you are not the reseller but merely one of the customers of the reseller? If so I apologise unreservedly. However if you are the reseller then you are responsible for what your customers do, which is what I was trying to say.
  23. Derek T

    [Resolved] Blocked IP please help

    You are listed because you deserve to be listed: spam is coming from your IP. This is your responsibility. Stop the abuse and de-listing will happen automatically. Allow it to go on and listing will be more frequent and for longer. It is entirely automatic. What have you done to trace the source of the spew? Getting a clue might be a good idea.
  24. Derek T

    Opt In Lyris Listserv being blocked

    The solution is simple: reject the mail with a 5xx code during the SMTP transaction. DON'T under any circumstances generate a new mail to the (always) forged 'From:' field. Now everyone is happy and you stay off the blacklists.
  25. Derek T

    Help.....still being blocked!

    It seems to me that the only responsible course of action is to unplug the whole system from the internet until it has been properly and professionally disinfected. The OP clearly doesn't have a clue. In fact his ISP should have disconnected him days ago if they had a clue and insisted that the problem be fixed.
×