Jump to content
Sign in to follow this  
aertight

[Resolved] Please help.

Recommended Posts

Please help!

We had a spam bot in our network like 6-8 weeks ago, since that as best as i know we are not listed on any black or block list, but we can`t send emails to a few organizations because a following message:

-----------------------------------------------------------------------------------------------------------------------------

Diagnostic information for administrators:

Generating server: SRVR-CASHTA.severnschool.com

lamonica[at]msmary.edu

barracuda.msmary.edu #554 Service unavailable; Client host [mail.severnschool.com] blocked by bl.spamcop.net; fe80::252d:c92b:e2ad:64c3 ##

Original message headers:

Received: from SRVR-CMSA.severnschool.com ([fe80::252d:c92b:e2ad:64c3]) by

SRVR-CASHTA.severnschool.com ([::1]) with mapi; Tue, 20 Apr 2010 12:14:36

-0400

From: Aertight User <aertight[at]severnschool.com>

To: "lamonica[at]msmary.edu" <lamonica[at]msmary.edu>

Date: Tue, 20 Apr 2010 12:14:36 -0400

Subject: Test

Thread-Topic: Test

Thread-Index: AQHK4KSSA8Lf5u0oA06D10bhMoSz8w==

Message-ID: <70F0EA32D8048A4FB17F4705A301F0A902C16EDB89C5[at]SRVR-CMSA.severnschool.com>

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

acceptlanguage: en-US

Content-Type: multipart/alternative;

boundary="_000_70F0EA32D8048A4FB17F4705A301F0A902C16EDB89C5SRVRCMSAsev_"

MIME-Version: 1.0

Thank you,

Scott

Share this post


Link to post
Share on other sites

Please help!

We had a spam bot in our network like 6-8 weeks ago, since that as best as i know we are not listed on any black or block list, but we can`t send emails to a few organizations because a following message:

Parsing input: 173.13.242.193
[report history]
Routing details for 173.13.242.193
[refresh/show] Cached whois for 173.13.242.193 : abuse[at]comcast.net
Using abuse net on abuse[at]comcast.net
abuse net comcast.net = abuse[at]comcast.net
Using best contacts abuse[at]comcast.net
Statistics:
173.13.242.193 not listed in bl.spamcop.net
More Information..
173.13.242.193 not listed in dnsbl.njabl.org ( 127.0.0.8 )
173.13.242.193 not listed in dnsbl.njabl.org ( 127.0.0.9 )
173.13.242.193 not listed in cbl.abuseat.org
173.13.242.193 not listed in dnsbl.sorbs.net

Reporting addresses:
abuse[at]comcast.net 

Not listed, no recent reports. I suspect a mal-formed error code from your recipient's server. Unfortunately SpamCop is often 'blamed' when it has nothing to doo with the problem, because the receiving server is mis-configured. But then you said a 'few' organizations so I'm puzzled.

Share this post


Link to post
Share on other sites
Not listed, no recent reports. I suspect a mal-formed error code from your recipient's server. Unfortunately SpamCop is often 'blamed' when it has nothing to doo with the problem, because the receiving server is mis-configured. But then you said a 'few' organizations so I'm puzzled.

Yes a number of "ISP's" have their own blacklist and falsely deflect blame to SpamCop

No reports at all made for 173.13.242.193 to SpamCop in last 3 months (the time SpamCop holds records for)

You will have to go to the ISP (webpage is best) and ask to be removed

Most blacklists nowadays are made from "Honeypot" email addresses and gather email IP's to form a blacklist, they then don't remove them

Seems to me that this started happening after SpamCop released it's open source showing how it reads headers to identify the emails IP source

Share this post


Link to post
Share on other sites
Yes a number of "ISP's" have their own blacklist and falsely deflect blame to SpamCop

No reports at all made for 173.13.242.193 to SpamCop in last 3 months (the time SpamCop holds records for)

You will have to go to the ISP (webpage is best) and ask to be removed

Most blacklists nowadays are made from "Honeypot" email addresses and gather email IP's to form a blacklist, they then don't remove them

Seems to me that this started happening after SpamCop released it's open source showing how it reads headers to identify the emails IP source

Thanks for the replays!

My boss told me, 2 other organizations have a same bounce back message as well, when i tested out, guess what, no bounce back at all, except from the original one.

I asked him to forward those bounced back emails, got none so far.

Thanks again!

Share this post


Link to post
Share on other sites

Barracudas do this frequently. It's annoying, but it's a Barracuda thing, not an actualy Spamcop listing.

Share this post


Link to post
Share on other sites
Barracudas do this frequently. It's annoying, but it's a Barracuda thing, not an actualy Spamcop listing.

I think, are guessing a broken version of SpamCop was made and circulated after the source code was made public? This combined with "Honeypot spamtraps" automatically listing IP's but very slow in removing them (in this case over 3 months later).

"SpamCop®" the official, the proper & only one, removes a listed IP in 24 hours after last report

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×