Jump to content
Sign in to follow this  
Jeff S

Yahoo! Mailservers Blocklisted

Recommended Posts

Okay...I'm having the same problem as Dee, except that I was finally able to reactivate (un-bounce) my email addresses from YahooGroups. I have been able to post (and I suspect Dee could too) but not receive emails. I contacted my ISP and they said they don't use SpamCop. My domain host also said they don't use SpamCop but they did send me this:

It is the yahoo mail server (IP address ) that is blocked by SpamCop.net. If you searched at the SpamCop blocking list at http://www.spamcop.net/w3m?action=checkblock&ip, you will see that the IP address is listed in bl.spamcop.net (127.0.0.2)

You will need to have yahoo.com to contact SpamCop.net to be delisted. See http://www.spamcop.net/fom-serve/cache/298.html

and

The bounced emails are a result of the Yahoo server being blocked,

specifically their IP address. All of your email accounts use the same

IP address, the IP address you have with us is not blocked on any of the

servers, the only way to stop the emails from being bounced is if Yahoo

contacts spamcop to the have the IP address removed from the database.

What do I do now, other than wait 48hrs (about 700 emails worth)?

Share this post


Link to post
Share on other sites

In this case, as you say your ISP doesn't use the SCBL, your host doesn't use the SCBL (why do you suggest two folks contacted?) ... then one has to ask about just where your e-mail (from Yahoo) was sent, such that someone was using the SCBL ...??? Again, if you are not using a SpamCop Filtered E-mail account, there is no contact between the SCBL and your e-mail, short of someone in the flow of your e-mail using the SCBL for blocking purposes. Noting that even after my last post showing the 'evidence' page, you intentionally (it appears) left the IP address in question out of your post???

Share this post


Link to post
Share on other sites

It wasn't that I intentionlly left it out, I don't know what IP address is being blocked. Some of my emails are getting through from Yahoogroups but, according to my domain host (myhosting.com), all my email addresses use the same IP address.

I don't know where to turn to fix this.

By the way....I use CenturyTel as my ISP and MyHosting. com as my domain host. That's "why do you suggest two folks contacted?"

Share this post


Link to post
Share on other sites
can't Spamcop just ignore Yahoogroups as spam since most reports are erroneous?

Mountainman: I have never had a valid email come from YahooGroups (because I don't subscribe to any) but I have had spam come from them. This was a while ago before they supposedly tightened up their systems to not allow signing up of accounts so I know it can happen. While DavidT's investigation leads him to believe these were erroneous, I would not agree without specifics from the reporter (because I have been on that end).

Share this post


Link to post
Share on other sites
Well SmapCop users do have the power.

The white list is very flexable. You can whitelist the entire .com world by adding ".com" to the list

Sure, you *could* whitelist anything from "aol.com" in order to be sure to receive messages that people send using the AOL webmail servers, but that's not what I call a "powerful" tool...that's a blunt tool.

For SpamCop Email users, the following headers are checked against their personal whitelist:

* Envelope Sender aka Return Path

* From:

* Sender:

But the details that would need to be whitelisted in order to accept AOL webmail are not found in those fields...they are in the Received. So I disagree with you...we need better whitelisting, as I said. But this is off topic...it's a thread for the Email forum, or even perhaps for the "New Feature Request" forum.

My reason for mentioning the details about whitelisting were specifically related to the concept that the ISP's of these people who are having problems receiving Yahoo Groups messages should be offering better whitelisting.

DT

Share this post


Link to post
Share on other sites
I contacted my ISP and they said they don't use SpamCop.  My domain host also said they don't use SpamCop

Someone is giving you an incorrect answer...it's that simple. If you're having Yahoo Groups send directly to a conventional email account, then the ISP responsible for that account is indeed using the SpamCop BL for blocking. If, however, the address that you're asking Yahoo Groups to send to is going through some sort of forwarding at your web host, then they might be the ones doing the blocking. One of those two entities is indeed using SpamCop as a tool to block email, and if they don't know that they are, then run, don't walk away from them and find a new provider.

DT

Share this post


Link to post
Share on other sites
It wasn't that I intentionlly left it out, I don't know what IP address is being blocked.  Some of my emails are getting through from Yahoogroups but, according to my domain host (myhosting.com), all my email addresses use the same IP address.

I don't know where to turn to fix this.

By the way....I use CenturyTel as my ISP and MyHosting. com as my domain host. That's "why do you suggest two folks contacted?"

22230[/snapback]

You are correct .. too much data perhaps causing some confusion, wrong questions/answer muddying things up ... and as you point out, not "all" of Yahoo Group e-mail is blocked, just that caught up in and coming from the listed e-mail servers ...

One thing at a time;

Your incoming e-mail is a problem where .. your ISP or your Domain host?

Your myhosting.com techy may be talking about your outgoing e-mail from there ... "we" all know that your incoming Yahoo e-mail may have many different sourcing IP addresses .. again, note Mike Easter's list of "closely associated IPs" ... and believe me, Yahoo has many more e-mail servers that just those in that IP block <g>

OK, re-reading your previous, you 'quoted' what some techy provided you, which wasn't (apparently) the actual bounce message datum .. he/she simply pointed you to the look-up page ... the IP needed to look anything up should be contained within the bounce message (that I believe you said you've seen) from whoever blocked it ... still sitting in your Yahoo e-mail folders?

As far as "you fixing this" .. not really an option .. you complain to the choir about the terrible job Yahoo does in controlling output from these Froups, holler at the Group leader involved to set up some restrictions if that Group is being abused, things like that .. in the short-term, access to the Group via web-page is one option, re-direscting the e-mail elsewhere is another ....

Share this post


Link to post
Share on other sites
This was a while ago before they supposedly tightened up their systems to not allow signing up of accounts so I know it can happen.

But we shouldn't be talking about ancient history. If they've tightened things up, that only supports my contention that most of the reports submitted by SC users against Yahoo Groups messages are in error.

DT

Share this post


Link to post
Share on other sites

What I'm seeing presently from http://www.spamcop.net/w3m?action=checkblock&ip=66.94.237.44 follows:

66.94.237.44 listed in bl.spamcop.net (127.0.0.2)

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 21 hours.

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam less than 10 times in the past week

Automatic delisting

If you are the administrator of n10a.bulk.scd.yahoo.com and you are sure it will not be receiving any more reports of spam, you may cause the system to be delisted without waiting for us to review the issue.

...

Listing History

In the past 37.4 days, it has been listed 3 times for a total of 25 hours

Other hosts in this "neighborhood" with spam reports

66.94.237.16 66.94.237.20 66.94.237.24 66.94.237.28 66.94.237.32 66.94.237.35 66.94.237.36 66.94.237.37 66.94.237.38 66.94.237.39 66.94.237.40 66.94.237.41 66.94.237.42 66.94.237.43 66.94.237.45 66.94.237.46 66.94.237.47 66.94.237.48 66.94.237.49 66.94.237.50 66.94.237.51

Share this post


Link to post
Share on other sites
... still sitting in your Yahoo e-mail folders?

I don't think that any of the people reporting blocking in this thread actually are using "Yahoo e-mail folders." I'm pretty sure that they are subscribed to various Groups at Yahoo using non-Yahoo email addresses. The error messages available on the Y!Groups site aren't in "e-mail folders" -- they are in the user's "Email preferences" screen. For example, in mine, there's mention of a single "soft bounce" from last June. The date and the group message number are identified, and then at the bottom of the screen is found a section titled "Last Bounced Message" which contains only this information (info in curly braces has been munged):

Remote host said: 451 4.1.8 Domain of sender address sentto-{some numbers...removed}-{myuserid}={mydomain}.com[at]returns.groups.yahoo.com

does not resolve

DT

Share this post


Link to post
Share on other sites

DT is correct. Of course, the difference being that I was seeing Hard Bounces and had to reactivate. Yahoogroups does not provide the message blocked so we can't see the IP address.

For some reason, my reactivation requests finally got through and I am finally getting emails, though I didn't do anything that would have corrected it.

All of my emails are sent to MyHosting.com as my domain host, then I retrieve them by using my DSL ISP (CenturyTel). I spoke to CenturyTel techs and they did tell me the name of their spamblocker but it wasn't SpamCop. They also said their spamblocker only works for those using the myname[at]centurytel.com. So, that takes me back to my domain host. I will email them again to verify but so far, they deny using SpamCop. Does anyone know of anyway to find out if they do, if they won't admit to it??

Thanks for all your help.

Larry

Share this post


Link to post
Share on other sites

Larry, in what Domain is the email address Yahoo! Groups is sending to, or at least what is/are the IP Address(es) of that Domain's incoming mailserver(s) (MX Record(s))?

Edited by Jeff G.

Share this post


Link to post
Share on other sites

The IP for my domain (miclakennels.org) is 168.144.147.254.

The primary server IP is 168.144.1.33 and

The secondary server is 168.144.68.1

Is that what you are asking for??

Share this post


Link to post
Share on other sites

miclakennels.org

ns3.softcomca.com reports the following MX records:

Preference Host Name IP Address TTL

1 smtpin.miclakennels.org 168.144.1.78

01/01/05 20:36:53 Slow traceroute 168.144.1.78

Trace 168.144.1.78 ...

152.63.129.101 RTT: 57ms TTL:176 (POS1-0.XR2.TOR3.ALTER.NET ok)

152.63.130.5 RTT: 58ms TTL:176 (191.ATM6-0.GW2.TOR3.ALTER.NET ok)

157.130.159.34 RTT: 57ms TTL:176 (softtech3-gw.customer.alter.net bogus rDNS: host not found [authoritative])

168.144.1.78 RTT: 57ms TTL:176 (smtpin3.myhosting.com ok)

Based on your flow description of your e-mail, myhosting.com is using the SpamCopBL ... let's go with the scenario that you may have been talking to the infamous Tier 1 support folks, more familiar with the "how do I turn this thing on" questions, whereas the network set-up and configuration of network tools is in the back-room, usually the Level 3 or 4 folks .... You may have gotten a different answer had this been a week-day during business hours <g>

Share this post


Link to post
Share on other sites

Here's some specific information about spam filtering by myhosting.com*:

http://myhosting.com/AntiSpam/

From what I read there, it would seem that the answer given by their Tech Support might have been correct. For fully-hosted accounts (not for parked domains), they use some unspecified filtering technology (it sounds like they use SpamAssassin...and no mention is made of DNS BL's) to *tag* (not to block, in other words) suspicious messages and either deliver then to a "spam sub-mailbox" if the domain owner configures it that way, or to allow the tagged messages on to the users who are instructed in how to use their email client to filter based on the tags.

This calls into question the details given earlier as to where the Yahoo Group messages are actually being sent. If the destination address is a non-forwarded mailbox at the domain "miclakennels.org," then you would *not* be experiencing the type of "hard bounces" being reported by Yahoo. Something doesn't add up. Perhaps the address that Yahoo is trying to send to is actually forwarded to a mailbox hosted by your actual connectivity ISP?

*and someone should tell them that they can get sued by Hormel for using "spam" in all uppercase letters!

DT

Edited by DavidT

Share this post


Link to post
Share on other sites

smtpin.miclakennels.org (smtpin3.myhosting.com [168.144.1.78]) certainly blocks some email (like from my current IP Address) with "550 5.7.0 Your server IP address is in the SORBS DNSBL database, bye". My current IP Address is listed by dnsbl.sorbs.net with result code 127.0.0.10 because it's dynamic. If they didn't tell you that they would be blocking email from dynamic IP Addresses, then I'd advise finding another provider that's truthful.

Share this post


Link to post
Share on other sites

I'm checking with them on this. How did you determine they were using SpamCopBL ?? Just curious.

Thanks again for your help.

Larry

Share this post


Link to post
Share on other sites
But we shouldn't be talking about ancient history. If they've tightened things up, that only supports my contention that most of the reports submitted by SC users against Yahoo Groups messages are in error.

22237[/snapback]

The last I saw about the tighening up was that Yahoo changed the amount of unsolicited e-mails that a group owner could send to 50 for each group instead of 100.

Since there does not seem to be a limit of how many groups a spammer can create, there is not an effective limit on how much spam that can come out of Yahoo groups with the tightened up system. All the spammer has to do is create twice as many groups as before.

And last month I got at least one Nigerian 419 scam from a U.S. Yahoo server, and sereral from the U.K and France Yahoo servers.

http://groups-beta.google.com/groups?q=%22...rt=0&scoring=d&news.admin.net-abuse.sightings for 66.94.237.44

It shows 15 posted spam from that server, this is independent of spamcop.net. Since most spam reporters do not appear to post copies in news.admin.net-abuse.sightings, this quantity is significant.

It is clear that Yahoo has been allowing spammers to use that server since Oct, 2004.

If you go over the archives of the spamcop.help newsgroup and the archives of this forum looking for information on Yahoo Groups blocking, it appears that this happens every few months. Spammers have clearly been able to bypass the Yahoo Groups change.

Based on the news.admin.net-abuse.sightings, it does not appear that Yahoo is doing any thing effective to prevent spammers from using their mail servers.

Contact Yahoo! about the listings in news.admin.net-abuse.sightings, and ask then why a spammer was allowed to spam from October to December.

See the pinned toppic in the Lounge:

cost of spam

For many mail server operators, the cost of accepting the spam and then tagging it would tripple the operational costs of using the server. Now why should the receiving mail server operator have to pay more for bandwidth because a remote mail server allows spam to be sent.

-John

Personal Opinion Only

Share this post


Link to post
Share on other sites

How about posting the headers from one of the Yahoo group messages that did go through. It might reveal what is happening.

Share this post


Link to post
Share on other sites
And last month I got at least one Nigerian 419 scam from a U.S. Yahoo server, and sereral from the U.K and France Yahoo servers.

But let's be sure to differentiate "Yahoo servers" from "Yahoo Groups servers," which are indeed different, AFAIK. I think a lot of people confuse the two different systems.

Did you take a close look at some of the messages that got reported? Again, I suspect that people are reporting the spam as if it originated from Yahoo...and it doesn't. In fact, I'm sure that many of those reports also involve people who have subscribed to groups and are reporting normal group messages as if they were spam.

Based on the news.admin.net-abuse.sightings, it does not appear that Yahoo is doing any thing effective to prevent spammers from using their mail servers.

Again..."yahoo mail servers" do not equal "yahoo groups mail servers" (at least I'm pretty sure of that...) Let's be careful to differentiate, and then, once we find *reported* spam that actually come from the Groups, then take a much closer look at what's getting reported. Sure, if a group is unmoderated and allows people to join immediately, then a spammer can potentially jump in and dump something. However, when I've gone through some of the Subject lines of stuff in SpamCop's database of reports, a lot of the messages look like normal Groups stuff.

I belong to at least a dozen Yahoo Groups, and moitor them regularly, and although I've seen an occasional worm-related message (which forged the address of a member or moderator with posting priviledges), I've rarely, if ever seen any spam in those groups.

DT

Edited by DavidT

Share this post


Link to post
Share on other sites
smtpin.miclakennels.org (smtpin3.myhosting.com [168.144.1.78]) certainly blocks some email (like from my current IP Address) with "550 5.7.0 Your server IP address is in the SORBS DNSBL database, bye". 

Excellent detective work, Jeff...this does indeed seem to contradict both their published spam tagging methodology and also what they're telling their customers. If they're flat out blocking based on IP's using SORBS, then they might very well be doing so using the SpamCop BL also.

DT

Share this post


Link to post
Share on other sites

Finally got a reply from my domain host (MyHosting.com) and they stated:

Greetings,

Below is a list of spam servers used,

Sorbs,

Spamhaus

Ordb

Dsbl

Spamcop

And yes spamcop is one of the servers.

I have now asked them to tell me how we stop SpamCop from blocking YahooGroups emails.

LA

Share this post


Link to post
Share on other sites
Finally got a reply from my domain host (MyHosting.com) and they stated:

And yes spamcop is one of the servers.

Dont you just hare it when that happens? <g>

I have now asked them to tell me how we stop SpamCop from blocking YahooGroups emails.

I'm not sure we're all together on what you said here. From the top again, SpamCop blocks nothing, even to SpamCop Filtered E-mail account users. The SCBL can be used in a number of ways, and it turns out that the easiest is using it in a flat-out blocking mode. One of the alternatives is to let you, the user, develop your own whitelist, such that others will have the benefit of the blocking of spam spew, but you can continue to receive your stuff .. noting that this isn't always posible, based on software in use. Another of course is to somehow convince the Yahoo folks to get a but more (pro)active on controlling things at their end.

Share this post


Link to post
Share on other sites
But we shouldn't be talking about ancient history. If they've tightened things up, that only supports my contention that most of the reports submitted by SC users against Yahoo Groups messages are in error.

DT

David, It is very hard to prove that you can not do something.

I am not convinced that it is still not possible to sign up outsiders even though it has not happened to me recently. You know...burn me once, shame on you....

Pehaps it should be made more widely known that Yahoo Groups users are not supposed to report spam that came through the group but should instead report it to the moderator of the group, who can do something about it. Perhaps if Yahoo would respond to the complaints, some of the people reporting incorrectly would be punished and the word would be spread. WIthout consequences, things will not change.

I do not believe in whitelists are the answer. We already have people coming in here saying, "why block me, surely you don't block X" and right now, we can say, "if they meet the same criteria, they are blocked also". Once whitelists are available, all we will hear is "I demand to be on the whitelist", "It is an unfair business advantage to them to never be blocked", etc.

If Yahoo were concerned about the listing, it could do something about it, same as any other entity. It could probably do a better job of staying off the blocklists than smaller places simply because of the resources it could throw at the situation. I don't feel badly for Yahoo.

People can take their groups elsewhere, as well. Perhaps that is what we should be suggesting.

Share this post


Link to post
Share on other sites
And yes spamcop is one of the servers.

On their own "AntiSpam" page, your host states that "our system now tags suspected spam emails that are sent to your domain" and they don't mention using an blocklists whatsoever, especially to reject, as opposed to tagging messages. You need to move your domain to a new host, pronto...there are plenty of good ones out there that aren't this incompetent.

I have now asked them to tell me how we stop SpamCop from blocking YahooGroups emails.

That's not the proper request, because as explained several times in this topic (and in the FAQ on this site), SpamCop doesn't block email for non-SpamCop customers. If you can't get your web host to stop using SpamCop to outright block incoming messages, as opposed to tagging them, then you should move to a different host.

DT

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×