Postino Posted May 22, 2004 Share Posted May 22, 2004 Hello all, this is what I received today in reply to an email I sent: The original message was received at Fri, 21 May 2004 22:28:05 -0400 (EDT) from 24.236.217.229.gha.mi.chartermi.net [24.236.217.229] ----- The following addresses had permanent fatal errors ----- <marek AT net-port.com> (reason: 591 your host [12.158.34.88] is blacklisted by bl.spamcop.net. No mail will be accepted) ----- Transcript of session follows ----- ... while talking to net-port.com.net-port.mail1.psmtp.com.: >>>>>> RCPT To:<marek AT net-port.com> <<< 591 your host [12.158.34.88] is blacklisted by bl.spamcop.net. No mail will be accepted 554 5.0.0 Service unavailable Reporting-MTA: dns; proxy1-baycity.chartermi.net Arrival-Date: Fri, 21 May 2004 22:28:05 -0400 (EDT) Final-Recipient: RFC822; marek AT net-port.com Action: failed Status: 5.0.0 Remote-MTA: DNS; net-port.com.net-port.mail1.psmtp.com Diagnostic-Code: SMTP; 591 your host [12.158.34.88] is blacklisted by bl.spamcop.net. No mail will be accepted Last-Attempt-Date: Fri, 21 May 2004 22:29:04 -0400 (EDT) Subject: Re: eBay item 4131566784 (Ends May-22-04 081357 PDT) - DELL DIMENSION 2350 PENTIUMFrom: Postino <postino AT chartermi DOT net>Date: Fri, 21 May 2004 22:28:00 -0400To: cyndy marek <marek AT net-port.com> My question is... It detects my IP address correctly as 24.236.217.229, but then it says my host of 12.158.34.88 is blacklisted. When I rDNS that IP it comes back as 'POSTINI CORPORATION', which has nothing to do with me... except it sounds like my email address of postino AT chartermi.net. Is it possible that spamcop got something wrong here? Thanks in advance. Link to comment Share on other sites More sharing options...
turetzsr Posted May 22, 2004 Share Posted May 22, 2004 Hi, Postino, ...First: to avoid scumware harvesting your e-mail address, you may wish to "Edit" your post to disguise your e-mail address. Something like postino<at sign>chartermi.net should do the job. ...Second: when I perform a "tracert" on your IP address (24.236...), it shows that one of the servers it goes through to get from me to you is 12.124.15.106. According to ARIN, that IP address belongs to AT&T WorldNet Services. Also according to ARIN, IP address 12.158.34.88 belongs to POSTINI CORPORATION, as you found, but it also indicates that its parent (IP address range 12.0.0.0 - 12.255.255.255) belongs to AT&T WorldNet Services. Therefore, I conclude that your e-mail IS going through a POSTINI server and that SpamCop has got it right. ...The following posts may help you: SpamCop - Help for spam report recipients Pinned: FAQ Entry: Why is my email blocked? Who appointed you the "cop" of the internet? Where do you get off? How can I be de-listed Pinned: Why Am I Blocked FAQ Pinned: Cost of spam ...If after reading these you still have questions, please do return here to post follow-ups. ...Good luck! Link to comment Share on other sites More sharing options...
StevenUnderwood Posted May 22, 2004 Share Posted May 22, 2004 Postini is another spam filtering service that simply forwards mesages onto the configured server. We use them at work for our domain. I know they just started offering outgoing service as well, which may be their problem. I am going to call tech support on Monday to inquire why their IP's are on the spamcop list. Looking up the MX of your outgoing address (net-port.com), they are using postini services but also appear (because of the rejection) to be using the spamcop bl. Because the postini IP was on the bl (they are not any longer), your message was rejected. Sending again should work. > set type=mx > net-port.com Server: ns1.ma.charter.com Address: 66.189.0.29 net-port.com MX preference = 200, mail exchanger = net-port.com.net-port.mail2.psmtp.com net-port.com MX preference = 100, mail exchanger = net-port.com.net-port.mail1.psmtp.com net-port.com nameserver = ns1.net-port.com net-port.com nameserver = ns2.net-port.com ns1.net-port.com internet address = 68.21.148.2 ns2.net-port.com internet address = 68.21.148.4 > 12.158.34.88 not listed in bl.spamcop.net Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 33.5 days. In the past 2.0 days, it has been listed once for a total of 39 hours In the past week, this system has: Been detected sending mail to spam traps Been witnessed sending mail about 60 times Link to comment Share on other sites More sharing options...
Ellen Posted May 22, 2004 Share Posted May 22, 2004 Postini is another spam filtering service that simply forwards mesages onto the configured server. We use them at work for our domain. I know they just started offering outgoing service as well, which may be their problem. I am going to call tech support on Monday to inquire why their IP's are on the spamcop list. Looking up the MX of your outgoing address (net-port.com), they are using postini services but also appear (because of the rejection) to be using the spamcop bl. Because the postini IP was on the bl (they are not any longer), your message was rejected. Sending again should work. > set type=mx > net-port.com Server: ns1.ma.charter.com Address: 66.189.0.29 net-port.com MX preference = 200, mail exchanger = net-port.com.net-port.mail2.psmtp.com net-port.com MX preference = 100, mail exchanger = net-port.com.net-port.mail1.psmtp.com net-port.com nameserver = ns1.net-port.com net-port.com nameserver = ns2.net-port.com ns1.net-port.com internet address = 68.21.148.2 ns2.net-port.com internet address = 68.21.148.4 > 12.158.34.88 not listed in bl.spamcop.net Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 33.5 days. In the past 2.0 days, it has been listed once for a total of 39 hours In the past week, this system has: Been detected sending mail to spam traps Been witnessed sending mail about 60 times I can tell you why -- send AV autoresponder messages to forged "from" addreses and hitting the spamtraps. You can tell them to turn off the AV autoresponder bounce messages which most/many companies are turning off since the entire net result of a company doing this is to mailbomb innocent email addresses. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted May 22, 2004 Share Posted May 22, 2004 I can tell you why -- send AV autoresponder messages to forged "from" addreses and hitting the spamtraps. You can tell them to turn off the AV autoresponder bounce messages which most/many companies are turning off since the entire net result of a company doing this is to mailbomb innocent email addresses. I will most definitely do that. I have been told in the past that they do not send AV messages. I will double check on that. I hope to have them contat you at the deputies address if there are ant questions. Link to comment Share on other sites More sharing options...
Postino Posted May 23, 2004 Author Share Posted May 23, 2004 Hello All First of thank you for all your input. I had sent an email to report this problem to SpamCop and got a reply which basically says this: "In this case, the person you are sending to receives their mail service from Postini, and their server was listed on the SpamCop Blocking List. In other words, they were no doubt rejecting all their incoming mail. The listing was due to the Postini server sending virus notifications to the forged return addresses, which happened to be traps on our system. I've delisted 12.158.34.88." From what I understood, my IP or Charter's mail server was not blacklisted but Postini Corp's own mail server was blacklisted, and it was just a coincidence that my email address started with postino... Thanks again Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.