direcway and spamcop

[swingspacers]

You're just not getting your correct Internet-facing IP Address when you use whatsmyip.com (at least I'm not getting my IP Address).  http://privacy.net or http://www.privacy.net is much nicer - the second line says "xxx.xxx.xxx.xxx is your IP address."

24630[/snapback]

Are you guys talking about whatsmyip.org or whatsmyip.net? Whatsmyip.com just gives me a silly advertisement site.

Bill, since you are using a proxy within Internet Explorer, you will not get your correct IP address from any of these sites. The only way for you to get your IP address is to read it from your router locally.

BTW, the IP address you mentioned yesterday, 64.157.32.1, is definitely spamming again and has been blocklisted again.

[bill j]

Thank guys, sounds like its time I talk with webmail again. BTW I just tried http://www.privacy.net and it returned an IPA of 66.82.9.31 which is surprizing because that is not what I started on this morning and I have been continuously connected all day.

Btw my fremont county Sys Admin mailed to today saying is very new at using Spamcop but is going to try and figure out how to "white list" me.

[swingspacers]

If you want us to provide more help, you really need to post the rejection notice that you received.

[bill j]

That's right. Bill, give us the IP mentioned in the rejection notice. It will often look something like this, where the x's are the blocked IP:

451 Blocked - see http://www.spamcop.net/bl.shtml?xxxx.xxxx.xxxx.xxxx:

I don't get IP information in my rejection notice. I can only get that by calling the Fremontco.com sys admin and sometimes it's days before I get a response. looking at the header info only gives me the incoming path. See below

Rejection message

Your email is considered spam, for more information contact your system administrator

From: (william.johnson[at]sigmatechcos.com)

To: ( "Matt Eliason" <melia[at]fremontco.com>)

Subject: ( RE: SpamCop Blocking)

Header clip

Return-Path: <spam[at]fremontco.com>

Received: from gate2.excedent.us (gate2.excedent.us [10.235.219.135])

by mail2.excedent.us (SMTP Server) with ESMTP id 4A8847B413

for <william.johnson[at]sigmatechcos.com>; Tue, 22 Feb 2005 10:22:45 -0500 (EST)

Received: from frecoserv.fremontco.com (fremontco.com [156.108.220.102])

by gate2.excedent.us (SMTP Server) with ESMTP id 8FF098C589

for <william.johnson[at]sigmatechcos.com>; Tue, 22 Feb 2005 10:22:42 -0500 (EST)

Received: from mail pickup service by frecoserv.fremontco.com with Microsoft SMTPSVC;

Tue, 22 Feb 2005 08:22:40 -0700

thread-index: AcUY8ljWT+1xWbfnRq68/mwmOppggg==

Thread-Topic: Message Rejected

From: <spam[at]fremontco.com>

To: <william.johnson[at]sigmatechcos.com>

Subject: Message Rejected

Date: Tue, 22 Feb 2005 08:22:40 -0700

Message-ID: <58a801c518f2$58d65180$993ca8c0[at]fremontco.com>

MIME-Version: 1.0

Content-Type: text/plain;

charset="iso-8859-1"

Content-Transfer-Encoding: 7bit

X-Mailer: Microsoft CDO for Exchange 2000

Content-Class: urn:content-classes:message

Importance: normal

Priority: normal

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409

X-ORFilter: mail checked by ORFilter 4.1.0.0 - http://martijnjongen.com/orfilter

X-OriginalArrivalTime: 22 Feb 2005 15:22:40.0355 (UTC) FILETIME=[58F54B30:01C518F2]

X-Virus-Scanned: OK

X-spam-Status: No, hits=0.178 tagged_above=-100 required=6 tests=NO_REAL_NAME

X-spam-Level:

running tracert to fremontco.com doesen't go through any email server so that's of no use.

If someone could help the fremontco.com sys admin"Matt Eliason" <melia[at]fremontco.com with a way to "white list" me, it would be appreciated.

[swingspacers]

Ouch!!! That Fremont County has their email service seriously misconfigured.

What you are seeing is not really a rejection notice. If I understand this correctly, Fremont's email server first accepts the incoming message and then scans the Received: lines for spam sources. If it finds a blocklisted machine, it marks the message as spam.

Now here is where things go wrong: Instead of putting the message into a separate "suspected spam" folder, their system sends out this "rejection" message to the "From:" field from the original message. This is a recipe for trouble.

A correctly implemented rejection mechanism will do the reject during the SMTP phase and would provide needed information like the blocked IP address. You would then get a rejection notice from webmail.us (showing up as excedent.us in the sample you provided). This is what we assumed you had when you talked about a "rejection notice."

Conclusion: Matt Eliason urgently needs to go to email handling school.

Given all of this, the question remains open why Fremont's system thinks your messages are spam. This can only be answered if we have the IP address. My best guess is still that either your own PC is infected or that DW assigns you IP addresses recently used by compromised machines when you connect your computer.

[bill j]

Since my last post I have spoken to webmail.us and the fremont Sys Admin. Short version, everything points to DW 64.157.32.1 IPA. Every time I've been blocked it's been on that IPA. Fremont has white listed that IPA just for me which will probably take care of my problem but that doesn't completely satisfy me and opens them up to spam. Matt is considering going to another anti program. My next client may not be so generous.

I will write a very direct email to DW asking that I never be assigned that IP again. I will search the senderbase.org reports for facts about blacklisting and include them in my emil. Any advice on the content of my letter.

They will probably ask me to pony up the $100 per month for the business static IP account and I will consider it since I have $500 invested in the modem. xmitter, and antenna.

There are some cell phone internet programs now available in my area that are giving speeds up to 200K with strong signals. Mountain boy special 3Watt booters ensure the signal strength. Can anyone on this forum recommend any of these systems. Do some have better, cleaner IPs than others?

Thanks again for all the help

[Wazoo]

Currently; 64.157.32.1 not listed in bl.spamcop.net (at SpamCop BL page)

However, SenderBase says;

Real-time blacklists

list.dsbl.org Boycotted - http://dsbl.org/listing?64.157.32.1

dnsbl.sorbs.net Web - http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=64.157.32.1

bl.spamcop.net http://spamcop.net/w3m?action=checkblock&ip=64.157.32.1

cbl.abuseat.org http://cbl.abuseat.org/lookup.cgi?ip=64.157.32.1

Volume seems a bit wierd;

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day........ 4.2 .. -52%

Last 30 days .. 4.2 ..-54%

Average ........ 4.5

If one was to guess, one could go with that thus UP got itself listed due to spam spew, and to solve the complaints, outgoing e-mail has been shifted to another server ...????

Not sure what is being described by the "going to another anti program" remark. That your provided sample suggests that an Exchange 2000 server is involved suggests a lot lot of issues, but ....that may be another whole issue ...????

[swingspacers]

Since my last post I have spoken to webmail.us and the fremont Sys Admin.  Short version, everything points to DW 64.157.32.1 IPA. Every time I've been blocked it's been on that IPA.  Fremont has white listed that IPA just for me which will probably take care of my problem but that doesn't completely satisfy me and opens them up to spam.

It would be better to whitelist based on your email address. spam coming from that IP address is extremely unlikely to use your personal email address.

Matt is considering going to another anti program.  My next client may not be so generous.

Your next client is unlikely to encounter such a problem, because it is mostly due to the very unusual behavior of Matt's email server.

I hope other people will come along who will be able to answer your other questions.

[bill j]

I'm writing this to close loop with the folks that have helped me in getting this problem fixed. I feel I have received a bit of an education. I have read most of the pinned postings and the info on spamcop.net. I have also went to some of the anti-Spamcop blogs and read their postings. It's sometimes hard to tell the good guys from the bad guys but I now have some level of trust that SpamCop is trying to be one of the good guys. I know that SpamCop also has this problem. To use an analogy from the old west, I see SpamCop as well meaning vigilante group that sometimes inadvertently hurts the defenseless and innocent settlers it is trying to protect. I disagree with the poster that said “there are no innocents”. Anyone that is using the internet for honest communication and not mass mailing unsolicited emails, is not part of the enemy, were the reason that organizations like SpamCop exist. We can’t be held accountable for the entire path that our email takes as it bounces around cyberspace; but we can be expected to try to help fix it when things go wrong; and do so without a rant. Ironic that at the same time I was trying to figure out how to get my legitimate emails to a client that wanted to receive them, I was having to sort through a couple of dozen "horny housewives want you....." messages. I now realize that if I am to continue to make my living through telecommuting, I will need to be more savvy to the cyber wars that are going on. My only suggestion to the members here is to be patient with us users that, while quite computer literate in some areas such as databases, programming, and various applications etc. we have no Idea how our email gets routed.

Thanks Again

Bill J

[Miss Betsy]

Anyone that is using the internet for honest communication and not mass mailing unsolicited emails, is not part of the enemy.........we have no Idea how our email gets routed.

To use an offline analogy, does it matter if you are rearended on the highway by someone who is disregarding the speed limit and driving recklessly or are talking on a cell phone (aka the 'enemy') or by someone who knows so little about cars that they have never done maintenance and their brakes fail or are looking for something that dropped (aka the 'innocent')?

AFAIK, anyone who rearends you can be ticketed and their insurance goes up - from the guy who is totally inconsiderate and a scofflaw to the guy who is just ignorant of safe driving rules.

Like you, I have extensive experience in other areas of life, yet still know very little about how my email works or how the sys admins work their magic. I don't know very much about car mechanics either. However, I can tell you broadly how a piston engine works and more specifically, how to get a battery working by banging on it. And now, I can tell you broadly how email works and even a lot about how it is accepted.

And although I am a good driver, I sometimes get stuck in traffic because someone up ahead of me has been driving recklessly. However, I have never had my car stolen because I left the keys in it (a friend who is used to country ways did. It was not only stolen, but those who stole it, drove it to another state and murdered someone). Did he deserve the inconvenience to himself? There are all kinds of ways that we are inconvenienced in daily life even though we are 'innocent' (I have never cashed a bad check, yet cannot use a check without all kinds of restrictions and in some places cannot even buy anything unless I have cash) and many more ways that we can have real problems if we are ignorant of safety rules or what to look for in order to be a prudent consumer.

If you were delivering your service offline, you would not hire the local handyman to deliver your packages because he doesn't have the expertise and competence and experience that an established courier does.

To back to your analogy, sometimes there is collateral damage on a battlefield. However, spam has been around for a long time and those who are affected by the efforts to stop it, are no longer 'innocent' bystanders, but have ignorantly wandered onto the battlefield.

Miss Betsy

and I think that I am being patient even though you may not like what I say, there is no other way to state it - the *sender* of email is responsible for how his email is sent just as drivers are responsible for the maintenance of their cars and being prudent drivers - which doesn't always protect them from accidents.

[bill j]

As starter of this post I am thankful and satisfied with the help I got. I believe it is time for it to end.

If somewould like to continue the debate of good versus evil in cyberspace I suggest we should move it to the Lounge.

[Spambo]

Please help.  This is very important to me. At this time DW is the only ISP I can use.  If all my clients were to install SpamCop it would destroy my business and way of life.

I'm am highly skilled user of computer applications such as Word, Excel, MS Project, Power Point etc but I am not an expert on routing protocal and telecommuications.  I am willing to become one If I have to but prefer a simple soulution if possible.

There are hundreds of free and low cost email providers available. You are not required to use your ISP for the email you send.

Is there any way to fix this problem permanantly.

Unfortunately not much you can really do . . . . . spammers will infest any and every place they can nest for as long as they can get their spewage delivered.

Is there a way my clients can ID on the "white list" by email and not the DW IP address?

Computers "talk" to each other by IP address not names/usernames. Your clients could contact their postmasters and ask them to whitelist your IPA. The postmaster may decide to whitelist your IPA -- it's their choice though.

[bill j]

Hello Spambo

You probably missed some of the info in my earlier posts, (yea I know its a long thread), but I work from a remote area with no phone lines and except for possibly using a cell phone, Direcway is the only ISP I have available to me. Their dynamic IP addressing scheme assigns me an IP when I log on over which the only control I have is to cycle power and try again and hope for a better one. Lack of email connectivity to me means $ lost and/or a 2 hour drive.

I work as a consultant for a several clients and in order to use outlook and my extensive contact list and calendar, which is a big part of what I do, I need a POP type email. My biggest client has me working through webmail.us and several Microsoft exchange and VPNs direct to their sites. I have only had trouble when one client at a local government site installed SpamCop (incorrectly I have been told by this forum).

There is just not enough time in a lifetime to become an expert at everything and the intricacies of email routing is not one of the learning hills I needed to climb. Thanks to this problem, I have changed my mind.

If I misunderstood your suggestions, please clarify

Thanks for your concern.

[Spambo]

Hello Spambo

You probably missed some of the info in my earlier posts, (yea I know its a long thread), but I work from a remote area with no phone lines and except for possibly using a cell phone, Direcway is the only ISP I have available to me.  Their dynamic IP addressing scheme assigns me an IP when I log on over which the only control I have is to cycle power and try again and hope for a better one.  Lack of email connectivity to me means $ lost and/or a 2 hour drive.

[snippage]

I perused the thread. I meant that other options for emailing exist other than your ISP's server. Many are 'free-to-low-cost, and many of them don't record their customer's IP so your ISP won't even enter the picture.

If outgoing email is important to your online life then get a backup plan in action.

[bill j]

I understand. I do have a hotmail account as a backup and I'm looking into a cell phone based system for complete redundancy. I've got an ups big enough to run my system for an hour and a generator and 50 gallons of gas for power outages that last longer. I had 4 days last winter without grid power. I love this life. It's just that, unless I appear to my clients as a full up professional office, I won't last long in this busisness.

Thanks again

[Jeff G.]

other options for emailing exist other than your ISP's server.  Many are 'free-to-low-cost, and many of them don't record their customer's IP so your ISP won't even enter the picture.

If outgoing email is important to your online life then get a backup plan in action.

24883[/snapback]

I'd be interested in knowing which of those options don't record their customer's IP in the headers, and what precautions their admins are taking against abuse.