Jump to content
dennis562

Message blocked but IP is not on blacklist

Recommended Posts

I'm seeing this error for all recipients on a particular domain:

"spamcop.mimecast.org Blocked - see https://www.spamcop.net/bl.shtml?198.61.254.91. - https://community.mimecast.com/docs/DOC-1369#550 [bEjCcA39P3SxsOV3CZ9qSw.us331]"

However, as you can see here, that IP is not on the blacklist: https://www.spamcop.net/w3m?action=blcheck&ip=198.61.254.91.

Here's a link to the message and headers: https://www.mail-tester.com/test-iyn5n@mail-tester.com

Share this post


Link to post
Share on other sites
Posted (edited)
19 hours ago, dennis562 said:

I'm seeing this error for all recipients on a particular domain:

"spamcop.mimecast.org Blocked - see https://www.spamcop.net/bl.shtml?198.61.254.91. - https://community.mimecast.com/docs/DOC-1369#550 [bEjCcA39P3SxsOV3CZ9qSw.us331]"

However, as you can see here, that IP is not on the blacklist: https://www.spamcop.net/w3m?action=blcheck&ip=198.61.254.91.

Here's a link to the message and headers: https://www.mail-tester.com/test-iyn5n@mail-tester.com

Never been on the SpamCop blacklist. who is stating it is?
Sometimes a "clever Trevor" have a blocklist working in reverse?
Or it could be a fake bounce from someone you are mailing too?

Edited by petzl

Share this post


Link to post
Share on other sites

Thank you for your quick reply!

Quote

who is stating it is?

The email admin at the company is saying that no one at their company is receiving our email newsletter — I confirmed it in our error logs (see attached). 

Quote

Sometimes a "clever Trevor" have a blocklist working in reverse?
Or it could be a fake bounce from someone you are mailing too?

I'm not sure what you mean by this. 

Screen-Shot-2019-03-06-at-4.20.17-PM.jpg

Share this post


Link to post
Share on other sites
Posted (edited)
19 minutes ago, dennis562 said:

I'm not sure what you mean by this. 

Fake bounce  can be set up on most email clients even Gmail  can do it
You need a copy  of headers to find out who is bouncing and contact their abuse desk
The IP you stated has never been listed by SpamCop in the last 90 days.

A badly set-up email server can be set-up to bounce emails NOT listed on SpamCop.
As SpamCop only lists for 24 hours after last spam, some set-up "unable to deliver" in the hope the spam stops when it retries.

Advice is always free till you act on it. I'm a member not admin

Edited by petzl

Share this post


Link to post
Share on other sites
On 3/6/2019 at 4:58 PM, dennis562 said:

spamcop.mimecast.org Blocked - see https://www.spamcop.net/bl.shtml?198.61.254.91. - https://community.mimecast.com/docs/DOC-1369#550 [bEjCcA39P3SxsOV3CZ9qSw.us331]"

Looks like mimecast may have setup their own blacklist.

On 3/6/2019 at 5:11 PM, petzl said:

Or it could be a fake bounce from someone you are mailing too?

dennis562, When I first looked at adding a blacklist to my MTA about twenty years ago, I had to key in the deny message into mailer configuration file.  As you can see from this link (https://www.spamcop.net/fom-serve/cache/294.html), anyone can put anything they want into that message.  This is what petzl means about a fake bounce.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×