Jump to content

Chris Parker

Membera
  • Content Count

    196
  • Joined

  • Last visited

Posts posted by Chris Parker


  1. I sent an email to bl[at]admin.spamcop.net  earlier today asking for info.

    Haven't received a reply yet. 

    It's unfortunate that the two complainers didn't supply any info.    How can we figure out the problem without any info? 

    Anyways, we're just a normal defense contractor. We are not in the business of sending out unsolicited emails.    It's possible a trusted server was abused/relayed.

    Try deputies [at] spamcop . net.

    Yes, that is the disadvantage of mole accounts. While they protect the reporters, they hinder those involved that actually care. Spams spoil it again.

    Possible also that an employee sent out an email to everyone on his contact list and those were reported as spam.


  2. http://www.spamcop.net/w3m?action=checkblo...=204.194.72.241

    At least two people reported that they received spam from that IP.

    Possible the reporters were in "mole" status, in that reports are not sent.

    You'll want to drop a line to deputies at spamcop dot net and include the IP that you are asking about.

    As long as there are no additional spam reports, the listing should come off within 48 hours of the most recent report.


  3. It would be simpler if it was NNTP :D

    Would also be nice if it added the posters IP.

    Yes, I prefer the threading of NNTP, but will deal with it. We'll probably see less messages straying off-topic!

    I, too, would also like to be able to see the IP address of the poster.


  4. Received: by nas.net (CommuniGate Pro PIPE 4.1.8)

      with PIPE id 18659775; Sun, 01 Feb 2004 17:35:13 -0500

    Received: from [199.166.6.56] (HELO gouda.execulink.net)

      by nas.net (CommuniGate Pro SMTP 4.1.8)

      with ESMTP id 18659780; Sun, 01 Feb 2004 17:35:08 -0500

    Received: from mshweihat (ppp120.f1.56k.execulink.com [209.239.31.120])

    by gouda.execulink.net (8.11.6/8.11.6) with SMTP id i11MKbw15574;

    Sun, 1 Feb 2004 17:20:37 -0500

    Looks like the chain is being broken...

    If you can fix that it would help. You might want to send an email to deputies at spamcop dot net. (It *could* be a problem with nas.net not properly adding headers)


  5. You are  *NOT* notifying the sender; you are sending these to people who *never* sent you a virus and have *nothing* to do with your server receiving virus mails. You are mailbombing innocent email addresses. Most people have turned off these autoresponders.

    The amount of traffic that you are causing other people and other helpdesks is unfair -- what do you think happens when some totally innocent person receives one of your misdirected messages? They get all worried that they have a virus, they call their ISP, they tie up their ISPs resources.

    Close enough to 100% of the current virus traffic has totally forged "from" addresses for me to say that 100% of the antivirus autoresponses are going to the wrong place. On a forum of admins that I participate in, admin after admin is saying the same thing: we had our defenses up to deflect all incoming mydoom within a hour or two of hearing about the new virus *but* we are overwhelmed with anti-virus autoresponses coming to us and our users and those autoresponses are creating all kinds of problems.

    Most people have turned these autoresponses off.

    As a mail admin I have, and continue to with each new virus, write filter rules to reject virus notifications from improperly configured AV software. The support hassles of having to deal with clients that have been mislead to believe they are infected is amazing. I've heard about the creation of block lists specifically designed to block servers that create these types of abuse...


  6. i prefer to receive a mail with spamming anda easily delete it rather than missing some important infos...

    I wish my issues were that easy. Without filtering I'd get over 600 pieces of spam A DAY. Even at 2 seconds to identify the mail as spam it'd take me 20 minutes to just delete my spam.


  7. 216.136.168.81 listed in bl.spamcop.net (127.0.0.2)

    From looking at some of the posts in news.admin.net-abuse.sightings concerning that IP address it appears that their system is spitting out support tickets to people's email addresses that have been forged as the from address in spam.

    Something you'll need to take up with them. They may need to change some of the email addresses those that use the service are using.


  8. Since we have only been on this server for about 5 days, I question the part of this message that says we have been consistanty sending mail for 23.7 days when we have only been on this server for 6 days.

    This brings up the question of; does spamcop blocking all email from a server regardless of the domain the email has come from?

    Spamcop blocks by IP address, not email address, domain name, or user.

    The messages Been...,Been...,Been... are really meaningless. Less then 10 times, so. sending mail to spam traps, what's a spam trap?

    Spamtraps are addresses that have never been used which should never get any mail. Any mail to them is unsolicted.

    As well, given the infestation of the virus that hit on monday, it seems like everyone could be likely to be sending 'spam' this last week. While the service we have now protects us from viruses our old one did not, that is how we got infested.

    Viruses are not to be reported using the spamcop system. There is the possibility that viruses *could* send to spam traps. But, in your case, there is no spam trap activity.

    And finally. What is the procedure to clear this up? My one user will never get to send a mail to her friend on that domain again? Layout a plan to get unblocked and re-evaluated.

    You'll need to contact the hosting company. You may wish to send your mail through your ISP's mail servers rather than via your hosting company.

    The IP will be delisted about 48 hours after the last spam report. You may wish to directly contact one of the deputies and see if they'll provide you additional information concerning the listing.


  9. Yet......   No.....    Wait....    Spamcop is getting $1,000 per subscription to its blocklist....

    Where did you hear that? Show some proof of that? I use the blocklist on our servers and I do not pay a cent!

    I think he was confusing querying the block list (Query cost FAQ) with the $1000 charge to have direct access to the list (Direct access FAQ)

    I, too, choose to query the list for free.


  10. Mailblocks.com is THE solution to spam! 

    No, mailblocks.com generates spam. If I didn't send a message to anyone using their system, why should I have to deal with challenge messages in response to spam with forged headers? mailblocks can *easy* fix their problem. Have them contact me.

    Would someone please remove the Mailblocks.com servers from your spammers lists.

    They will come off the list 48 hours after mailblocks stops spamming.

    By including Mailblocks.com servers on your "blacklist", you are recommending that subscribers to your list NOT accept email from these servers.

    Yup.

    Your recommendation is causing damage to all the legitimate users of Mailblocks.com who are simply TRY TO AVOID AND DEFEAT spam!

    You cannot defeat spam by creating it.

    If someone at spamcop does not correct this problem by removing legitimate servers from your "blacklist" of recommendations, the result WILL be....

    result will be what? nothing?

    You owe it to the cause of defeating spam, if that is your real intention and motivation at all....., to correct this fatal flaw in your system.

    The flaw is with mailblocks, not spamcop.

    Yet...... No.....    Wait....    Spamcop is getting $1,000 per subscription to its blocklist....

    Nope, free for almost everyone.


  11. I don't know what you are saying is "unlikely", but I know for certain that Earthlink's mail server got hit by that virus yesterday because I was on the phone with my domain support because I wasn't getting e-mails. They explained that they got hit by the virus and mail would be backed up for a while.

    Unlikely that this listing has anything to due with viruses.

    Publishing my business name as a spammer when it isn't is a legal matter. That is called defamatory libel. I do understand the issues, as they pertain to me.

    Spamcop has not published your business name as a spammer. Spamcop has published a list of IP addresses that people have complained about.

    Restricting my access is yet another matter.

    Spamcop has not restricted your access to anything. Mail admins have chosen to consult the spamcop blocklist. *They* have restricted your access to their mail server. You can contact them by phone, snail mail, fax, or from a different email address and ask them to whitelist that particular Earthlink server.

    If the virus/worm keeps replicating in my name, I will be blacklisted into infinity + 48 hours. Does anyone get what this problem is????

    This listing does not appear to have anything to do with virus activity. Spamcop does not look at the from addresses is messages.

    The listing is because Earthlink has configured that particular mail server is such a way that *anyone* in the world can send spam from it.

    This listing issue is not about *you*. It's about Earthlink allowing anyone to send spam from that machine who wants to.

    I'm just someone trying to do my business (legitimately) and communicate with a friend who is traveling in Israel.

    I don't think that anyone is is doubting that. You may wish to use a hotmail, yahoo, or other webmail account until Earthlink secures their server.


  12. I don't know what you are saying is "unlikely", but I know for certain that Earthlink's mail server got hit by that virus yesterday because I was on the phone with my domain support because I wasn't getting e-mails.  They explained that they got hit by the virus and mail would be backed up for a while.

    Unlikely that the listing was due to the virus.

    Their server is an open relay -- meaning *anyone* can send junkmail through it.

    Publishing my business name as a spammer when it isn't is a legal matter.  That is called defamatory libel.  I do understand the issues, as they pertain to me.

    Spamcop has not published your business name, nor said that *YOU* are a spammer, only that people have reported receiving spam from that particular IP address.

    Restricting my access is yet another matter.

    Your access has not been restricted by spamcop. Other mail admins have chosen to consult spamcop. You can contact them by phone, snail mail, or a different email service and ask the to whitelist Earthlink's server.

    You should read this post: http://forum.spamcop.net/forums/index.php?showtopic=35

    Viruses/worms are a part of our everyday life.

    This spamcop issue has nothing to do with viruses. It's a technical issue that Earthlink can resolve.

    If the virus/worm keeps replicating in my name, I will be blacklisted into infinity + 48 hours.

    Spamcop does not list people's email addresses.


  13. I posted earlier because I have been blacklisted. My domain is hosted by Earthlink. My IP address is 207.217.120.99

    Generally best to start a new thread so people don't get confused as to what they are responding to.

    I know that the Earthlink mail server got hit by the Novarg or MyDoom virus yesterday. I have received hundreds of Mailer Daemon returned mail since yesterday. There are all sorts of names[at]houseofwaterdancer.com The only legitimate one is lynda[at]........

    Could this be why I am blocked?

    Unlikely.

    SpamCop needs something. I would hate to have to waste any further time by reporting this to my state's Attorney General's office. But I will.

    http://openrbl.org/ip/207/217/120/99.htm

    The Earthlink machine appears to be an open relay at the moment, meaning that *anyone* can send mail from it -- and apparently has. Your issue is with Earthlink -- not spamcop.

    Generally making threats of legal action when one does not understand the issues involved makes one look less than professional. Spamcop has done nothing other than publish a list of IP addresses that people have complained about.

    So, please get me off this black list.

    The listing will be removed about 48 hours after the most recent spam complaint.


  14. I've been out of town for the past 5 days and there is no way any emails have been sent from my system. So are you saying that I'm sharing the Mail server?

    I really don't know. Only you and/or your ISP can answer that question. I'm guessing that since the reverse lookup of the IP is host100.apollohosting.com that it's a shared server. You'll want to call your ISP and ask them why they are allowing people to spam from their network.


  15. If you look here: http://www.spamcop.net/w3m?action=checkblo...=209.239.45.101

    You'll see that the machine in question has been sending to spamtraps.

    If this machine is solely your it looks like it's been compromised.

    If this machine is used to host multiple users, or handle mail from multiple people then it appears that the provider has a spammer on their network.

    The IP will be removed about 48 hours after the most recent spam report.

×