Geoff_C Posted February 24, 2004 Share Posted February 24, 2004 Hi Guys, I ended up here, because I found I could not email a prospective client. My situation is a little odd, because I am in the UK for two months, but normally resident in Australia. Naturally I want to use my standard business email address, but in this case I am forced to relay through my ISP - pair.com. They are one of the worlds largest, and have very tough settings on relaying, and I can't relay unless I first pop or read the mail server first. I have also checked the server - otok.pair.com against the SpamCop data base, and this is what it says: Query bl.spamcop.net - 209.68.1.150 209.68.1.150 is otok.pair.com (Help) (Trace IP) (Senderbase lookup) 209.68.1.150 not listed in bl.spamcop.net Now, if this is NOT listed, why am I getting blocked? The message I received originally is pretty meaningless, but can only refer to my mail server, surely? I received this: Text Analysis Results This report describes the search expressions found in this message. Scenarios/Incoming/DNSBLSite found the following search expressions in 'X-DNSBLSITE': The phrase 'bl.spamcop.net' was found at the location(s): Any help would be appreciated. If I am in completely the wrong forum, I apologise. Geoff. Link to comment Share on other sites More sharing options...
turetzsr Posted February 24, 2004 Share Posted February 24, 2004 Hi, Geoff! If I am in completely the wrong forum, I apologise. ...No, you seem to have come to exactly the right place! ...Regarding 209.68.1.150, my guess would be that your e-mail is not going through that server, or that it is another server along the route that is on the SpamCop BL. ...Perhaps the information posted at Pinned: FAQ Entry: Why is my email blocked? will help you. If not, please come back here with any additional questions. Link to comment Share on other sites More sharing options...
Merlyn Posted February 24, 2004 Share Posted February 24, 2004 Hi Guys, I ended up here, because I found I could not email a prospective client. My situation is a little odd, because I am in the UK for two months, but normally resident in Australia. Naturally I want to use my standard business email address, but in this case I am forced to relay through my ISP - pair.com. They are one of the worlds largest, and have very tough settings on relaying, and I can't relay unless I first pop or read the mail server first. I have also checked the server - otok.pair.com against the SpamCop data base, and this is what it says: Query bl.spamcop.net - 209.68.1.150 209.68.1.150 is otok.pair.com (Help) (Trace IP) (Senderbase lookup) 209.68.1.150 not listed in bl.spamcop.net Now, if this is NOT listed, why am I getting blocked? The message I received originally is pretty meaningless, but can only refer to my mail server, surely? I received this: Text Analysis Results This report describes the search expressions found in this message. Scenarios/Incoming/DNSBLSite found the following search expressions in 'X-DNSBLSITE': The phrase 'bl.spamcop.net' was found at the location(s): Any help would be appreciated. If I am in completely the wrong forum, I apologise. Geoff. If you post the entire reject message it would be easier to assist you. Link to comment Share on other sites More sharing options...
Geoff_C Posted February 25, 2004 Author Share Posted February 25, 2004 Hi Merlyn, Here is the entire rejection. It is two parts, the email, and an attachment: Email rejection: Your message Planning and Evaluating Price Promotions has been rejected by the Bacardi MailSweeper service. If you feel that this message has been rejected in error, please contact the recipient directly. Server: USBRS018[at]Bacardi.com Rule: Scenarios/Incoming/DNSBLSite: The operation completed successfully. And the attached text: Text Analysis Results This report describes the search expressions found in this message. Scenarios/Incoming/DNSBLSite found the following search expressions in 'X-DNSBLSITE': The phrase 'bl.spamcop.net' was found at the location(s): . It's rather terse, as you will agree. Naturally I cannot determine the precise path my email followed, because I don't have it, but the headers of the rejection email are as follows: Return-Path: <postmaster[at]bacardi.com> Delivered-To: cutlerg-pag:com:au-geoff.cutler[at]pag.com.au X-Envelope-To: geoff.cutler[at]pag.com.au Received: (qmail 98854 invoked from network); 20 Feb 2004 11:36:38 -0000 Received: from unknown (HELO usregmail02.bacardi.com) (68.16.70.74) by otok.pair.com with SMTP; 20 Feb 2004 11:36:38 -0000 Received: from usbrs018.bl.bacardi.net ([10.4.98.8]) by usregmail02.bacardi.com (Lotus Domino Release 6.5) with ESMTP id 2004022006363659-160643 ; Fri, 20 Feb 2004 06:36:36 -0500 From: postmaster[at]bacardi.com To: geoff.cutler[at]pag.com.au Date: Fri, 20 Feb 2004 06:36:36 -0500 (EST) Subject: Your message: geoff.cutler[at]pag.com.au has been rejected MIME-Version: 1.0 X-MIMETrack: Itemize by SMTP Server on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at 02/20/2004 06:36:36 AM, Serialize by Router on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at 02/20/2004 06:36:38 AM, Serialize complete at 02/20/2004 06:36:38 AM Message-ID: <OF81334E40.AF90997F-ON85256E40.003FC6CB[at]bacardi.com> Content-Type: multipart/mixed; boundary="2453056.36.356" That all looks as I would expect it. My email account is Geoff.Cutler and the master account name at pair is cutlerg. My domain is hosted on otok.pair.com Thanks, Geoff. Link to comment Share on other sites More sharing options...
Wazoo Posted February 25, 2004 Share Posted February 25, 2004 pretty wierd ... parse of the return address, assumption being that they used what was incoming; Parsing input: <you>[at]pag.com.au 209.68.1.150 is an mx ( 50 ) for pag.com.au host 209.68.1.150 = otok.pair.com (cached) and based on the last go round, this IPA wasn't listed then, isn't listed now. Their blocked message is pretty off the wall, but I'm not a Lotus fan, so there might be a reason it's so strange ..?? First alternative, is there a way to send this message to the intended via a Hotmail account perhaps, include this data for them to pass onto their IT folks to see of they can offer a better answer? Or at least the recommendation that they figure out a way to much improve their error message? Here's hoping someone wiser than I comes along pretty soon <g> Else, offers made to others, I can kick you an e-mail address to send something to, so I can see the actual travels your outgoing makes to see where it might actually be passing through another IPA that's the real issue? Link to comment Share on other sites More sharing options...
Geoff_C Posted February 25, 2004 Author Share Posted February 25, 2004 First alternative, is there a way to send this message to the intended via a Hotmail account perhaps, include this data for them to pass onto their IT folks to see of they can offer a better answer? Or at least the recommendation that they figure out a way to much improve their error message? Else, offers made to others, I can kick you an e-mail address to send something to, so I can see the actual travels your outgoing makes to see where it might actually be passing through another IPA that's the real issue? Hi Wazoo, Well it looks like one of those things. I have managed to email them via another address, but as they are not a client, I don't think anybody cares about my problem. Sigh. If it pops up again, with another prospect, I will however have to concede there is a real problem. When I am "home" we have our own mailserver, so the problem will not exist. Happy to email you if there is value in it, otherwise I will just write it off. You may be right, and it may be going somewhere else. I guess if someone in Bacardi actually wants to communicate with me, I might get more response. I did email their postmaster, but no response there. Geoff. Link to comment Share on other sites More sharing options...
Wazoo Posted February 25, 2004 Share Posted February 25, 2004 Ouch! We've been looking at the wrong part of the world, that's for sure. The bad news can be found at; http://www.spamcop.net/w3m?action=checkblock&ip=195.92.67.23 .... spam and spamtraps ... not good. I'm a bit puzzled over the first connection point (IPA isn't found by SpamCop, but the data / name is interesting .... helo=dellp4laptop sure seems like a strange name for an e-mail server <g> You do know you're sending HTML quoted-printable, right? Link to comment Share on other sites More sharing options...
Geoff_C Posted February 26, 2004 Author Share Posted February 26, 2004 Hi Wazoo, You have me completely puzzled now. I went to that link, and could not see what it had to do with me. Sorry. Looked like some serious spam though. But my laptop is a dell, and called dellp4laptop on our internal network, and I see it is configured as dellp4laptop[at]pag.com.au. I also don't understand the significance of "HTML quoted-printable" I am simply typing an email that has three URLS that refer to my own company web site, plus an attachment. Those emails seems to be UK stuff, and I am definately accessing the pair mail server based in the USA. It is setup as relay.pag.com.au But I am dialling in through Freeserve, a UK ISP. I guess I could see if it makes any difference logging in using Grik. Ironically, I had no trouble using my freeserve email account to contact Bacardi. So where or how are you getting that Ip 195.92.67.23 Are you saying that is in the header? Geoff Link to comment Share on other sites More sharing options...
Wazoo Posted February 26, 2004 Share Posted February 26, 2004 The headers of the e-mail you sent me for test; Received: from sccmgwc03.mchsi.com ([127.0.0.1]) by sccmgwc03.mchsi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20040225130919.DNYJ6917.sccmgwc03.mchsi.com[at]sccmgwc03.mchsi.com> for <x>; Wed, 25 Feb 2004 13:09:19 +0000 Received: from mail18.svr.pol.co.uk ([195.92.67.23]) by sccmgwc03.mchsi.com (sccmgwc03) with ESMTP id <20040225130910mg30075tnee>; Wed, 25 Feb 2004 13:09:10 +0000 Received: from modem-400.chameleon.dialup.pol.co.uk ([217.134.81.144] helo=dellp4laptop) by mail18.svr.pol.co.uk with smtp (Exim 4.14) id 1Avyj7-00023U-W6 for <x>; Wed, 25 Feb 2004 13:05:26 +0000 So we have your computer, using the dialup.pol.co.uk for connection, passed your message to mail18.svr.... which is the IPA I pointed out in the last as having a not so clean record ... from there direct to my ISP. There is no mention of pair in these headers, nor the relay.pag.com.uk you mention in your last .... now that I look again at your last, there's no mention of freeserve either .. unless freeserve in this case is pol.co.uk, but that leads to the question of the definition of "your internal network" at that point. Link to comment Share on other sites More sharing options...
Geoff_C Posted February 26, 2004 Author Share Posted February 26, 2004 Hi Wazoo, Yes you are 100% correct, because I got my son to send me back my mail header. That is Received: from modem-1375.antelope.dialup.pol.co.uk ([217.134.21.95] helo=dellp4laptop) by mail18.svr.pol.co.uk with smtp (Exim 4.14) That pol.co.uk is the Freeserve dial in, but I don't understand why or how I am going through mail18.svr and I am the more puzzled because when I use the freeserve mail box, I have no problem at all. But, the point is, there is a reason, and i thank you for discovering it, even if I have not yet figured how to avoid the problem, knowing the problem is the start. Many thanks Geoff. Link to comment Share on other sites More sharing options...
Wazoo Posted February 26, 2004 Share Posted February 26, 2004 If we give the numbers any credence, there's at least 1375 servers/computers placed around the country (one wonders what the other 1373 animal names might be<g>) to provide connection access .. and then these are networked with at least 18 systems that are dedicated to handling e-mail ... that both examples used wildly different connection points ( the modem-400.chameleon and modem-1375.antelope) but both went next to the same e-mail mail18.svr server is what suggests this to me (that there's some geographic span that this one e-mail server handles.) You might be at the whims of getting listed on and off based on the spam counts coming out of that server, but the suggestion of skipping to the west a couple villages and trying from there to see if you get to a different e-mail server (and who knows what BadList that one might be in at the moment?) seems a bit silly. That you've referenced these other connections, i.e., pair.com, relay.pag.com.au, is there a way to actually send/recieve mail though those server / points? (I have to admit to not having a clue as to what Grik is.) I realize that this gets out of you wanting to retain some standard identity, but ...???? Link to comment Share on other sites More sharing options...
Merlyn Posted February 26, 2004 Share Posted February 26, 2004 Return-Path: <postmaster[at]bacardi.com> Delivered-To: cutlerg-pag:com:au-geoff.cutler[at]pag.com.au X-Envelope-To: geoff.cutler[at]pag.com.au Received: (qmail 98854 invoked from network); 20 Feb 2004 11:36:38 -0000 Received: from unknown (HELO usregmail02.bacardi.com) (68.16.70.74) by otok.pair.com with SMTP; 20 Feb 2004 11:36:38 -0000 Received: from usbrs018.bl.bacardi.net ([10.4.98.8]) by usregmail02.bacardi.com (Lotus Domino Release 6.5) with ESMTP id 2004022006363659-160643 ; Fri, 20 Feb 2004 06:36:36 -0500 From: postmaster[at]bacardi.com To: geoff.cutler[at]pag.com.au Date: Fri, 20 Feb 2004 06:36:36 -0500 (EST) Subject: Your message: geoff.cutler[at]pag.com.au has been rejected MIME-Version: 1.0 X-MIMETrack: Itemize by SMTP Server on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at 02/20/2004 06:36:36 AM, Serialize by Router on AmericasCom2/BacardiCom(Release 6.5|September 26, 2003) at 02/20/2004 06:36:38 AM, Serialize complete at 02/20/2004 06:36:38 AM Message-ID: <OF81334E40.AF90997F-ON85256E40.003FC6CB[at]bacardi.com> Content-Type: multipart/mixed; boundary="2453056.36.356" Even though Wazoo found the blocked problem there is still a problem at Bicardi as far as I am concerned. I am not sure but this looks like a fake bounce. Fake meaning it was processed and a bounce email was created and returned instead of just rejecting the original with a 5xx and not processing it. I cannot believe that Lotus processes the email before bouncing but it is a proprietary system and they have had many problems with their email servers following standards for many years. When bouncing a message back Bicardi gives the owners of the bounced message no way to see what is really going on. Very poor processing. Anyone else see this? Link to comment Share on other sites More sharing options...
Wazoo Posted February 26, 2004 Share Posted February 26, 2004 I'm in the same mode ... that was my "not a lotus fan" statement, admitting that I couldn't figure out what the heck it was really doing .. that "phrase bl.spamcop.net was found" still has me totally lost ... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.