aertight Posted April 20, 2010 Share Posted April 20, 2010 Please help! We had a spam bot in our network like 6-8 weeks ago, since that as best as i know we are not listed on any black or block list, but we can`t send emails to a few organizations because a following message: ----------------------------------------------------------------------------------------------------------------------------- Diagnostic information for administrators: Generating server: SRVR-CASHTA.severnschool.com lamonica[at]msmary.edu barracuda.msmary.edu #554 Service unavailable; Client host [mail.severnschool.com] blocked by bl.spamcop.net; fe80::252d:c92b:e2ad:64c3 ## Original message headers: Received: from SRVR-CMSA.severnschool.com ([fe80::252d:c92b:e2ad:64c3]) by SRVR-CASHTA.severnschool.com ([::1]) with mapi; Tue, 20 Apr 2010 12:14:36 -0400 From: Aertight User <aertight[at]severnschool.com> To: "lamonica[at]msmary.edu" <lamonica[at]msmary.edu> Date: Tue, 20 Apr 2010 12:14:36 -0400 Subject: Test Thread-Topic: Test Thread-Index: AQHK4KSSA8Lf5u0oA06D10bhMoSz8w== Message-ID: <70F0EA32D8048A4FB17F4705A301F0A902C16EDB89C5[at]SRVR-CMSA.severnschool.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: multipart/alternative; boundary="_000_70F0EA32D8048A4FB17F4705A301F0A902C16EDB89C5SRVRCMSAsev_" MIME-Version: 1.0 Thank you, Scott Link to comment Share on other sites More sharing options...
Derek T Posted April 20, 2010 Share Posted April 20, 2010 Please help! We had a spam bot in our network like 6-8 weeks ago, since that as best as i know we are not listed on any black or block list, but we can`t send emails to a few organizations because a following message: Parsing input: 173.13.242.193 [report history] Routing details for 173.13.242.193 [refresh/show] Cached whois for 173.13.242.193 : abuse[at]comcast.net Using abuse net on abuse[at]comcast.net abuse net comcast.net = abuse[at]comcast.net Using best contacts abuse[at]comcast.net Statistics: 173.13.242.193 not listed in bl.spamcop.net More Information.. 173.13.242.193 not listed in dnsbl.njabl.org ( 127.0.0.8 ) 173.13.242.193 not listed in dnsbl.njabl.org ( 127.0.0.9 ) 173.13.242.193 not listed in cbl.abuseat.org 173.13.242.193 not listed in dnsbl.sorbs.net Reporting addresses: abuse[at]comcast.net Not listed, no recent reports. I suspect a mal-formed error code from your recipient's server. Unfortunately SpamCop is often 'blamed' when it has nothing to doo with the problem, because the receiving server is mis-configured. But then you said a 'few' organizations so I'm puzzled. Link to comment Share on other sites More sharing options...
petzl Posted April 21, 2010 Share Posted April 21, 2010 Not listed, no recent reports. I suspect a mal-formed error code from your recipient's server. Unfortunately SpamCop is often 'blamed' when it has nothing to doo with the problem, because the receiving server is mis-configured. But then you said a 'few' organizations so I'm puzzled. Yes a number of "ISP's" have their own blacklist and falsely deflect blame to SpamCop No reports at all made for 173.13.242.193 to SpamCop in last 3 months (the time SpamCop holds records for) You will have to go to the ISP (webpage is best) and ask to be removed Most blacklists nowadays are made from "Honeypot" email addresses and gather email IP's to form a blacklist, they then don't remove them Seems to me that this started happening after SpamCop released it's open source showing how it reads headers to identify the emails IP source Link to comment Share on other sites More sharing options...
aertight Posted April 21, 2010 Author Share Posted April 21, 2010 Yes a number of "ISP's" have their own blacklist and falsely deflect blame to SpamCop No reports at all made for 173.13.242.193 to SpamCop in last 3 months (the time SpamCop holds records for) You will have to go to the ISP (webpage is best) and ask to be removed Most blacklists nowadays are made from "Honeypot" email addresses and gather email IP's to form a blacklist, they then don't remove them Seems to me that this started happening after SpamCop released it's open source showing how it reads headers to identify the emails IP source Thanks for the replays! My boss told me, 2 other organizations have a same bounce back message as well, when i tested out, guess what, no bounce back at all, except from the original one. I asked him to forward those bounced back emails, got none so far. Thanks again! Link to comment Share on other sites More sharing options...
kmolloy Posted April 21, 2010 Share Posted April 21, 2010 Barracudas do this frequently. It's annoying, but it's a Barracuda thing, not an actualy Spamcop listing. Link to comment Share on other sites More sharing options...
petzl Posted April 22, 2010 Share Posted April 22, 2010 Barracudas do this frequently. It's annoying, but it's a Barracuda thing, not an actualy Spamcop listing. I think, are guessing a broken version of SpamCop was made and circulated after the source code was made public? This combined with "Honeypot spamtraps" automatically listing IP's but very slow in removing them (in this case over 3 months later). "SpamCop®" the official, the proper & only one, removes a listed IP in 24 hours after last report Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.