Jump to content
Sign in to follow this  
PROGAME

Gmail's server blocked

Recommended Posts

Yahoo uses:

Received: from [24.177.39.162] by web30407.mail.mud.yahoo.com via HTTP; Wed, 27 Apr 2005 18:16:06 PDT

However, Yahoo webmail sending servers also appear to be in that database of trusted sites: http://www.spamcop.net/sc?id=z757395202z8b...b077b2e75d70b5z

27214[/snapback]

Maybe that's what needs to be done then. Gmail needs to include the IP address of the sender's computer in the header and then SpamCop.net needs to whitelist their servers and use the sender's IP address for banning.

I hope this gets done soon. I had another e-mail bounce yesterday that was sent from Gmail to an ISP that bounces IPs on the SpamCop.net blacklist.

Share this post


Link to post
Share on other sites
Maybe that's what needs to be done then.  Gmail needs to include the IP address of the sender's computer in the header and then SpamCop.net needs to whitelist their servers and use the sender's IP address for banning.

27215[/snapback]

I think the second part gets done when the deputies see evidence that gmail (in this case) is properly identifying the source in a way spamcop can recognize. I still think gmail admins, if they are interested in getting this fixed, should be contacting the deputies to get the answers as to what is needed straight form people with the answers.

Share this post


Link to post
Share on other sites
Maybe that's what needs to be done then.  Gmail needs to include the IP address of the sender's computer in the header ...

27215[/snapback]

Actually, they only need to have one more internal hop. They just have to designate one IP address that gets all email from users and forwards to a server that sends the email out, with this recorded in a "Received:" header. Then users IP addresses would not be listed, the single IP address used to pass mail to would be listed, and the mail servers sending the email out to the public internet will never get a single report. Just like Hotmail/Yahoo avoid their servers being listed, only without listing the users' IP addresses. Any IP address that is not used for sending email out of Google's network would do, and Google has hundreds of thousands of these (or more since they probably have class A IP range). Iam not suggesting that they do this. It is better that SpamCop list the real point of injection of spam to the internet (like it does with Gmail) instead of listing some internal addresses like it does with Hotmail/Yahoo (effectively listing the IP addresses of the keyboard used to type the email text into an email client running on the webmail server). What Yahoo?Hotmail and others are doing is just forging the transfer of HTML form data used as input to a program the outputs an email message as if the message itself was transported by an email transport protocol such as SMTP.

Share this post


Link to post
Share on other sites

Is not the point of including the IP address of the sender's machine to uniquely identify the sender? What if instead of IP address gmail inserted an IP-fingerprint? Sure DNSBL wouldn't work to catch them, but they also wouldn't be able to hide from other blocking technologies.

I appreciate the concealed IP address when conversing with wildly dangerous, violent nigerian 419 criminals:

http://www.scamorama.com

:D

Share this post


Link to post
Share on other sites

I reported this technical issue using Gmail's Help Center, as follows:

Brief Summary: - Gmail's mailservers are being listed by the SCBL

Full Description: Describe what happened and what you expected to happen - Due to the lack of header data specifying the IP of the actual sender when the actual sender uses mail.google.com, Gmail servers like 64.233.162.201 and 64.233.170.204 are being listed in the SpamCopBL as the source of the e-mails being complained about as spam. Please see the discussion at http://forum.spamcop.net/forums/index.php?showtopic=3973 .

Steps to reproduce the bug (if known) - Send a message using mail.google.com

Share this post


Link to post
Share on other sites

Are any of the Gmail servers still listed by the SCBL? If so, please post a Tracking URL, Header, and/or Bounce (excluding actual spam body and confidential info). The first few offers of PM or Email with the confidential info will be accepted, too. :)

Thanks!

Share this post


Link to post
Share on other sites

you know what's funny though?

i just got the notification about the new replies for this thread right into my spam folder in Gmail

LOL this is great :lol:

i love it :D

makes sense to me, you tag me i tag you :)

Share this post


Link to post
Share on other sites
you know what's funny though?

i just got the notification about the new replies for this thread right into my spam folder in Gmail

Noted somewhere else, this seems to have been accomplished somewhere around 1 July ... That's about the time my notifications from this Forum started being placed there. Did the "not spam" button and things went back to normal.

Share this post


Link to post
Share on other sites

Greetings! As a paid-up SpamCop user, allow me to have a quick moan.

http://www.spamcop.net/w3m?action=checkblo...p=72.14.204.196

A user-contributed blacklist is pointless if you allow users to block services like Gmail. Surely these IPs should be whitelisted, permanently?

If there are any arguments against this, I'd be really interested (and will cheerfully demolish them).

As it is, SpamCop, or its dumb users*, have screwed me over today by rendering Gmail totally useless to reach one of my contacts. Grr.

* Please see first line before flaming

Share this post


Link to post
Share on other sites

There is absolutely NO reason for a blocklist to whitelist ANY IP address. End users can use whitelists to override blocklists if they wish. There is spam coming from/through that IP of a high percentage which is the basis for being listed.

From the page you reference:

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam less than 10 times in the past week

That server is sending messages to spamcop spamtraps. That alone (without user reports) would probably be listing this IP.

The following are only the first page of reports that have come through this particular gmail server.

Report History:

--------------------------------------------------------------------------------

Submitted: Tuesday, October 04, 2005 7:51:32 AM -0400:

100%PRACTICO ...

--------------------------------------------------------------------------------

Submitted: Tuesday, October 04, 2005 7:50:23 AM -0400:

Hello(Goodday)

1521325597 ( 72.14.204.196 ) To: abuse[at]gmail.com

--------------------------------------------------------------------------------

Submitted: Sunday, October 02, 2005 8:14:20 PM -0400:

PARA QUEJAS Y RECLAMOS

--------------------------------------------------------------------------------

Submitted: Saturday, October 01, 2005 2:38:35 PM -0400:

Re: Auxilary/roulettes meeting this Saturday...

--------------------------------------------------------------------------------

Submitted: Friday, September 30, 2005 9:12:26 PM -0400:

WE NEED YOUR MOST HELP.

--------------------------------------------------------------------------------

Submitted: Friday, September 30, 2005 1:04:52 PM -0400:

CONVENCION TOP PARA SECRETARIAS

--------------------------------------------------------------------------------

Submitted: Thursday, September 29, 2005 11:00:49 AM -0400:

WORK WITH US!!!!!!!!!!!!!

--------------------------------------------------------------------------------

Submitted: Tuesday, September 27, 2005 6:05:56 PM -0400:

CAN I TRUST YOU

--------------------------------------------------------------------------------

Share this post


Link to post
Share on other sites

James Cridland's last post was Moved/Merged into this existing Topic/Discussion ... will go with that the "last 30 days" default setting for Topic display in this Forum 'prevented' one from 'knowing' that this had already been under much discussion (see http://forum.spamcop.net/forums/index.php?...indpost&p=29128 Section 5) .. never mind that Google folks had even been contacted and responded ....

PM sent to advise of this Move/Merge.

Share this post


Link to post
Share on other sites
There is absolutely NO reason for a blocklist to whitelist ANY IP address.  End users can use whitelists to override blocklists if they wish.

Correct. End users can - but I can't override their blocklist for them. (And with this particular user I'm emailing, I can't get in contact any other way).

There is absolutely no justification for blocking my email, and that of thousands of other Gmail users. If 99.999% of users of Gmail are using Gmail perfectly legally and happily from Gmail's addresses, there is no justification to block access for the 0.001%.

It's a different thing from blocking an errant open relay: when you block a server which belongs to Gmail, you are mostly blocking legitimate users, most of whom don't know or care about blocklists. A possible solution, even if you don't accept that whitelisting is a good thing, is to at the very least treat these IP addresses differently from 'normal' IP addresses by making them need many more reports to block them.

Some differentiation is surely the sensible thing to do here. As it currently is, you are hurting many more people than you are helping, which is a Bad Thing, and not what SpamCop's there for.

Share this post


Link to post
Share on other sites
James Cridland's last post was Moved/Merged into this existing Topic/Discussion ...  will go with that the "last 30 days" default setting for Topic display in this Forum 'prevented' one from 'knowing' that this had already been under much discussion (see http://forum.spamcop.net/forums/index.php?...indpost&p=29128 Section 5) .. never mind that Google folks had even been contacted and responded ....

For the record, I searched for "Gmail blocked" and saw nothing on the first page of the search results. It's probably fair that I expected this issue to be a recent discussion.

Share this post


Link to post
Share on other sites
(And with this particular user I'm emailing, I can't get in contact any other way).

That would take a bit of explanation to justify, but .. your call ....

There is absolutely no justification for blocking my email, and that of thousands of other Gmail users. If 99.999% of users of Gmail are using Gmail perfectly legally and happily from Gmail's addresses, there is no justification to block access for the 0.001%.

33689[/snapback]

I feel bad in that I moved this into an existing discussion that in fact, did attempt to explain (even justify, if you will) the 'problem' .... It wouldn't take much for the Google engineers to 'solve/fix' the issue, but .... Would have to guess that as fact as this reply showed up, none of the previous discussion was actually read and absorbed ...????

Share this post


Link to post
Share on other sites
There is absolutely no justification for blocking my email, and that of thousands of other Gmail users. If 99.999% of users of Gmail are using Gmail perfectly legally and happily from Gmail's addresses, there is no justification to block access for the 0.001%.

33689[/snapback]

There is no justification in your recipient's ISP using the list to block messages rather than tag them as recommended.

I got some incoming mail caught up last week from a gmail user but I simply released it from my held mail. Largely painless.

If you're a gmail user why not press their tech support to address the apparent weaknesses that allow their system to be abused.

Andrew

Share this post


Link to post
Share on other sites
... how does adding gmail's server to a black list makes any sense at all?

i mean, because of less than 10 people, does it make sense to block ...

26653[/snapback]

Those are two different things.

1. Adding the IP address to the BL is justified by the rules used to decide what's added to the the list. And by the fact that spam actually originated from that IP address.

2. Blocking email based (only) on the sending server being listed on SCBL is almost never justifiable. And it is not recomended by SpamCop. But still many clueless sysadmins just use SCBL like any other list of open relays.

The main difference is that SpamCop's main mission is identifying the source of spam within networks, and supply ISPs and network operators with identification of the source of spam within their network that they can use to quickly get rid of the problem. In many cases it is not the IP address from which a message is directly received. So what SpamCop lists is the source of the first hop in the message's route. But what most sysadmins do is compare it to IP addresses of servers that they receive mail from (i.e. the source of the last hop in the message's route). So blocking email this way is quite senseless! But it is mainly the fault of the receiving system for not using the SCBL correctly. To use it correctly the email headers should be analyzed, the originating IP address should be identified from the "Received" headers, and this address should be checked against the SCBL. Almost nobody does this, and using SCBL for blocking (or even tagging) any other way is wrong. Big email services like Gmail where first hop and last hop recorded in headers (using IP addresses that are not internal) are the same suffer from this the most. And the solution is very easy: Gmail can record one additional Received header that says that the email was sent internally from one IP address to the the IP address of the server that sends it out. Actually Google probably has so many spare IP addresses that are not used for sending email out that they can create a virtual network were each user is assigned a unique IP address and then getting on a BL would affect only the one user that really sent the spam.

IMO SpamCop's only "fault" here is that it does not make it clear enough in the documentation that using the list should be with tools that analyze headers to find the source of the message.

Share this post


Link to post
Share on other sites
There is absolutely no justification for blocking my email, and that of thousands of other Gmail users. If 99.999% of users of Gmail are using Gmail perfectly legally and happily from Gmail's addresses, there is no justification to block access for the 0.001%.

33689[/snapback]

There is an other solution to your problem. Instead of blaming SC for the problems other users of your ISP are causing you, you might consider raising the issue with your ISP.

Of course if the policies and practices of your ISP result in them not providing you the service you need/want, you could change providers.

As a "paidup SpamCop user" you believe in using your money to fight spam. Changing your ISP, and explaining why, would also send a message to those that have policies that allow spam to be sent throughout the web.

This would solve your problem and have the added effect of getting Gmail out of my inbox.

Edited by Lking

Share this post


Link to post
Share on other sites
...

Of course if the policies and practices of your ISP result in them not providing you the service you need/want, you could change providers.

...

33700[/snapback]

Stop using Gmail because Gmail policy does not include hacking around SpamCop?

The main reason email from Gmail was blocked was not that a few spammers used it, but that a few ISPs followed the instructions provided by SpamCop here to setup blocking of email. They might have followed the advice that email is better tagged than blocked, but the instructions provided are for blocking. Even if they do the homework and find out how to tag or divert email based on SCBL, the information in the SpamCop faq does not instruct them correctly on what IP address to use when comparing to the SpamCop list. In describing how the SCBL works the faq wrongly says that SpamCop lists IP addresses that transmitted spam to SpamCop users that have reported it. That is clearly incorrect as the criterion for inclusion is not being the IP address that transmitted the spam to the spamcop user but rather an IP address derived from the "Received" headers in the message as where the email started its journey. For almost all legitimate email sent it is not the same as the IP address that transmits the message to spamcop users. Mail sent from an email client using SMTP through an ISP's email server has a Received header showing the client's IP address sending to the ISP's server, that then transmits the message to the spamcop user from it's own IP. Most webmail services record the http transaction of submiting a form that happens when a user clicks the "send" button in a "Received" header stating the web client's IP address as the origin. Then the webmail service transmits the message to the spamcop user from its own IP address, not the one that is identified by spamcop as the origin. If the webmail service wishes to protect its customers' privacy and still avoid spamcop listing it can replace those IP addresses with (almost) random IP addresses. SpamCop would not know the difference. Google's main fault is that it doesn't do it. And its minor fault is that it cannot totally prevent spam spam has to be sent at least in small quantities before it can be detected.

Share this post


Link to post
Share on other sites
Stop using Gmail because Gmail policy does not include hacking around SpamCop?

The main reason email from Gmail was blocked was not that a few spammers used it,

33704[/snapback]

NO, People seem to be missing the point....the MAIN reason that IP is blocked is that spam is being sent to email addresses that have been scraped from the web...addresses used exclusively to find spammers. The 10 or less actual peole to have reported spam is a much smaller part of the equation. Please see http://www.spamcop.net/fom-serve/cache/297.html "What is on the list?"

There is absolutely NO reason for a server to be sending email to an address that have never been used for any reason but being hidden on a web page someplace. Either gmail allows spammers to use their service in a high enough percentage to be blocked, or they don't. The other possibility is that gmail is bouncing non-deliverable messages to the forged email addresses in messages which happen to be spamtraps. Either way, they are sending a relatively high percentage of junk onto the internet and the majority of people do not care to receive messages from them.

Share this post


Link to post
Share on other sites
The main reason email from Gmail was blocked was not that a few spammers used it, but that a few ISPs followed the instructions provided by SpamCop.

33704[/snapback]

Don't blame the messenger. It would not make any difference what the instructions are if there were no spam coming from Gmail. No spam, no triggers in the spamtraps, or reports to SpamCop. No reports to SpamCop no listing of the Gmail IPs on the BL. Blame the spam not the response to the spam.

If the webmail service wishes to protect its customers' privacy and still avoid spamcop listing it can replace those IP addresses with (almost) random IP addresses. SpamCop would not know the difference. Google's main fault is that it doesn't do it.

If you are suggesting that it is a fault that the addies are not falsified, perhaps your traffic should be blocked.

And its minor fault is that it cannot totally prevent spam.

Nor does it try very hard from what I can see. <_<

Edited by Lking

Share this post


Link to post
Share on other sites
For almost all legitimate email sent it is not the same as the IP address that transmits the message to spamcop users. Mail sent from an email client using SMTP through an ISP's email server has a Received header showing the client's IP address sending to the ISP's server, that then transmits the message to the spamcop user from it's own IP.
You are partly right here. The major problem is that most spam messages also contain forged IP addresses in the headers, so to rely on the source IP would be to list inocent IP addresses. SpamCop has chosen to list the last known valid IP address as the source of the spam, even if it is not the true source, it still is the path through which the spam went and could have been stopped. Is it fair, probably not.

Is it fair that I have to spend a extra two hours in the airport because terorists have made travel unsafe? NO, but it is just the way it is now. Everyone suffers because of a few. Is the cure worse that the problem? Depends on your point of view and how it actually affect you.

Share this post


Link to post
Share on other sites
The other possibility is that gmail is bouncing non-deliverable messages to the forged email addresses in messages which happen to be spamtraps.

33706[/snapback]

That doesn't appear to be happening - a Gmail mailserver responded with "550 5.7.1 No such user" when I tested emailing a nonexistent email address at gmail.com.

Gmail users who are unhappy with what Gmail is doing (failing to record in a Received Header Line the source of email messages sent through their web mail interface) are certainly free to complain to Gmail, demand their money back (ha!), use their own email clients to connect to Gmail's SMTP Servers (which don't have the described problem), or take other action like using their own ISPs' mailservers, as they see fit.

All email users (including Gmail users such as those who have posted in this Topic previously) should:

  1. not have their email blocked using any blocklist without their consent
  2. have easy access to a whitelist (and/or be able to turn off blocking) to bypass any blocklist imposed on them
  3. complain longly and loudly if the previous items are not met.

Edited by Jeff G.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×