Jump to content
Sign in to follow this  
pianoman

How come I'm on the SpamCop database?

Recommended Posts

How come I'm on the SpamCop database. I've never sent spam to anyone. In fact I probably only send a couple of emails per day - and those simply to Amazon or friends. So when I needed to get an urgent message through to stop a parcel being delivered I get the email returned with the message ' Your server IP address is in the SpamCop database, bye'

I need my email. I have throat cancer so cannot use the 'phone.

PLEASE HELP

Share this post


Link to post
Share on other sites

Hi pianoman,

I'm afraid you've not given us enough to make any informed suggestions. The SpamCop blocking list (if that is indeed the cause for your mail being "bounced", sometimes the non-delivery notices are inaccurate) works on IP addresses. We would need to know the specific IP address that was rejected by the receiving network (it should have been stated in the notice) to say anything informed.

I may be wide of the mark but in GENERAL, this would not be your personal network connection address, it would be a server address of your e-mail service provider. Those mail servers handle messages from many people and when any of those sends spam, there is a chance that it will lead to the server being added to many blocking lists (including SC), some or several that the receiving network may elect to use.

There are two pieces of good news. Firstly, most e-mail service providers will have more than one mail server in use (most have many, either their own or hosted by another company) so the first thing to try is to send the message again - the chances of it going through the same (blocked) server may not be great (and might decrease with time - try several times).

Next, the SCbl, if that is the only blocklist involved, reacts quickly, both to the detection of spam and to delist, once the spam stops. And it usually notifies the abuse handler of the service/network involved, often before listing has occurred, giving the chance to get it sorted out quickly. Other blocklist are not quite as forgiving.

Whatever is happening, your e-mail service provider will/should know about it (especially if SC is involved) and you should contact them for assistance (and an explanation). You are paying for a service which is being compromised.

Finally, I suggest it would be a good idea to get yourself a free e-mail account (gmail, hotmail, yahoo, whatever) for such exigencies in future. Your regular provider may be better than most (or we might have heard from you before this) but nobody can guarantee completely uninterrupted service. Well, not without you paying an arm and a leg for it.

Now and in future

  • try resending
  • contact your provider
  • get yourself a contingency/emergency service

Steve

Share this post


Link to post
Share on other sites

Hi pianoman,

I'm afraid you've not given us enough to make any informed suggestions. The SpamCop blocking list (if that is indeed the cause for your mail being "bounced", sometimes the non-delivery notices are inaccurate) works on IP addresses. We would need to know the specific IP address that was rejected by the receiving network (it should have been stated in the notice) to say anything informed.

I may be wide of the mark but in GENERAL, this would not be your personal network connection address, it would be a server address of your e-mail service provider. Those mail servers handle messages from many people and when any of those sends spam, there is a chance that it will lead to the server being added to many blocking lists (including SC), some or several that the receiving network may elect to use.

There are two pieces of good news. Firstly, most e-mail service providers will have more than one mail server in use (most have many, either their own or hosted by another company) so the first thing to try is to send the message again - the chances of it going through the same (blocked) server may not be great (and might decrease with time - try several times).

Next, the SCbl, if that is the only blocklist involved, reacts quickly, both to the detection of spam and to delist, once the spam stops. And it usually notifies the abuse handler of the service/network involved, often before listing has occurred, giving the chance to get it sorted out quickly. Other blocklist are not quite as forgiving.

Whatever is happening, your e-mail service provider will/should know about it (especially if SC is involved) and you should contact them for assistance (and an explanation). You are paying for a service which is being compromised.

Finally, I suggest it would be a good idea to get yourself a free e-mail account (gmail, hotmail, yahoo, whatever) for such exigencies in future. Your regular provider may be better than most (or we might have heard from you before this) but nobody can guarantee completely uninterrupted service. Well, not without you paying an arm and a leg for it.

Now and in future

  • try resending
  • contact your provider
  • get yourself a contingency/emergency service

Steve

Thanks for the help. i did try 3 times, the 3rd time to a different person at the company with the same result. I ended up having to write the message down and get my wife to phone them. I also let my ISP (Claranet) and they were looking into it.I can email anyone else with no problems so hopefully it will be put right. Thanks for the help.

Share this post


Link to post
Share on other sites

Thanks for the help. i did try 3 times, the 3rd time to a different person at the company with the same result. I ended up having to write the message down and get my wife to phone them. I also let my ISP (Claranet) and they were looking into it.I can email anyone else with no problems so hopefully it will be put right. Thanks for the help.

If you have a bounce message "we" (TINW) could help if you published it

"We" need to know the IP that is causing your email to be bounced/rejected

It could be Claranet's email server or even your computer. More likely a Claranet customer has been infected and spewing spam through their server

That said it's hard to get on SpmCops Blocklist and is removed within 24 hours if spam stops.

An abuse report is sent to Claranet for every spam reported a number would be made before blocking

If you have a Windows computer pay to go over advice in my Signature

If your security scan does come up with an infection you need to reset your firewall and watch what "programs" try to access the internet. If in doubt don't let it (google it first)

Edited by petzl

Share this post


Link to post
Share on other sites

petzl's advice is particularly relevant since the O/P posted from a static IP address (not so common). If a zombie ever gets into that, any spam activity resulting could rapidly lead to isolation through blocklisting and assignable "blame".

I see no evidence of that so far - http://multirbl.valli.org/dnsbl-lookup/ (not currently listed on any relevant blocklists) and (SpamCop lookup)

Parsing input: 79.123.XX.XX

No recent reports, no history available

- none of which is quite conclusive (not even the SC reports data, IP could have hit SC spamtraps, no reports from them).

The only clear sign that the clara.net/Claranet/claranet.co.uk network in general MIGHT have (had) some problems comes from a heap of Spamhaus PBL listings (not spam but sending without SMTP Authentication being set which can be a precursor), some Spamhaus CBL and dnsbl.njabl.org listings (and just one current SC listing) - spam, but not from the O/P's IP address - and five fairly large-scale servers belonging to TotalChoice Hosting, LLC (which provides mail exchange hosting for some Claranet clients) but those five seem to have been retired, they are in the USA so perhaps less likely to have been used for Claranet in the present-day Britain - and the most recent spam from any of them to SC reporters was 24 August (so not affecting the SCbl when the O/P posted).

Phew, that was fun (not). But, pianoman, keep in mind the opening statement, your specific internet connection is immediately vulnerable if your computer is ever compromised. The good news (there's always some) is that Claranet could, quite effortlessly, home in on the symptoms of it, after the event if it happens and (hopefully) render assistance rather than simply chop off your access (which is the cheaper solution, unfortunately employed by some, in some parts of the world anyway). Your defences need to be good - always.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×