jenny Posted August 20, 2004 Share Posted August 20, 2004 When we sent e-mails , the following error report generates: Your message cannot be delivered to the following recipients: Recipient address: paulenright[at]entel-llc.com Reason: Remote SMTP server has rejected address Diagnostic code: smtp;553 61.144.161.* mail rejected due to excessive spam (Listed by Spamcop 61.144.161.171) Remote system: dns;smtp.secureserver.net (TCP|172.17.1.61|48925|64.202.166.12|25) (rblsmtpd.local) It seems Spamcop stopped the email to the Recipient. And we found that our IP is not in Spamcop's black list. Please help me to lookup the reason. Thanks! Link to comment Share on other sites More sharing options...
Wazoo Posted August 20, 2004 Share Posted August 20, 2004 Agree that the SpamCopDNSbl currently shows this IP as not being listed. However, there are some interesting numbers at the next level ... http://www.senderbase.org/?searchBy=ipaddr...=61.144.161.171 Reasons for not showing any details (or current listing on the SpamCopDNSbl range from it no longer being real-time, it may have aged off since the block occurred, there was a recent story of mirrors not being in sync) ... However, looking a bit closer at the bottom line of your bit of data, "(rblsmtpd.local)" it might also be that this ISP is using their own BL, and for some strange reason, the "error message" is wrongly citing SpamCop as the cause. Having to admit that I'm not at all sure what / why there are two other numbers in that line that certainly look like IP addresses .... perhaps there is more to the story, maybe even needing to see the headers of the sent/bounced e-mail to see if/where these other addresses show up. The most important point here is that SpamCop doesn't block any e-mail. Link to comment Share on other sites More sharing options...
jenny Posted August 20, 2004 Author Share Posted August 20, 2004 The bounced e-mail we got is as follow: This report relates to a message you sent with the following header fields: Your message cannot be delivered to the following recipients: Recipient address: paulenright[at]entel-llc.com Reason: Remote SMTP server has rejected address Diagnostic code: smtp;553 61.144.161.* mail rejected due to excessive spam (Listed by Spamcop 61.144.161.171) Remote system: dns;smtp.secureserver.net (TCP|172.17.1.61|48925|64.202.166.12|25) (rblsmtpd.local) Could you help us to analyse? Thanks! Link to comment Share on other sites More sharing options...
Wazoo Posted August 20, 2004 Share Posted August 20, 2004 There is definitely something wrong / missing here ... all the IP's in the header fall under the description of; 172.16.0.0/12 - RFC 1918 private network Where are the headers that show that some kind of e-mail server to the rest of the Internet was used? I'm thinking that you've offered up the bounce, but not the actual outgoing e-mail ...???? Link to comment Share on other sites More sharing options...
Merlyn Posted August 20, 2004 Share Posted August 20, 2004 61.144.161.171 = Chinanet Nuff said Link to comment Share on other sites More sharing options...
Wazoo Posted August 20, 2004 Share Posted August 20, 2004 I wasn't going to go there ...well, was trying not to go there. <g> .. though that's the thinking of the "local block" possibly in use. I was just surprised at the zero traffic showing at senderbase, not found on SPEWS, etc. And thinking that there just might be some good come out of this .... Link to comment Share on other sites More sharing options...
jenny Posted August 20, 2004 Author Share Posted August 20, 2004 Yeah, the IPs in the header are adresses in our local network. And the IP after the firewall mapping is avilable . The e-mail I paste here is the bounce mail, we don't get the outgoing mail. But when I send a test e-mail to the postmaster[at]entel-llc.com , I got the similar bounce e-mail. Maybe it's related to the ISP's own secure system as you metioned. Thanks for all! Link to comment Share on other sites More sharing options...
Wazoo Posted August 20, 2004 Share Posted August 20, 2004 If you send another test mail, but also CC: a copy to another account on another ISP (HotMail, Yahoo, etc.) ... that copy should include the path your e-mail took to get out, and then "we" would be able to see if there is something else going on ..?? Just noting that it's pretty much a given fact that spammers read these Forums also, so you might want to mung the actual addresses involved ... though too much munging may make things hard to track <g> Link to comment Share on other sites More sharing options...
flagginator Posted August 20, 2004 Share Posted August 20, 2004 If you send another test mail <snip> spammers read these Forums also, so you might want to mung the actual addresses involved <snip> 15495[/snapback] Not only spammers, but EMAIL HARVESTERS. Those things come through here on autopilot and plow through to find EVERY email address posted. No human intervention is required. Never, ever post a real (un-munged) email address online. Link to comment Share on other sites More sharing options...
dra007 Posted August 20, 2004 Share Posted August 20, 2004 ...and incidentally, I found some threads in this forum in various search engines (try putting this thread in any search engine, it was available in excite.com)...that would make things easier for any abuse metioned above! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.