Jump to content
Sign in to follow this  
vookenmeister

1 hour till delist - HOORAY! (was 204.194.72.241)

Recommended Posts

Hi.... I'm sending this post for 2 reasons.

1) Complain about deputies[at]spamcop.net

2) Summarize my post about my trials over the last 2 days of figuring why our business mail server was blacklisted.

good news is we have 1 hour left till we are FREE...

-------------------------

204.194.72.241 listed in bl.spamcop.net (127.0.0.2)

Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 99.0 days. It has been listed for 47 hours.

-------------------------

in an hour, I can stop redirecting our corporate email over slow links and send it back to our main server and out our 100M ethernet internet connection.

Deputies[at]spamcop.net. I sent an email and got a short, less than helpful reply. I sent a reply to their reply and never heard back.

Summary

- we got blacklisted with no warning or reason. I found out due to a bounced email.

- i visited spamcop.net and entered our IP, 204.194.72.241. it said we had received less than 10 complaints from less than 10 users. what does that mean? 1 user complained. 7? Certainly can;t tell. Especially, because the example trail on the site was anonymous.

- so no warnings due to a mole and no evidence on what caused it. Great!

- i sent an email to bl[at]admin.spamcop.net for help

- NO REPLY for hours

- visited this forum (BINGO!!!). Special thanks to those who helped.

- got some excellent advice.

- was told to email deputies[at]spamcop.net for the evidence

- got the evidence and asked for more guidance. <crickets chirping> yes, silence is all I got. no reply back from deputies

Apparently multiple times our mail server received emails to invalid recipients and sent bounce messages back to the from address (probably forged by Mydoom). we deny email to invalid users BEFORE checking for viruses. We do not send virus notifications.

Anyways, one of these forged from addresses, must have been a spamtrap or mole. (which is why we got ZERO notice and there was ZERO evidence) The "mole" reported our server and we got added to the blacklist.

Explained the issue to deputies but was told we would be delisted in 48 hours. Great. Thanks for nothing!!!

Anyways, having an architecture discussion in the morning with our CIO. Apparently, SOLELY because of spamcop (we are not delisted anywhere elseon the Internet), we need to do one of two things:

1) Stop sending bounces for emails delivered to unknown recipients.

2) Find a way to deny the email via smtp rejection codes at our perimeter.

We'd prefer #2. however, I don't think it's technically possible since our outside MX server simply accepts emails, checks it for spam, and then forwards it to our internal mail server (which checks for viruses and unknown recipients).

LASTLY, SPECIAL THANKS TO THIS FORUM. I haven't gotten much real work done, but I learned a lot.

- paul

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×