Jump to content
Sign in to follow this  
blacklisted

[Resolved] please remove blacklisting

Recommended Posts

Hello,

due to a misconfiguration of an internal sub domain, which should never be seen in public because it has no dns record, we seem to be blacklisted on the spamcop list. We solved the problem immediatly yesterday and delisted ourselves. But because of mails with the wrong sub domain which were stored in the mail queue and delivered after that we were blacklisted a second time. Now we are not able to remove our IP again.

We are a company and it is really essential for us to send mails to our customers, which is now not given more or less. Could you please remove us?

I will send you the IP address, if you give me a contact.

Share this post


Link to post
Share on other sites
...I will send you the IP address, if you give me a contact.
Looks like you have 15 hours left before automatic delisting. You can try Don D'Minion, SpamCop Admin if you wish to try for special dispensation - service[at]admin.spamcop.net

Share this post


Link to post
Share on other sites

Hello,

I read in the FAQ: "The SpamCop blocklist lists only IPs that are sending spam; the blocklist does not list email addresses or domain names. It does not list for missing or incorrect DNS/rDNS"

There were send no spam from us, we know definitely which mail adds our IP on the block list and who was the recipient. And the only different thing to all the other sent mails was a "Return Path" to the sub domain foo.bar[at]test.xxx.xx instead of foo.bar[at]xxx.xx.

I don't know how this could happen if a listing takes no place by incorrect/missing dns records.

Share this post


Link to post
Share on other sites
...I don't know how this could happen if a listing takes no place by incorrect/missing dns records.
A mailserver (IP address) close to the IP address you posted from sent mail to a SpamCop spamtrap (to re-assure you, only a few of us 'here' can see your posting address). Reports of this activity were not sent to alert you because it was a spamtrap involved. The record says:
If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 15 hours.

Causes of listing

* System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

Additional potential problems

(these factors do not directly result in spamcop listing)

* Too many delisting requests were made. Next request might be allowed after 13 hours

Because of the above problems, express-delisting is not available

Listing History

In the past 40 hours, it has been listed 2 times for a total of 25 hours

That may not be you but it seems very likely. Enter the IP address of that server at http://www.spamcop.net/bl.shtml and see for yourself. It may have been backscatter involved, only a SC staff member could know. Contact Don.

Share this post


Link to post
Share on other sites
Looks like you have 15 hours left before automatic delisting. You can try Don D'Minion, SpamCop Admin if you wish to try for special dispensation - service[at]admin.spamcop.net

Thank you very much for that mail address. 15 hours is a big problem for us...

A mailserver (IP address) close to the IP address you posted from sent mail to a SpamCop spamtrap (to re-assure you, only a few of us 'here' can see your posting address). Reports of this activity were not sent to alert you because it was a spamtrap involved. The record says:That may not be you but it seems very likely. Enter the IP address of that server at http://www.spamcop.net/bl.shtml and see for yourself. It may have been backscatter involved, only a SC staff member could know. Contact Don.

Yes thats it. I contacted Don. Thank you.

Share this post


Link to post
Share on other sites
Thank you very much for that mail address. 15 hours is a big problem for us...

Yes thats it. I contacted Don. Thank you.

You are welcome. Unfortunately a timezone difference confronts you. I can suggest nothing to deal with that.

Share this post


Link to post
Share on other sites
<snip>

We are a company and it is really essential for us to send mails to our customers

<snip>

..Your company is quite fortunate if this blacklisting is the only reason it has or ever will not be able to reach its customers via e-mail. Internet e-mail as we know it today is not, never has been and is unlikely ever to be a guaranteed delivery mechanism. Alternative means of communication should be in all good business processes.

Share this post


Link to post
Share on other sites

Excuse me that I will not discuss here with you if we should need email in a essential way or not. If we wouldn't use alternatives there would be much more trouble than you could believe because of such a forum post.

Don't be angry but this is not the topic of this thread.

Share this post


Link to post
Share on other sites
<snip>

Don't be angry but this is not the topic of this thread.

...Why would I be angry? I provided some free advice and you may accept or reject it as you deem appropriate. If you go out of business because you ignore my advice, that's no skin off my nose. And there's nothing to ensure my advice is of any real value, it's more or less just my opinion, adopted from advice given by others. :) <g>

Share this post


Link to post
Share on other sites
...Why would I be angry? I provided some free advice and you may accept or reject it as you deem appropriate. If you go out of business because you ignore my advice, that's no skin off my nose. And there's nothing to ensure my advice is of any real value, it's more or less just my opinion, adopted from advice given by others. :) <g>

Yes and I appreciate that. But we are not a small company which didn't know about such things. We are certified by much more standards than somebody would believe. IT Security is one of our major purposes and so you can imagine how much trouble there will be if you although got on a blacklist. I hope Don could say us, why we are on this blacklist, but I don't think he will do. :)

Additional we were testing the iron port product (thats because we integrate the test.xxx.de subdomain) and the same time we got on this blacklist... Very strange.

Share this post


Link to post
Share on other sites

Perhaps you need to talk to ironport support about this coincidence.

You also might be able to contact those who are using the spamcop bl to block your emails and see if they would whitelist your email addresses. If you explain to them that you have fixed the problem, they might be willing to let your email in. Not everybody uses the spamcop bl to block; in fact, most use it only to filter - those people might find your email in the junk folder. You could call your clients and see if they have received your email and tell to look in the junk folder or whitelist it.

One of the basic premises of spamcop is that when spam stops, the listing stops. If the spam does not stop, the listing continues. I don't think that you can be listed for anything else. Spamcop will tell you about other problems that will get you listed on other lists, but AFAIK, spamcop only lists IP addresses that have sent spam. I don't think fixing the internal dns address fixed the problem.

Miss Betsy

Share this post


Link to post
Share on other sites
<snip>

I hope Don could say us, why we are on this blacklist, but I don't think he will do. :)

<snip>

...From what I've seen, Don is more than willing to help to whatever degree he can. Whenever I'm surprised, it's because Don has done more than I would have expected that he would be able to do (not for me, personally, because I've never needed his help, but from what I've seen him post here in response to others' requests).

Share this post


Link to post
Share on other sites

Marking this resolved insofar as the IP has delisted (apparently without SC intervention but ... I don't know) and the affected server seems to be back in action. The weirdness (or coincidence) concerning the "Reply-to:" address, spamtraps and IronPort testing remains unresolved but I'm guessing those things may not be appropriate matters for public discussion anyway.

Of course the topic remains open should there be further developments for discussion or further matters with which 'we' might assist.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×