Zaradlas Posted August 30, 2013 Share Posted August 30, 2013 Hi all, I have been reading all FAQs and searched the forums thoroughly but I could not find an answer for my problem. I have a yahoo.com account and today I sent an email an got it back saying that my email is blacklisted in Spamcop. (I copy the email at the end). I cannot find the IP address to check if it is really blacklisted and understand why, I tried the 3 IPs near the top of the bounced email but they didn't trigger anything. I also tried the IP from my home connection but it didn't trigger either. I've found many information of what do do for administrators, but since my problem is with a web based email I am not sure how to proceed. I am currently running antivirus on my 2 computers to check if there is anything, but I have found nothing so far. I believe I gave all the information I have, but if I should add any more info please let me know. I deleted my email address and the receiver, to avoid spamers tracking it, but if it is needed I can post it too. Thanks to all for your help. ------------------------------ Sorry, we were unable to deliver your message to the following address. <xxx[at]gvcgaesco.es>: Remote host said: 550 Rule imposed as xxx[at]yahoo.com is blacklisted on SpamCop (see www.spamcop.net) [RCPT_TO] --- Below this line is a copy of the message. Received: from [98.139.212.149] by nm10.bullet.mail.bf1.yahoo.com with NNFMP; 30 Aug 2013 09:30:48 -0000 Received: from [98.139.212.198] by tm6.bullet.mail.bf1.yahoo.com with NNFMP; 30 Aug 2013 09:30:48 -0000 Received: from [127.0.0.1] by omp1007.mail.bf1.yahoo.com with NNFMP; 30 Aug 2013 09:30:48 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 411203.56525.bm[at]omp1007.mail.bf1.yahoo.com Received: (qmail 16500 invoked by uid 60001); 30 Aug 2013 09:30:48 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1377855048; bh=0J7UHxPANWr5XUCILAeXOUQUDMi7FtWSk+UJpRkZJMI=; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=Cz0DNHhyQferM5rgbDTxy1CoRfIxwcJKCLPCuc/bbWyuS9dWO/dcEriRLoXMePvQ1GJM2bHXPm2bu7mQ9/FYteSg9XCGwQTriXLBzcvOa4dAK4bG2u4LwK0HUDqUVZQpfMF/5F76M90WH6avbm0bOijj0nM50rIPo0g63Mda5fU= DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Rocket-MIMEInfo:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=EsyO/5svj7dXcW4T6KHDezYXNXjNLfJon68qGOgtgCCWlJc68+u/0ZEVkcm6a8deIHdX0wkqgw3nv+gr7FGnThbRieWV7XhpKl8gu3Mco0Hm2rRLgog74Vi1zG61ZitEwU9c0+QRdRSwVyXDHFBl0yoqdfhmITfVqwQGLrodzpk=; X-YMail-OSG: 3LFaa4wVM1lRxBX7bzqIZrF3LoY4oAphIwcIViHO1CHy.G0 .ZL50BFSSbH_x.qVW7gVoLFJq8SifxeRskI3rA3MogOF4W4S9CTkfFXVbyzP NotCsd40r_9KjZhYIn_6F8ck9vb1in6g.JFMgYiFW0F6oHz11s9m0jFxYcya FusLLaxOKtY6tOkPLqffU3BrbgjiDhuZS3XTMJHRMg_OaV0uC7DQG.AjH4f2 N8vvtB6HsaiA1BVQAqv97B.S7plF2SMryAtCEXWxRmI4.umRnSXwCMPsDUV5 p7toCX68b09Pv2ptH57QNnellXsg4yf4m6X9FAKaMDReiLjLkJwdrQUTcDbo SWwPhrgBqBbdXad4LoE2A2PcaU2r33ju2PzNLSVypM1KUdPBVbH86Jr5R_rl Odwlzjbvbw5fA849WqXzx2eE4oFEKwIRGAMnA1_0LfJPsn6GzvFZBryTJzDm pURohKEKIsxrMHObyQJZAgR2kqB28o6Q7rH91vq6T49_6FgK5Xc0Vl_aTUVe D0Otnn6kRV5nDYX.i95FLzjKVB4gZiw55mk5iHnysUjLfvKPPRtd_.1fHnlZ yNwtx_PPRAFlezzZZ1VX5AOr5tFHsq4yf8D2f6v1eMmUlJ4i2GYvlaGaio_O uzzv8Z6B46BMYXAScIphR63I0uTsDwHtN9k7z.VPJRwL.afWtJS0guCJtUX7 kGG1PTSYOwE.zExSh3nRNAQCKLji2Bkm0QBM7c59SJ7Lhtygf62.v.3ZwLRe r5NpAmsirGpU8A9A2HZ.Fevj4BId3FOgyEh8vMc50yM5dUu1j.T9ANaenprV lsPZmDrQugbnFOi0eKgo8ShvcbpZaXGc0jDGr2LQqmkn8eHJhNs9CB1OYNvQ zQaLqOCDDPj7Je3rXPx_mb26CrwWnYXWv3oaTquRF2nibaiR0mfPIHB0YoDe 6nvo2N5n2duL8LHy.z4_0Tl7G.icPWY0BPhAy_Yqvlf90gNx0rE7NccINsE0 3SH1i12qM9lIFQWqMucjFuhQJUXToXGO.MuDMiE8W30r7jt2Ms5sQ6DuTEu9 OCRy4EyC22ctRuXN94glDh9HewKLe5MRbCFmJ35Y52Qa_QLxYVaHNv5cU Received: from [88.15.234.76] by web162406.mail.bf1.yahoo.com via HTTP; Fri, 30 Aug 2013 02:30:47 PDT X-Rocket-MIMEInfo: 002.001,CgoKCkVzdMOgIGLDqSwgdGlyZW0taG8gZW5kYXZhbnQuClVuIHBhcmVsbCBkZSBkdWJ0ZXMgcmVmZXJlbnRzIGEgbGEgUkYuIFBhc3NhIGFsZ28gYW1iIFBldWdlb3QgcGVycXXDqCBkb25ndWluIGFxdWVzdHMgdGlwdXM_IENvbSB2ZWlldSBlbCB0ZW1hIGRlIGJvbnMgZGUgbGEgZ2VuZXJhbGl0YXQ_IFRlbmludCBlbiBjb21wdGUgdG90IGVsIHRlbWEgZGUgbGEgaW5kZXBlbmTDqG5jaWEgaSB0YWwgY29tIHBvdCBhZmVjdGFyPwoKTWVyY2kuCgpDb20gZGVpYSBobyB0aXJlbSBlbmRhdmFudC4KCkFicmHDp2EBMAEBAQE- X-Mailer: YahooMailWebService/0.8.156.576 References: <1377689651.63061.YahooMailNeo[at]web162401.mail.bf1.yahoo.com> <294B6AC11C367548A741F3EB472A6C540DE43FAE[at]svrexchange.langaesco.com> <1377854528.55982.YahooMailNeo[at]web162402.mail.bf1.yahoo.com> Message-ID: <1377855047.16453.YahooMailNeo[at]web162406.mail.bf1.yahoo.com> Date: Fri, 30 Aug 2013 02:30:47 -0700 (PDT) From: xxx <xxx[at]yahoo.com> Reply-To: xxx <xxx[at]yahoo.com> Subject: Fw: Cartera mixta To: =?utf-8?B?VmljZW7DpyBGZXJyZXI=?= <xxx[at]gvcgaesco.es> In-Reply-To: <1377854528.55982.YahooMailNeo[at]web162402.mail.bf1.yahoo.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="-747684034-982923511-1377855047=:16453" ---747684034-982923511-1377855047=:16453 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable =0A=0A=0A=0AEst=C3=A0 b=C3=A9, tirem-ho endavant.=0AUn parell de dubtes ref= erents a la RF. Passa algo amb Peugeot perqu=C3=A8 donguin aquests tipus? C= om veieu el tema de bons de la generalitat? Tenint en compte tot el tema de= Link to comment Share on other sites More sharing options...
Farelf Posted August 30, 2013 Share Posted August 30, 2013 Hi Zaradlas, You are correct, there is no current or recent public record of those two Yahoo IP addresses, nor of your own RIMA address, on the SCbl. (127.0.0.1 does not count, that is an internal address only). We are starting to hear of a number of non-delivery messages with the same non-specific reference to SpamCop. Maybe there are some poorly-configured servers that attribute all blocking to the SpamCop list when it is not listed by SC at all, This has certainly happened in the past. In that event, it might be useful to note the receiving domain in this instance as gvcgaesco.es, which you have kindly supplied. You might like to consult multiple blocklist lookups to see any that really list your IP address (but some lists will have no significance). I find http://multirbl.valli.org/dnsbl-lookup/ useful for such purposes. If you have a dynamically-allocated IP address then absolutely anyone could be responsible for the abuse which lead to the listing(s). Link to comment Share on other sites More sharing options...
lisati Posted August 31, 2013 Share Posted August 31, 2013 Something doesn't look right to me about that bounce message. If I have read it correctly, the machine rejecting the email has attributed its blocking an email address to a listing in spamcop. The last time I checked, spamcop lists IP addresses, not email addresses. Link to comment Share on other sites More sharing options...
Farelf Posted August 31, 2013 Share Posted August 31, 2013 Oh wow, you're right, that IS how it reads, therefore totally bogus. More like a MailWasher fake bounce then? Link to comment Share on other sites More sharing options...
Zaradlas Posted August 31, 2013 Author Share Posted August 31, 2013 I tried the website you provided and it effectively reports a few positives. 7 our of 240. I have a few followup questions: - Which one of the different IPs in the bounce email I am supposed to check? I do not understand what each of them means. After trying them in that website they get different results each. - What next steps should I do if I want to be removed from that blacklists? - Is it possible that the email address and not the IP is blocked? Some times I have received spam emails where my email address appears as sender... Is it possible? Does it mean I am infected? Could it be sent from another site and they make it that my address appear as sender? - You say that it seems that it is not really SpamCop, how and why are this guys reporting that Spamcop is responsible for something it is not? Isn't it damaging Spamcop image? - And the final question: What next steps do you recommend me to take to try to solve my address being blacklisted? Should I speak with SpamCop, or who or where should I direct my attention an efforts? Thanks a lot again for your time ans answers. Regards. Link to comment Share on other sites More sharing options...
Farelf Posted September 1, 2013 Share Posted September 1, 2013 There are complexities that are inescapable and I don't necessarily understand it well enough myself - and there is some "informed gueusswork" involved. But, my best attempt to explain: It is not possible to say for certain what is being objected to, the "bounce message" only implicates your yahoo e-mail address and that is not proper. The bounce message does not appear to return/confirm the actual outgoing IP address from yahoo from which the recipient's network (gvcgaesco.es) received the message but that probably does not matter (except to confirm the impression it is not a proper network bounce). It seems most likely it is your individual/specific recipient who has rejected the message, in which case he is probably only accepting mail from known addresses. I think it will be pointless chasing delisting from blocklists - the only IP addresses that would count would be the outgoing addresses of yahoo, over which you have no control. Wait 5 minutes and send your mail again and yahoo will most likely use another outgoing address - and almost certainly it is not any public blocklist which is causing the problem anyway. Those could cause problems sending to other networks or to other individuals - but that is all yahoo's responsibility, your only "control" is to accept their service or to walk away from it. You are one user amongst millions. When blocklists are used, it would usually be the last IP address of the sending network (on entry to the receiving network) that is examined - certainly that is the only one the receiving network can be sure of. That is the topmost yahoo address in your case. That is shown as 98.139.212.149 in the bounce but, as said, that bounce omits at least one further "Received:" line showing the entry into gvcgaesco.es netspace and the yahoo outgoing server address**. The essential "missing" line I would be expecting would be something like: Received: from [98.139.212.169] by mail.gaesco.com with ESMTP; 30 Aug 2013 09:30:48 -0000 where 98.139.212.169 is an outgoing yahoo server and mail.gaesco.com [213.229.156.154] is gaesco.es's mail exchange (and there would be further lines - higher up in the headers - for further hand-offs within gaesco.es which would be of no consequence in this discussion). For what it is worth, "your" IP address is/was 76.Red-88-15-234.dynamicIP.rima-tde.net [88.15.234.76] however that is dynamically-allocated, the next time you use the internet it could be different so you have no control over that either. The only way to get an exclusive IP address is to pay extra for a static allocation. In that case you would probably want to use another domain name (your own) in your e-mail address as well. **If you want to see your IP address and the yahoo outgoing IP address whenever you send through yahoo you could send a "probe" e-mail to ping[at]mxtoolbox.com (see http://www.mxtoolbox.com/blacklists.aspx). Link to comment Share on other sites More sharing options...
Zaradlas Posted September 2, 2013 Author Share Posted September 2, 2013 Ok. Thanks to you all for the time to post answers to my problem. I will keep investigating. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.