Jump to content

jaybeckham

Members
  • Content Count

    9
  • Joined

  • Last visited

Posts posted by jaybeckham


  1. PROBLEM SOLVED

    First let me say the spaming stoped yesterday. But I see tonight it is back again. In the meantime Skyweb gave me the IP of their Mail Server and the user name and password. I changed my send SMTP to their IP and all is well with sending email. Apparently the 70.109.95.137 verizon server was a DNS server. So now I am bypassing it by going directly to Skyweb server and then the mail goes to my domains at IXWebhosting.

    Thought some of you would like to know and I also wish to thank everyone that has tried so hard to help me. I really do appreciate it and would like to wish each of you a Happy Holiday and a Happy New Year...

    Again Thanks

    Jay Beckham in Wild and Wonderful West Virginia...


  2. REPLIES INTERLACED WITH QUESTIONS

    Thanks for the follow-up.

    I/we are still looking at getting 'you' connected to this IP address. The SenderBase numbers are still coming down, but a check at this time still shows a magnitude equating to approxiamtely 2,000 e-mails a day.

    A NetGear wireless router just looked at 'here' .. under the 'Admin' web-page seen by connecting to it directly via a web-browser ... under the section (which may or may not match your experience);

    Maintenance

    . Router Status

    .. Internet Port

    My DHCP (client) assigned IP address is shown .. in this case, if the 70.109.95.137 is "you/yours" .. this is where that IP address will show up. If so, this would indicate that you and only you is supposed to be the only user of that IP Address. If it shows up as a 172.16.x.x. number, ick!!! I would hate to try to sort out the problems involved with that. However, I'm still wondering about the 2,000 e-mails-a-day factor.

    ROUTER IS NETGEAR WGT624 V3

    MAINTENANCE DATA

    Internet Port

    MAC Address 00:14:6C:42:A6:31

    IP Address 172.16.19.179

    DHCP FixedIP

    IP Subnet Mask 255.255.240.0

    Domain Name Server

    172.16.16.1

    4.2.2.4

    That would be so illegal in almost all of the civilized world. There has to be yet another box that your CAT5 cable connects to, and that box actually connects to the antenna. You didn't mention whether you're in your own house or if it's possibly some kind of multi-family type dwelling ... point being that this additional box could also be a router to separate traffic between different familes or even houses ....????? Basically again at the issue of whether this is 'your' IP Address or if you are sharing this specific connection. Some of this would also tie into the liklyhood of just who might be 'close enough' to connect via your wireless connection .. the catch is that with the high-gain antennas in use, this other party might not have to be within the few hundred feet/metres/etc. of your wireless router to actually get into the stream ....????

    REPLY The cable from the router goes to a small black box about 3 X 4. The box is attacted to 110 v ac and another wire goes up to the "device" on the roof.

    This is a sinngle family house. just my computer (3), the router, the black box, and the antenna.

    Regards the antenna being used by others, they would have to have their own and carefully aim it to the tower. Skyweb can look backwards to my router and would see more than one router...

    The thoughts of a high-gain directional antenna system would make sense in that 'several miles' description.

    Possible semantics, but .. 'password' really should be 'passphrase' for that yet another level of protection.

    YES Passphrase is correct

    That the network has much expanded in this more complete network description does offer multiple points of issue that definitely weren't brough up in the original query. A few thousand e-mails a day probably wouldn't be enough traffic to make a bandwidth issue known if there's already this shared-mode going on.

    If this actually the case, (the 70.109.85.137 IP address does not exist at all on that router) then you are still at the mercy of whoever else is actually sharing that IP address with you. This specific question may have to be asked at your SkyWeb connection ... again, pointing out the 2,000 e-mails a day as seen by SenderBase if you aren't sending out that much e-mail (and noting that the SenderBase Magnitude numbers are only those e-mails 'seen' by the world-wide monitoring connections, the real traffic is probably even higher.) The question might be something to pin down whether this is 'your IP address or if it's 'the IP address' for a housing area, say several buildings ...????

    REPLY: Skyweb "claims" I am the only person being blocked. But my contact there is by no means an expert...mainly the receptionist

    Nothing in that log that appears to deal with e-mail.

    Attempting to research directmessagelab stuff .... a web-page that basically does not work on my (secured) systems ... no links (again, nothing that works from here) to any actual data. Via Google listings to various press releases, oRbitz postings in yet another Forum touting their 'new' tools that in fact use DirectMessageLab crap, and numerous web-pages with their 'links' .. I would never install this garbage on my systems. The fact that you can't find a way to 'remove' it is more than likely because this isn't an application .... it's a web-browser hack, something that SpyBot should allow you to see under something like Browser Helper Objects and/or ActiveX crap (seen from the complaints that a Mac version does not exist) Your repeated and various log listings are due to this thing making constant checks for updated material for whatever "Brand Channel(s)" you have subscribed to.

    REPLY I took it out of the Startup and it hasn't come back.

    Only if you are going to actually install/use one that offers something a bit closer to 'total' protection. At present, you have a NetGear router (again, un-named) that would typically offer some NAT type of firewall protection, the XP firewall doing some additional inbound protection .... but also noting that your reply was in the singular, are all of the computers XP-SP2?

    REPLY All of the wired computers are running XP-SP2. The laptop, rarely used, is running Vista Home Edition

    That should remove your wireless router from the list of possible connection points by others. (noting the above mention of "passphrase" ...

    Thanks for that clarification. Each tool has specific things that it does and does well, but none of them are all-encompassing. Noting that those tools advertised as 'doing everything' generally don't work worth a dang on anything.

    REPLY I am also running PC Tools, Spyware Doctor

    Thanks

    Jay Beckham


  3. Sorry but I had to go to work this morning at 6 am and have finally gotten back home. I will answer as much as I can with in the body of the latest reply......

    It does appear that my lengthy detailed post has pretty much been ignored. Thanks.

    For those not quite keeping up, the appearances are that IXWebHosting isn't actually blocking e-mail 'outgoing' from IXWebHosting .. it is refusing to accept e-mail that is attempted to be sent from whatever device is sitting at 70.109.95.137 .. though at this point, no one can tell just what this device is or where it sits in jaybeckham's network/path/configuration/whatever. Historically, this scenario has resulted from a wireless router/connection point being used by someone other than the owner .. at least in the last half-dozen or so situations addressed within thsis Forum.

    70.109.95.137 is apparently a Verizon server that Skyweb is sending me and others throught. I have a Netgear Wireless router and the Internet side is attached by Cat5 to an antenna. The antenna is mounted on the side of the house and looks a bit like Mickey Mouse Ears... Several miles from me is a large radio station antenna and on top of the mast is a device of some kind that can send and receive wireless signals in the 900 mhz range I believe. From there I am told that hook to a T1 line owned by Verizon.

    Asked and not answered ....

    What is the assigned IP address of the computer used to try to send these e-mails?

    Does the 'router' have an assigned IP address?

    Does the "connection device" have an assigned IP address?

    I have three computers attached to the router via Cat5. I rarely use the wireless accept with my laptop. This afternoon I installed WPA securtiy to that router with a password. Each of my computers are set to automatically assign an IP. At this moment the computer I am typing on is 192.168.1.2 and the computer in my basement is 192.168.1.5

    My static IP Address is 172.16.19.179

    The Gateway IP Address is 172.16.16.1

    The DNS server is 172.16.16.1 Primary

    The Secodary DNS Server is 4.2.2.4

    The LAN TCO/IP IP is 192.168.1.1

    That is all the setting that are shown in the router.

    Does either unit have any kind of logging service, who/what is connected service, etc.?

    Yes the router has a log. Below is the most recent log.

    [ALLOW:www.directmessagelab1.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:53:47

    [ALLOW:forum.spamcop.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:54:03

    [ALLOW:toolbarqueries.google.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:54:04

    [ALLOW:forum.spamcop.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:54:05

    [ALLOW:alpha.cesmail.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:54:05

    [ALLOW:forum.spamcop.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:54:06

    [ALLOW:update.directmessagelab1.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:02

    [ALLOW:cruisesonthesea.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:03

    [ALLOW:cruisesonthesea.jurni.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:03

    [ALLOW:toolbarqueries.google.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:06

    [ALLOW:cruisesonthesea.jurni.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:06

    [ALLOW:data.vacationport.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:07

    [ALLOW:images.vacationport.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:07

    [ALLOW:toolbarqueries.google.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:17

    [ALLOW:forum.spamcop.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:48

    [ALLOW:toolbarqueries.google.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:49

    [ALLOW:forum.spamcop.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:49

    [ALLOW:alpha.cesmail.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:49

    [ALLOW:forum.spamcop.net] Source: 192.168.1.2 Monday, 17 Dec 2007 14:55:49

    [ALLOW:www.directmessagelab1.com] Source: 192.168.1.2 Monday, 17 Dec 2007 14:58:47

    [ALLOW:update.directmessagelab1.com] Source: 192.168.1.2 Monday, 17 Dec 2007 15:05:03

    [ALLOW:www.directmessagelab1.com] Source: 192.168.1.2 Monday, 17 Dec 2007 15:08:47

    [ALLOW:update.directmessagelab1.com] Source: 192.168.1.2 Monday, 17 Dec 2007 15:15:03

    You will not some www.directmessagelab1.com and update.directmessagelab1.com items. I have no idea of what that is. The one that says 15:15:03 is the moment I tried to send some emails....hmmmm that is unusual... I will receive some emails and see what happens....

    Nothing was added to the log.... just when I try to receive.

    Apparently Direct Messages is from a company called Passport to Profit which is a travel agent related product that I use. Apparently when I send email it first off also???? I will uninstall the program and see what happens as I rarely us it anyway.... Perhaps SpamCop sees it as spam???

    There isn't anyway to uninstall it. It is on my Startup menu so I took it off.

    Is there a firewall anywhere in this morass?

    Yes....The Windows XP SP2 firewall is the only on. Should I shut it down?

    Actually identifying the equipment involved may (or may not) actually help (us to help you) ...????

    http://www.senderbase.org/senderbase_queri...g=70.109.95.137

    Volume Statistics for this IP

    Magnitude Vol Change vs. Last Month

    Last day ...... 4.1 .. 615%

    Last month .. 3.3

    OK, traffic reduced from 800%+ to 600%+ .... did you actually get around to changing the security bits or is that the 'problem' has moved on or shut down his/her computer?

    Yes I added the WPA to my router.

    NOTE: ad-aware is but one tool in the arsenal that should be in place and used.

    I installed and ran Ad-Aware and Spybot Search and Destory (free versions) and am running the free version of Avast. Previously I was using BitDefender paid version. I still have it available...but one of the tech guys at Skyweb has suggested Avast when I first started getting blocked last month.

    Moderator Edit: fixed the quoting so as to separate the replies to each bit of query.


  4. Steven

    I would assume that IXWebHosting is whom I am paying for hosting is providing the mail-server as SkyWeb does not provide me any email services, just internet access. I do not know how email works but apparently my POP3 out going messages are going to 70.109.95.137 as is all of my internet traffic.

    The POP3 and SMTP all go to mail.thebeckhams.us The outgoing is using port 110 and the incoming mail is using port 25. Those server names are setup in the IXWebHosting control panel. The domain's IP is 76.162.76.114. The primary DNS is 71.18.255.99

    In the meantime I am running spyware detection (Ad-Aware) and will be setting my router to WPA

    Thanks

    Jay Beckham


  5. Are you saying all of your email is being sent through that IP address and being bounced? Is your Web Mail (Horde) account through spamcop? Can you email to your webmail account (which does not block any emails) or send me an email using the address in my sig (put "SpamCop forum request" in the subject)? I would like to see where your email is getting to that verizon address? Are you specifically using that server for outgoing, or is it being forwarded there by a provider?

    Steven

    I keep getting no user messages for your email.

    Tried underwoodforum underwood.forum and underwood+forum all at spamcop.net

    None worked...

    email me at jay[at]thebeckhams.us and I can reply from Gorde.

    I can also post the message source on here as it shows the IPs etc.

    Jay


  6. Senderbase shows a recent 800% increase in traffic from that server which might suggest that someone is using that server to send spam. From what you say, that's probably a shared server so you may be an innocent bystander. Two questions:

    1. Who do you actually pay to provide you with a mail-server? This is who you should take this matter up with.

    2. Could you please post (in full) the rejection message you receive as it will help us to help you.

    It is unlikely that anything is stopping you sending mail (see FAQs) - some people are choosing not to receive it.

    Derek & Steven

    I pay SkyWeb for a connection to the internet only. I pay IXWebHosting.com to host my domains. So basically I believe the 70.109.95.137 must be a DNS server or at least that what Skyweb has told me. My router shows a Gateway IP Address of 172.16.16.1 and a DNS server of 172.16.16.1 also. IXWebHosting furnishs me Static IPs for each of my domains. Here is the messages I am getting:

    The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'yakinhix[at]yahoo.com'. Subject 'Re: Cruise Request', Account: 'mail.cruisesonthesea.com(1)', Server: 'mail.cruisesonthesea.com', Protocol: SMTP, Server Response: '451 Blocked - see http://www.spamcop.net/bl.shtml?70.109.95.137', Port: 25, Secure(SSL): No, Server Error: 451, Error Number: 0x800CCC79

    The message could not be sent because one of the recipients was rejected by the server. The rejected e-mail address was 'deputies[at]admin.spamcop.net'. Subject 'Re: BL dispute: IP:70.109.95.137', Account: 'mail.thebeckhams.us', Server: 'mail.thebeckhams.us', Protocol: SMTP, Server Response: '451 Blocked - see http://www.spamcop.net/bl.shtml?70.109.95.137', Port: 25, Secure(SSL): No, Server Error: 451, Error Number: 0x800CCC79

    Thanks

    Jay Beckham


  7. Here is what Spamcop says: System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

    I also get the hour count down from 24... it will go down to 11 or so and then start over. 70.109.95.137 is a Verizon server .hag.east.verizon.net . My ISP is SkyWeb and is a WiMax type service. I have a wireless device that communicates with their (SkyWeb) device on a local radio tower. They apparently buy their feed from VErizon on a T-1 cable I imagine. They do not provide email service and also refuse to help me. My various email accounts are related to several domains I own which are hosted at IXWebHosting. They also refuse to help me. I also found out one of the offending domains and contacted GoDaddy that sold/registered the domain and no answer from them so far. Also each of my domains have static IP addresses but not 70.109.95.137. I assume that is a mail server.

    Any help would be appreciated.

    Jay Beckham

    Berkeley Springs, WV

    jay[at]thebeckhams.us

    PS All of my domains can't send email except with Web Mail (Horde).

×