Jump to content
Sign in to follow this  
mbergman@vltsg.com

Mail server blocked but isn't relaying!

Recommended Posts

We cannot get removed from this list yet we are only listed on spamcop.net. We have tested through ORDB.org and MAPS and neither of them test us as an open relay. Why is SpamCop blocking our email? Can someone please explain the system used by spamcop and why it has false positives?

Share this post


Link to post
Share on other sites

Hi,

Spamcop isn't just a list of open relays - the SC list includes any IP addresses that have sent spam.

Your server may not be an open relay, but one of your users may have sent spam regardless.

Without the IP address that is listed, it's impossible to tell what's happening, sorry.

Share this post


Link to post
Share on other sites

64.44.41.210 - The only possibility I can think of is our spam filter (GFI Mail Essentials) bounced back a spam that supposedly came from a "spam trap" email address. Can you give me an example of the spam received by SpamCop?

Share this post


Link to post
Share on other sites
vltsg.com,Jan 30 2004, 12:46 PM] We cannot get removed from this list yet we are only listed on spamcop.net. We have tested through ORDB.org and MAPS and neither of them test us as an open relay. Why is SpamCop blocking our email? Can someone please explain the system used by spamcop and why it has false positives?

Spamcop is not a list of Open Relays. Spamcop is a list of server IP's that have had repeated spam reports. These are not false positives.

Did you follow the lik in the reject message?

It seems this server has been sending a lot of mail to spamtraps. Those are unpublished email addresses that have never been used or have never asked for anything. Do you know how this could happen?

Share this post


Link to post
Share on other sites

I don't have a link to see an example of any of the emails. I had a client call and let me know that we are listed on SpamCop.net. Is there a way to get to the details of the spams through the website without having the exact email?

Share this post


Link to post
Share on other sites

That data used to be posted but the spammers abused it to get off the list and to get their spam through so most of the evidence cannot be posted.

Spamtrap addresses will never get posted.

You can contact a deputy at deputies at Spamcop dot net for assistance if you are the admin of this machine.

Share this post


Link to post
Share on other sites

According to http://www.spamcop.net/w3m?action=checkblock&ip=64.44.41.210 :

Query bl.spamcop.net - 64.44.41.210

64.44.41.210 is 64-44-41-210.user.uswo.net

64.44.41.210 listed in bl.spamcop.net (127.0.0.2)

Since SpamCop started counting, this system has been reported about 20 times by less than 10 users. It has been sending mail consistently for at least 2.8 days. It has been listed for 46 hours.

In the past week, this system has:

Been detected sending mail to spam traps

Been witnessed sending mail about 130 times

According to drbcheck at http://moensted.dk/spam/?addr=64.44.41.210 :

64.44.41.210 was found in 5 lists (of 259 tested)

Been detected sending mail to spam traps is a kiss of death for any IP Address. ISPs whose IP Addresses have Been detected sending mail to spam traps need to review FAQ Entry "How can I be de-listed" at http://www.spamcop.net/fom-serve/cache/298.html ASAP.

Also, please see the "Pinned: FAQ Entry: Why is my email blocked?" Topic at

http://forum.spamcop.net/forums/index.php?showtopic=35 for more information.

Share this post


Link to post
Share on other sites

Jeff,

I appreciate the response, but this does not help me. I have not gotten any blocked emails myself, I had a client who called to let me know that we were listed on the spamcop.net BL. I have tested for an open relay, which has tested to be secure, so it means that someone has emailed one of the "forbidden" emails. I have no examples of this, I have no header information. How do you fix the problem (I'm taking spamcop's word that we have a spammer on our server, which is just a corporate server, btw) without the proper information to help you resolve the situation?

Share this post


Link to post
Share on other sites

Please email bl at admin.spamcop.net per the webpage I directed you to, or have the administrator of that server do it. Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×