Jump to content

Chris Parker

Membera
  • Content Count

    196
  • Joined

  • Last visited

Posts posted by Chris Parker


  1. Just got a new machine up and running on Mac OS X. I'm currently using Apple's Mail for my mail. Anyone know an easy way to forward messages for processing and make sure they include the headers. Trying to find a way to forward a whole folder on a periodoic basic without having to view each individual message in raw format.


  2. quattro.co.za,Feb 25 2004, 08:04 AM] Hi,

    We're running a bulk email service (Not spam), and use 2 servers to send.

    The local address of the one is 11.11.11.2 and the sender is 11.11.11.3

    You have records of 11.11.11.3 listed on your website, and we have received complaints that this is a spam address.

    The emails are actually sending from 207.12.88.178

    Why is it listing this invalid address on your website, and how can it be removed.

    Thanks

    Ernie

    11.11.11.3 *is* a valid address. 11.0.0.0 - 11.255.255.255 is allocated to the United States Department of Defense.

    You should not be using publicly routable addresses as "local addresses"

    You should only be using the following address ranges in your local network:

    >> 10.0.0.0 - 10.255.255.255

    >> 172.16.0.0 - 172.31.255.255

    >> 192.168.0.0 - 192.168.255.255


  3. This is the second time in 4 business days that we have been blacklisted.  Is it because Spamnet is installed on one of our computers?  That is ridiculous if it is.  We are not spammers!!!  There must be a way to get yourelf removed faster than 48 hours!!!  We are losing days of production here.

    Since you did not give us the IP address or an error message we can only guess as to what is happening...

    If you are Med-Expertise.com:

    * 216.250.116.72 isn the inbound mail server... http://www.spamcop.net/w3m?action=checkblo...=216.250.116.72 which is not currently listed

    * Looks like a hosting service, you'll want to contact them and ask them why they are allowing spammers on their network.

    If that's not you, sorry, my crystal ball is in the shop and I'm unable to devine the IP address in question without more information.

    :P


  4. This evening (since about 2300 GMT 19 Feb 2004), when I've tried to "slow report" my spam using the mailsc.spamcop.net interface, the first spam goes through as normal, but then the "next" link appears that I've already been there.

    When it comes through, it is indeed the spam I just reported, and spamcop refuses as reports have already been sent. It then proceeds to the next spam as before.

    Oops, I didn't read before starting a new topic... argh... Same thing happening here.


  5. What I and presumably others propose is to build a blacklist of those sites and block messages that reference those URLs.  At the same time a whitelist of the many common legitimate sites would need to be created to prevent spammers from getting legitimate sites blacklisted.  A probably very successful first pass would be to blacklist the sites or IP blocks in China (or other spam friendly ISPs) and whitelist the rest. Further refinement could be made from there, but this would probably successfully stop 90% of spam that currently makes it through existing RBLs.

    I believe this may be a useful and productive solution to spam and would like to encourage it's development.

    I understand there is discussion in the SpamAssassin community for working on things like this.  SpamCop builds a great database of spam-referenced URLs now.  That databse could be used in a URL blacklist. Is anyone in the SpamCop community working on this idea?

    Yes, I would like to see a system that blocks based on the IP address that the site is hosted on, much the same way that you would block mail from a particular IP address, regardless of the domain in the mail.

    I think that type of solution would make the issue of spammers purchasing a billion domains mute.


  6. Hello,

    i am blacklisted since wednesday. IP 81.84.63.82.

    I checked the website, but I really didn't understand why. I would like to know the causes and the legimitacy for what happened. I would like also to know how I can prevent future situations and how can I resolve the current one.

    Basic Characteristics:

    portable personal computer, only I have access to it. Use internet access (only from one provider and at one location - home) to read news and search some academic articles for thesis. I use the Outlook Express. No one knows the password of my accounts, which aren't written anywhere.

    Thanks for the help.

    Regards,

    miguel

    Please see: http://www.spamcop.net/w3m?action=checkblock&ip=81.84.63.82

    If that is a dynamically assigned IP address, it's former "owner" may have been infected with a virus. If you've had that IP address for a while then I'd guess that you are infected with a virus/worm. You'll want to make sure that you run a complete virus scan on your machine. You'll also want to download some sort of malware scanner (ie AdAware or SpyBot) and make sure that there are no beasties on your machine.


  7. Return-Path: <munged>

    Received: from TruPPPv92-230-108.inet.co.th ([203.151.230.108])

              by mta08-svc.ntlworld.com

              (InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP

              id <munged>;

              Sat, 7 Feb 2004 10:46:49 +0000

    Received: from [0.2.149.97] by 203.151.230.108; Sat, 07 Feb 2004 11:48:51 +0100

    Date: Sat, 07 Feb 2004 11:48:51 +0100

    From: "Tracy Boyer" <munged>

    Reply-To: "Tracy Boyer" <munged>

    Message-Id: <munged>

    To: Beverley <munged>

    Subject: watch drunk girl parties

    X-Mailer: meander began

    Mime-Version: 1.0

    The headers indicate a date of Feb 7th. You may wish to contact your ISP.


  8. I have over 10,000 real estate agents and brokers sending out house for sale listings via email to their clients through my systems.  I've got 300 different servers funneling email listings through two virus checker machines and then through my two MTA's.  The specific subject line is not included in any of the logs that I've found on my mta's or virus checkers.  That was the first thing I searched for (emma rich).

    Well, the email in the reported spam had:

    mi.. at ..r.com

    Not sure how many of them start with "MI" and end with "R.COM"

    Might be enough to see who to watch, or contact directly...


  9. When is SpamCop going to have some respect and consistency as far as established, legit newsletters are concerned ?

        I don't rely on SpamCop anymore, and I don't let my clients use it either, because of the false blacklisting of so many known legit newsletters and email addresses.  I just checked my current mail against the current SpamCop blacklist, and far, far too many of the tech and health news newsletters I subscribe to are listed - this is messed up. 

        There is no good reason to blacklist distribution[at]lewrockwell.com, Dr. Mercola's newsletter, SearchWin2000, Business Intelligence Report, Linux Report, InfoWorld's AdviceLine, CTO Connection, DBA Support, DataBase Journal, or Dr. Tim O'Shea's newsletter.  These are all long running newsletters.  Stop blacklisting them and maby people will use SpamCop more, and maby I can recommend a subscription to my cleints.

    Could you please give specific examples with IP addresses of the servers in question? Anecdotal comments are not useful in resolving situations.


  10. While submitting a spam I've been somehow informed of a new mailhost registration service that should improve spam source detection, etc.

    I have registered my main email address successfully, but then I wanted to register my other emails which redirect to my main email, as suggested, but I can't find any way to do that! I can't find any info about that service anywhere...

    Now I have the feeling that my registration is half complete, and I can't do anything about it...

    Any hint? :-)

    You'd have to elaborate as to what this mailhost registration service is.


  11. I would agree that any ISP doing mail filtering should advise their clients what they are doing so. Hence the bazillion comments that will come down the line telling you to contact your ISP.

    If you are willing to post the IP address here, myself, or others may be able to tell you the extent of the spam that is coming from the server in the Ukraine.

    It's nice to know both sides of the story.


  12. This is a disingenuous argument for the simple reason that communication is being cancelled between clients of servers, without notice given.

    Reports are sent to those listed as responsible for the IP listed (in most cases)

    Without Spamcop blockage, innocent users like myself and my collegue would not have our right to communicate violated in the name of your "war on spam."

    Just as you have a right to communicate, other have the right to *not* communicate with those reported to be the source of spewage. Without spamcop (and other similiar services) I would be getting an extra 1000+ pieces of unsolicted email a day. Spammers ruin it for everyone.

    Your service I believe will backfire insofar as people like myself on the receiving end have no recourse in dealing with a server in the Ukraine or wherever.

    Your options are twofold. Either switch to an ISP that does not use spamcop or convince the personal managing the server in the Ukraine that they need to fix their spam problem.

    what I have been active doing is contacting my server strongly urging them to drop your services

    What I do not understand is why you are *not* strongly urging the server operator from allowing spam to come from his system.

    my right to make a living using the net is being damaged by your interference.

    Your rights are not being infringed upon. *YOU* have chosen to use a carrier that *CHOOSES* to take measures to eliminate spam. You have the right to *CHOOSE* an ISP that does not do that. Using the same logic the criminals should go after government for taking away their freedom to steal...

    This cannot be tolerated on the internet.

    Why should the rest of the internet be forced to deal with spam because *YOU* are unwilling to change providers and someone else is unwilling to secure their server?


  13. My Companies email server has been listed in you black list resently and I would like to get a copy of the complaints that have been made against us and the contact inforamation for the people who have made the complaints. I understand from the FAQ that this information should be avaliabe but I have not been able to locate it on your webpage. Any assistant I can get in tracking down the problem so that it can be resolved would be appriciated.

    the server ip address is 66.179.107.13

    Reports were sent to abuse at inflow dot net. You may wish to contact them.

    You'll also want to get rDNS setup for your server's IP address as many mail admins (like AOL) choose to refuse mail from servers that don't have a PTR record for the server's IP.

    You may also wish to send an email to deputies at spamcop dot net who'll be able to provide you some better information as to why you are listed.

    I see that your machine has been sending to spamtraps. If you are running AV software on the server you'll want to disable the virus notification feature as that feature often send notifications to forged email addresses.

    Looks like you are running Exchange. You'll want to also make sure that all your role accounts (admin, guest, webmaster, etc) are either disabled or have non-trivial passwords as spammer are now trying to exploit default and role accounts on exchange servers.

    You'll also want to look at the configuration of the machine as does not appear to be identifying itself correctly (it's responding with mail01.westwood200 without the trailing .com .net or whatever is is supposed to be).


  14. I can't help wondering.

    Do these ISP really take care of spam reports ? I'm under the impression that they don't give a damn anymore, probably because they receive hundred of thousand of complaints and can't or won't treat them.

    Last week, I came back from a 14 days trip, got no less than 208 "enlarge penis" spam from chinanet. The worst part was that they found my private isp e-mail address which has never been published on the net. ( I never used it on forums nor remove list ).

    Can I obligate my provider to take responsability on this matter. I am convinced that their mail server is not secure.

    It depends on the ISP. Unfortnately since ChinaNet is not in the US there is not a lot that people in the US can do other than ask their ISP's to filter their mail.


  15. I understand completely the issue you raise - and I would argue that one must deal with the underlying problem here which is to help ensure that everyone is using AV software etc.  Further, if someone receives a message with a forged address from someone else, that's essentially identity theft and the person whose email address was forged is prevented from discovering that fact due to SpamCop.

    SpamCop is essentially shooting the messenger. There are a number of different ways to try and stop spam - we're all trying hard to stop it - but we should not need to step on each others' toes - we're on the same side!

    It's not just an issue of those compromised by viruses. 99% of the spam that I receive comes from a forged address. 80% of the email that is attempted delivery to me is spam. While it may be "identity" theft there is no means for the "average" person to do anything about it.

    Spamcop does nothing to prevent people from knowing that their email address was forged into an email.

    Your system is fine for protecting your users, but it *does* run the risk of generating spam for the rest of us. Just because your users like a C/R system doesn't mean that I want to get challenges to spam that your customers received. I get enough of my own spam. The problem is that you are protecting your users at the expense of the rest of the community.

×