Jump to content

Puzzled and probably stupid


Geoff_C

Recommended Posts

Hi Guys,

I ended up here, because I found I could not email a prospective client. My situation is a little odd, because I am in the UK for two months, but normally resident in Australia. Naturally I want to use my standard business email address, but in this case I am forced to relay through my ISP - pair.com. They are one of the worlds largest, and have very tough settings on relaying, and I can't relay unless I first pop or read the mail server first. I have also checked the server - otok.pair.com against the SpamCop data base, and this is what it says:

Query bl.spamcop.net - 209.68.1.150

209.68.1.150 is otok.pair.com

(Help) (Trace IP) (Senderbase lookup)

209.68.1.150 not listed in bl.spamcop.net

Now, if this is NOT listed, why am I getting blocked? The message I received originally is pretty meaningless, but can only refer to my mail server, surely? I received this:

Text Analysis Results

This report describes the search expressions found in this message.

Scenarios/Incoming/DNSBLSite found the following search expressions in 'X-DNSBLSITE':

The phrase 'bl.spamcop.net' was found at the location(s):

Any help would be appreciated.

If I am in completely the wrong forum, I apologise.

Geoff.

Link to comment
Share on other sites

Hi, Geoff!

If I am in completely the wrong forum, I apologise.

...No, you seem to have come to exactly the right place!

...Regarding 209.68.1.150, my guess would be that your e-mail is not going through that server, or that it is another server along the route that is on the SpamCop BL.

...Perhaps the information posted at Pinned: FAQ Entry: Why is my email blocked? will help you. If not, please come back here with any additional questions.

Link to comment
Share on other sites

Hi Guys,

I ended up here, because I found I could not email a prospective client.  My situation is a little odd, because I am in the UK for two months, but normally resident in Australia. Naturally I want to use my standard business email address, but in this case I am forced to relay through my ISP - pair.com. They are one of the worlds largest, and have very tough settings on relaying, and I can't relay unless I first pop or read the mail server first. I have also checked the server - otok.pair.com against the SpamCop data base, and this is what it says:

Query bl.spamcop.net - 209.68.1.150

209.68.1.150 is otok.pair.com

(Help) (Trace IP) (Senderbase lookup)

209.68.1.150 not listed in bl.spamcop.net

Now, if this is NOT listed, why am I getting blocked? The message I received originally is pretty meaningless, but can only refer to my mail server, surely? I received this:

Text Analysis Results

This report describes the search expressions found in this message.

Scenarios/Incoming/DNSBLSite found the following search expressions in 'X-DNSBLSITE':

The phrase 'bl.spamcop.net' was found at the location(s):

Any help would be appreciated.

If I am in completely the wrong forum, I apologise.

Geoff.

If you post the entire reject message it would be easier to assist you.

Link to comment
Share on other sites

Hi Merlyn,

Here is the entire rejection. It is two parts, the email, and an attachment:

Email rejection:

Your message Planning and Evaluating Price Promotions has been rejected by the Bacardi MailSweeper service. If you feel that this message has been rejected in error, please contact the recipient directly.

Server: USBRS018[at]Bacardi.com

Rule: Scenarios/Incoming/DNSBLSite: The operation completed successfully.

And the attached text:

Text Analysis Results

This report describes the search expressions found in this message.

Scenarios/Incoming/DNSBLSite found the following search expressions in 'X-DNSBLSITE':

The phrase 'bl.spamcop.net' was found at the location(s): .

It's rather terse, as you will agree. Naturally I cannot determine the precise path my email followed, because I don't have it, but the headers of the rejection email are as follows:

Return-Path: <postmaster[at]bacardi.com>

Delivered-To: cutlerg-pag:com:au-geoff.cutler[at]pag.com.au

X-Envelope-To: geoff.cutler[at]pag.com.au

Received: (qmail 98854 invoked from network); 20 Feb 2004 11:36:38 -0000

Received: from unknown (HELO usregmail02.bacardi.com) (68.16.70.74)

by otok.pair.com with SMTP; 20 Feb 2004 11:36:38 -0000

Received: from usbrs018.bl.bacardi.net ([10.4.98.8])

by usregmail02.bacardi.com (Lotus Domino Release 6.5)

with ESMTP id 2004022006363659-160643 ;

Fri, 20 Feb 2004 06:36:36 -0500

From: postmaster[at]bacardi.com

To: geoff.cutler[at]pag.com.au

Date: Fri, 20 Feb 2004 06:36:36 -0500 (EST)

Subject: Your message: geoff.cutler[at]pag.com.au has been rejected

MIME-Version: 1.0

X-MIMETrack: Itemize by SMTP Server on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at

02/20/2004 06:36:36 AM,

Serialize by Router on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at

02/20/2004 06:36:38 AM,

Serialize complete at 02/20/2004 06:36:38 AM

Message-ID: <OF81334E40.AF90997F-ON85256E40.003FC6CB[at]bacardi.com>

Content-Type: multipart/mixed; boundary="2453056.36.356"

That all looks as I would expect it. My email account is Geoff.Cutler and the master account name at pair is cutlerg. My domain is hosted on otok.pair.com

Thanks,

Geoff.

Link to comment
Share on other sites

pretty wierd ... parse of the return address, assumption being that they used what was incoming;

Parsing input: <you>[at]pag.com.au

209.68.1.150 is an mx ( 50 ) for pag.com.au

host 209.68.1.150 = otok.pair.com (cached)

and based on the last go round, this IPA wasn't listed then, isn't listed now.

Their blocked message is pretty off the wall, but I'm not a Lotus fan, so there might be a reason it's so strange ..??

First alternative, is there a way to send this message to the intended via a Hotmail account perhaps, include this data for them to pass onto their IT folks to see of they can offer a better answer? Or at least the recommendation that they figure out a way to much improve their error message?

Here's hoping someone wiser than I comes along pretty soon <g> Else, offers made to others, I can kick you an e-mail address to send something to, so I can see the actual travels your outgoing makes to see where it might actually be passing through another IPA that's the real issue?

Link to comment
Share on other sites

First alternative, is there a way to send this message to the intended via a Hotmail account perhaps, include this data for them to pass onto their IT folks to see of they can offer a better answer?  Or at least the recommendation that they figure out a way to much improve their error message?

Else, offers made to others, I can kick you an e-mail address to send something to, so I can see the actual travels your outgoing makes to see where it might actually be passing through another IPA that's the real issue?

Hi Wazoo,

Well it looks like one of those things. I have managed to email them via another address, but as they are not a client, I don't think anybody cares about my problem. Sigh. If it pops up again, with another prospect, I will however have to concede there is a real problem. When I am "home" we have our own mailserver, so the problem will not exist.

Happy to email you if there is value in it, otherwise I will just write it off. You may be right, and it may be going somewhere else.

I guess if someone in Bacardi actually wants to communicate with me, I might get more response. I did email their postmaster, but no response there.

Geoff.

Link to comment
Share on other sites

Ouch! We've been looking at the wrong part of the world, that's for sure. The bad news can be found at;

http://www.spamcop.net/w3m?action=checkblock&ip=195.92.67.23 .... spam and spamtraps ... not good.

I'm a bit puzzled over the first connection point (IPA isn't found by SpamCop, but the data / name is interesting .... helo=dellp4laptop sure seems like a strange name for an e-mail server <g>

You do know you're sending HTML quoted-printable, right?

Link to comment
Share on other sites

Hi Wazoo,

You have me completely puzzled now. I went to that link, and could not see what it had to do with me. Sorry. Looked like some serious spam though.

But my laptop is a dell, and called dellp4laptop on our internal network, and I see it is configured as dellp4laptop[at]pag.com.au. I also don't understand the significance of "HTML quoted-printable" I am simply typing an email that has three URLS that refer to my own company web site, plus an attachment.

Those emails seems to be UK stuff, and I am definately accessing the pair mail server based in the USA. It is setup as relay.pag.com.au But I am dialling in through Freeserve, a UK ISP. I guess I could see if it makes any difference logging in using Grik.

Ironically, I had no trouble using my freeserve email account to contact Bacardi. So where or how are you getting that Ip 195.92.67.23 Are you saying that is in the header?

Geoff

Link to comment
Share on other sites

The headers of the e-mail you sent me for test;

Received: from sccmgwc03.mchsi.com ([127.0.0.1]) by sccmgwc03.mchsi.com

(InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP

id <20040225130919.DNYJ6917.sccmgwc03.mchsi.com[at]sccmgwc03.mchsi.com>

for <x>; Wed, 25 Feb 2004 13:09:19 +0000

Received: from mail18.svr.pol.co.uk ([195.92.67.23])

by sccmgwc03.mchsi.com (sccmgwc03) with ESMTP

id <20040225130910mg30075tnee>; Wed, 25 Feb 2004 13:09:10 +0000

Received: from modem-400.chameleon.dialup.pol.co.uk ([217.134.81.144] helo=dellp4laptop)

by mail18.svr.pol.co.uk with smtp (Exim 4.14)

id 1Avyj7-00023U-W6

for <x>; Wed, 25 Feb 2004 13:05:26 +0000

So we have your computer, using the dialup.pol.co.uk for connection, passed your message to mail18.svr.... which is the IPA I pointed out in the last as having a not so clean record ... from there direct to my ISP.

There is no mention of pair in these headers, nor the relay.pag.com.uk you mention in your last .... now that I look again at your last, there's no mention of freeserve either .. unless freeserve in this case is pol.co.uk, but that leads to the question of the definition of "your internal network" at that point.

Link to comment
Share on other sites

Hi Wazoo,

Yes you are 100% correct, because I got my son to send me back my mail header. That is

Received: from modem-1375.antelope.dialup.pol.co.uk ([217.134.21.95]

helo=dellp4laptop) by mail18.svr.pol.co.uk with smtp (Exim 4.14)

That pol.co.uk is the Freeserve dial in, but I don't understand why or how I am going through mail18.svr and I am the more puzzled because when I use the freeserve mail box, I have no problem at all.

But, the point is, there is a reason, and i thank you for discovering it, even if I have not yet figured how to avoid the problem, knowing the problem is the start.

Many thanks

Geoff.

Link to comment
Share on other sites

If we give the numbers any credence, there's at least 1375 servers/computers placed around the country (one wonders what the other 1373 animal names might be<g>) to provide connection access .. and then these are networked with at least 18 systems that are dedicated to handling e-mail ... that both examples used wildly different connection points ( the modem-400.chameleon and modem-1375.antelope) but both went next to the same e-mail mail18.svr server is what suggests this to me (that there's some geographic span that this one e-mail server handles.) You might be at the whims of getting listed on and off based on the spam counts coming out of that server, but the suggestion of skipping to the west a couple villages and trying from there to see if you get to a different e-mail server (and who knows what BadList that one might be in at the moment?) seems a bit silly.

That you've referenced these other connections, i.e., pair.com, relay.pag.com.au, is there a way to actually send/recieve mail though those server / points? (I have to admit to not having a clue as to what Grik is.) I realize that this gets out of you wanting to retain some standard identity, but ...????

Link to comment
Share on other sites

Return-Path: <postmaster[at]bacardi.com>

Delivered-To: cutlerg-pag:com:au-geoff.cutler[at]pag.com.au

X-Envelope-To: geoff.cutler[at]pag.com.au

Received: (qmail 98854 invoked from network); 20 Feb 2004 11:36:38 -0000

Received: from unknown (HELO usregmail02.bacardi.com) (68.16.70.74)

  by otok.pair.com with SMTP; 20 Feb 2004 11:36:38 -0000

Received: from usbrs018.bl.bacardi.net ([10.4.98.8])

          by usregmail02.bacardi.com (Lotus Domino Release 6.5)

          with ESMTP id 2004022006363659-160643 ;

          Fri, 20 Feb 2004 06:36:36 -0500

From: postmaster[at]bacardi.com

To: geoff.cutler[at]pag.com.au

Date: Fri, 20 Feb 2004 06:36:36 -0500 (EST)

Subject: Your message: geoff.cutler[at]pag.com.au has been rejected

MIME-Version: 1.0

X-MIMETrack: Itemize by SMTP Server on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at

02/20/2004 06:36:36 AM,

Serialize by Router on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at

02/20/2004 06:36:38 AM,

Serialize complete at 02/20/2004 06:36:38 AM

Message-ID: <OF81334E40.AF90997F-ON85256E40.003FC6CB[at]bacardi.com>

Content-Type: multipart/mixed; boundary="2453056.36.356"

Even though Wazoo found the blocked problem there is still a problem at Bicardi as far as I am concerned. I am not sure but this looks like a fake bounce. Fake meaning it was processed and a bounce email was created and returned instead of just rejecting the original with a 5xx and not processing it. I cannot believe that Lotus processes the email before bouncing but it is a proprietary system and they have had many problems with their email servers following standards for many years.

When bouncing a message back Bicardi gives the owners of the bounced message no way to see what is really going on. Very poor processing.

Anyone else see this?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...