Jump to content
Sign in to follow this  
Wollys

Yahoo webmail blocked...or?

Recommended Posts

Hi all,

My father in law have told me that he can't send me mail from his local internet cafe in Bali, Indonesia.

He receives some 5xx error code, and that the RBL doesn't like his IP address.

He uses yahoo web mail, and at first I thought that it couldn't be possible that his message bounces on the basis of yahoo's IP. But after reading this list, it seems that this is common practice?

Or could it be that the mail is blocked based on the internet cafe's/providers IP adress(es)? This could only mean that a check is done on the 'X-originating-IP' header.

I am sorry that I can't provide you with any IP addresses at tihis time. I would just like to check what is the most probable reason for the block.

Thanks!

Share this post


Link to post
Share on other sites
He receives some 5xx error code, and that the RBL doesn't like his IP address.

He uses yahoo web mail, and at first I thought that it couldn't be possible that his

42672[/snapback]

If it is the SCBL it should be the IP sending the spam that gets blocked

However many so called email providers offer misconfigured servers which do not list the IP source meaning the next link in chain can get blocked which is their own mail server. For SpamCop to list an email server means that they would be ignoring abuse reports as SpamCop would (in the case of Yahoo or Gmail) send a great many abuse reports

It is obvious that if this is happening one should look for a reliable service (I suggest Hotmail for a free service)

Share this post


Link to post
Share on other sites
If it is the SCBL it should be the IP sending the spam that gets blocked

42674[/snapback]

The IP meaning the X-originating-IP?

It is obvious that if this is happening one should look for a reliable service (I suggest Hotmail for a free service)

42674[/snapback]

So hotmail is more reliable than yahoo webmail?

BTW, the server giving the error message is mail.chello.nl. They told me they're using SpamCop.

Share this post


Link to post
Share on other sites

I am not sure what you mean by X-originating IP. The way the spamcop parser determines the IP address is to look at each header line until it comes to one that is bogus. It then sends a report to the last legitimate IP address.

Yahoo and Gmail don't configure headers in the way that spamcop can identify the IP address that the spam came from (or allow spammers) so they are often on the spamcop list.

Hotmail does configure headers in a way that spamcop can identify the spammer IP address.

There are other web mail addresses that can be used, but I don't know any offhand - I think excite is still free. However, your father in law can just have a hotmail account for sending mail to you (and any other spamcop using ISPs) and keep his yahoo account for other email.

The yahoo, gmail, and even occasionally a hotmail server don't stay on the scbl for very long. So unless the email is time sensitive, he can just keep trying and eventually it will go through.

Miss Betsy

Share this post


Link to post
Share on other sites

X-originating-IP is a header I found in a webmail (hotmail, by the way) that contains the IP of the actual sender (that is, the IP of the computer/host/router/gateway through which the web browser used to access the webmail communicates)

Otherwise I assume that the originating IP of yahoo/hotmail/webmail posts would be some server belonging to the respective webmail operators' servers.

I would normally assume that X-originating-IP (nonstandard?) is entirely left out of the question by spamcop, so that you could send mail from any pc from any location without regard to the IP address assignet to you, as long as you could trust your web mail provider.

But I'm not sure now. :blink:

Share this post


Link to post
Share on other sites
I would normally assume that X-originating-IP (nonstandard?) is entirely left out of the question by spamcop, so that you could send mail from any pc from any location without regard to the IP address assignet to you, as long as you could trust your web mail provider.

42679[/snapback]

I believe if spamcop trusts the immediate sending server (hotmail's server), then it will check for an "X-originating-IP" line or a prior "Received: from" line to find the original source of the message. If it does not trust the last "Received: from" line, then it uses that IP address, as all prior "Received: from" lines are potentially forged.

Share this post


Link to post
Share on other sites
<snip>

I would normally assume that X-originating-IP (nonstandard?) is entirely left out of the question by spamcop,

<snip>

42679[/snapback]

...If I understand correctly how the SpamCop parser works (it uses only RFC-compliant headers and X- headers are not RFC-compliant), you are correct.

Share this post


Link to post
Share on other sites
X-originating-IP is a header I found in a webmail (hotmail, by the way) that contains the IP of the actual sender (that is, the IP of the computer/host/router/gateway through which the web browser used to access the webmail communicates)

Otherwise I assume that the originating IP of yahoo/hotmail/webmail posts would be some server belonging to the respective webmail operators' servers.

I would normally assume that X-originating-IP (nonstandard?) is entirely left out of the question by spamcop, so that you could send mail from any pc from any location without regard to the IP address assignet to you, as long as you could trust your web mail provider.

But I'm not sure now.  :blink:

42679[/snapback]

I think that is the problem with gmail is that they don't put that X-originating-IP so the gmail server is always the one picked. I am not an expert on headers (though I can parse very simple ones). Therefore, I really can't guess at what is happening.

All I know from forum conversation is that yahoo is not proactive about preventing spam from leaving their network. I don't think they are precisely spam friendly, but they don't seem to particularly care whether they get blocked by spamcop or not or in fixing the problems that get them blocked. Too many ISPs will whitelist yahoo so that customers don't complain and so yahoo is not getting complaints from people like your father-in-law about yahoo's service.

You can check to see whether it is yahoo or the internet cafe by entering those IP addresses in the blocklist lookerupper found on the spamcop web page. Since spamcop is dynamic, either or both may have aged off the blocklist by now.

You could also get a hotmail address (or a yahoo one) where he could email you.

Good Luck in keeping in touch with your father-in-law.

Miss Betsy

Share this post


Link to post
Share on other sites
X-originating-IP is a header I found in a webmail (hotmail, by the way) that contains the IP of the actual sender (that is, the IP of the computer/host/router/gateway through which the web browser used to access the webmail communicates)

But I'm not sure now.   :blink:

42679[/snapback]

The IP source in a PROPERLY configured mail server should stamp that address. Far to many ISP's do not have competently set-up email servers as such should not be used. Do not automatically accept the email address your ISP tries to force upon you

A Properly configured email server will show where the email was sourced from. In the link shown it shows SpamCop tracing back to my personal computer [iP 210.50.143.21] which is all that SpamCop wants to "block". ALL properly and competently set-up email servers will stamp this IP source If they do not they are simply spam friendly junk do not use them

Share this post


Link to post
Share on other sites

See http://www.jufsoft.com/whereisip/mailclient.asp (caution broken English :) Another provider adding the X-originating-IP line is attglobal. Very useful - checking parsing is then largely just a matter of looking at the few cases where the X-originating-IP is not the same as the spam source found by the parser. Like any X-line it can be forged though ...

Share this post


Link to post
Share on other sites
  Like any X-line it can be forged though ...

42759[/snapback]

This (x-line forgeries) is done/tried by an annoyed spammer but does not fool SpamCop at all

http://mailsc.spamcop.net/sc?id=z941425357ze1bb0c213a0b2591ee9dcb29ffb0e914z

This spammer annoyed at me closing all his porn web sites and the links they went to has/is attempting to Joe Job various websites.

All spammer is doing is closing the hole he and other spammers posts through. As well as chancing the legal wrath of Microsoft (who I notify)

Share this post


Link to post
Share on other sites
This (x-line forgeries) is done/tried by an annoyed spammer but does not fool SpamCop at all ...

42761[/snapback]

Alternate link http://www.spamcop.net/sc?id=z941425357ze1...9dcb29ffb0e914z

I don't know enough to know which of those x-lines might be forged or what the benefit might be to so do (some Received: lines and the From: line obviously but you are talking something else?) but no matter, well done. If they go to the trouble to make it personal, they're well worth a slap.

Share this post


Link to post
Share on other sites
Alternate link http://www.spamcop.net/sc?id=z941425357ze1...9dcb29ffb0e914z

I don't know enough to know which of those x-lines might be forged or what the benefit might be to so do (some Received: lines and the From: line obviously but you are talking something else?) but no matter, well done.  If they go to the trouble to make it personal, they're well worth a slap.

42762[/snapback]

I have a hotmail account which is more of a spamtrap but I do also use it as point of first email contact to check if they pass email address on

I'm not sure either as to what injecting a Brazil IP 200.241.35.79 means either? but this clowns spam software does (different IP's for each spam)

What Microsoft and Ironport SpamCop's owners amongst many others do, do is set up Honey Pots and computers in various countries they allow to get "Zombie" infected then track the sending computer where they do get the residential address

Ironport seem to have been behind the conviction of this spammer To me there is no doubt they and most others also use spam reports sent through SpamCop to further track these culprits down

Share this post


Link to post
Share on other sites

Hi all,

I received the error message from my father in law, and found that the culprit is the server at yahoo.

web27705.mail.ukl.yahoo.com

and a bunch of others staring with web#####.

W0llys (aka Wollys)

Share this post


Link to post
Share on other sites

web27705.mail.ukl.yahoo.com

For that specific address:

217.146.177.239 listed in bl.spamcop.net (127.0.0.2)

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 19 hours.

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam less than 10 times in the past week

Share this post


Link to post
Share on other sites

For that specific address:

217.146.177.239 listed in bl.spamcop.net (127.0.0.2) ...

And, unfortunately, it is not the first time, nor does it lack company:

Listing History

In the past 14.1 days, it has been listed 9 times for a total of 9.2 days

Other hosts in this "neighborhood" with spam reports

217.146.176.240 217.146.176.241 217.146.176.249 217.146.176.250 217.146.176.251 217.146.177.2 217.146.177.7 217.146.177.12 217.146.177.36 217.146.177.38 217.146.177.39 217.146.177.40 217.146.177.41 217.146.177.42 217.146.177.55 217.146.177.63 217.146.177.64 217.146.177.65 217.146.177.66 217.146.177.67 217.146.177.68 217.146.177.69 217.146.177.75 217.146.177.79 217.146.177.90 217.146.177.162 217.146.177.163 217.146.177.164 217.146.177.166 217.146.177.168 217.146.177.169 217.146.177.170 217.146.177.171 217.146.177.173 217.146.177.174 217.146.177.175 217.146.177.176 217.146.177.177 217.146.177.178 217.146.177.179 217.146.177.180 217.146.177.181 217.146.177.182 217.146.177.183 217.146.177.184 217.146.177.185 217.146.177.186 217.146.177.187 217.146.177.188 217.146.177.189 217.146.177.190 217.146.177.191 217.146.177.220 217.146.177.221 217.146.177.222 217.146.177.223 217.146.177.224 217.146.177.225 217.146.177.226 217.146.177.227 217.146.177.228 217.146.177.229 217.146.177.230 217.146.177.231 217.146.177.232 217.146.177.233 217.146.177.234 217.146.177.235 217.146.177.236 217.146.177.237 217.146.177.238 217.146.177.240 217.146.177.241 217.146.177.242 217.146.177.243 217.146.177.244 217.146.177.245 217.146.177.246 217.146.177.247 217.146.177.248 217.146.177.249

Share this post


Link to post
Share on other sites

My ISP have informed me that they can't do anything for me, and that I should contact the owner of the server web27705.mail.ukl.yahoo.com :)

But wouldn't it be possible to put an spam-flag/header in the mail, so that the users themselves could decide if they wanted to block or filter the mail?

Share this post


Link to post
Share on other sites

My ISP have informed me that they can't do anything for me, and that I should contact the owner of the server web27705.mail.ukl.yahoo.com :)

But wouldn't it be possible to put an spam-flag/header in the mail, so that the users themselves could decide if they wanted to block or filter the mail?

That would be something that only your ISP could do .. if they wanted to, if it was a capability of their software, etc. .... the typical term used is called "whitelisting" ... From the sounds of it, your ISP is not going to whitelist Yahoo servers ....

There are many other possible soultions ... the easiest would seem to be that you get a Yahoo account also, then the e-mail would be going from Yahoo to Yahoo ... they are hardly going to block themselves .... (hmmm, that may not be giving them full credit ..??)

Does your ISP account include a web page? Toss up some software that would allow posting (be prepared to be spammed of course) and handle some traffic that way ....

Both of you switch accounts to somewhere else ...

The issue of Yahoo not doing enough to keep their IP addresses off of various BLs has been pretty much beat to death ....

Share this post


Link to post
Share on other sites

Isn't it the responsibility of spamcop to inform its subscribers/users (??) of the possible ways of handling potential spam email?

Anyway, here is my take on spamcop :D:D:D

Your post advocates a

(x) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from

state to state.)

( ) Spammers can easily use it to harvest email addresses

(X) Mailing lists and other legitimate email uses would be affected

( ) No one will be able to find the guy or collect the money

( ) It is defenseless against brute force attacks

( ) It will stop spam for two weeks and then we'll be stuck with it

(X) Users of email will not put up with it

( ) Microsoft will not put up with it

( ) The police will not put up with it

( ) Requires too much cooperation from spammers

( ) Requires cooperation from too many of your friends and is counterintuitive

(X) Requires immediate total cooperation from everybody at once

(X) Many email users cannot afford to lose business or alienate potential employers

( ) Spammers don't care about invalid addresses in their lists

( ) Anyone could anonymously destroy anyone else's career or business

( ) Ideas similar to yours are easy to come up with, yet none have ever worked

( ) Other: Extremely limited approach

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it

( ) Lack of centrally controlling authority for email

( ) Open relays in foreign countries

( ) Ease of searching tiny alphanumeric address space of all email addresses

(X) Asshats

( ) Jurisdictional problems

( ) Unpopularity of weird new taxes

( ) Public reluctance to accept weird new forms of money

( ) Huge existing software investment in SMTP

( ) Susceptibility of protocols other than SMTP to attack

( ) Willingness of users to install OS patches received by email

(X) Armies of worm riddled broadband-connected Windows boxes

( ) Eternal arms race involved in all filtering approaches

( ) Extreme profitability of spam

( ) Joe jobs and/or identity theft

( ) Technically illiterate politicians

( ) Extreme stupidity on the part of people who do business with spammers

( ) Dishonesty on the part of spammers themselves

( ) Bandwidth costs that are unaffected by client filtering

( ) Outlook

( ) Other:

and the following philosophical objections may also apply:

( ) Any scheme based on opt-out is unacceptable

( ) SMTP headers should not be the subject of legislation

(X) Blacklists suck

( ) Whitelists suck

( ) We should be able to talk about Viagra without being censored

( ) Countermeasures cannot involve wire fraud or credit card fraud

( ) Countermeasures cannot involve sabotage of public networks

( ) Sending email should be free

(X) Why should we have to trust you and your servers?

( ) Incompatiblity with open source or open source licenses

( ) Feel-good measures do nothing to solve the problem

( ) Temporary/one-time email addresses are cumbersome

( ) I don't want the government reading my email

( ) Killing them that way is not slow and painful enough

( ) Other:

Furthermore, this is what I think about you:

(X) Nice try, dude, but I don't think it will work.

( ) This is a stupid idea, and you're a stupid person for suggesting it.

( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Share this post


Link to post
Share on other sites

Your post advocates a

(x) technical

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from

state to state.)

(X) Mailing lists and other legitimate email uses would be affected

But only to the point that they would need to use another means of email if their message were taht important. SMTP is not guaranteed.

(X) Users of email will not put up with it

Most actually embrace the idea when it is presented because it allows them to know their message did not make it. Most systems simply drop the message and no body even knows.

(X) Many email users cannot afford to lose business or alienate potential employers

Many find it more cost effective to eliminate the 80.7-76.5% of messages that are spam so they can get some real work done. I know our company has (and that is where that number came from, the last week and last days worth of spam dropped, no complaints...that's my job too).

Specifically, your plan fails to account for

(X) Armies of worm riddled broadband-connected Windows boxes

Sure it does, they become listed and the messages are not received

and the following philosophical objections may also apply:

(X) Blacklists suck

Your opinion, and you are welcome to it.

(X) Why should we have to trust you and your servers?

No one is asking you to, but spamcops methods are in the FAQs for anyone interested. The only thing they hide feircely is the identity of their spamtrap accounts.

Furthermore, this is what I think about you:

(X) Nice try, dude, but I don't think it will work.

It already is, and quite nicely I might say

Share this post


Link to post
Share on other sites
Isn't it the responsibility of spamcop to inform its subscribers/users (??) of the possible ways of handling potential spam email?

I'm lost, actually. There is the Original "official" SpamCop FAQ, there's the one bult here that includes much additiona data, there's a Forum section set aside for folks wanting to expand that even further, I just made some code changes to fix the BOLD link on the Forum front page that pints to an Overview of the SpamCop.net system .. there are entries on how ro ser up servers, how to install thrid-party tools on a "personl" system, what the SpamCopDNSBL us, how it's developed, and how to use it ....

Specifically, Yahoo server issues already have multiple discussions in place here ....

You talked about a "problem" .... siggested work-arounds have been tossed out ..

From your "list selections" I'm having to go with that you have not read (or possibly not understood) the FAQ data provided.

Yet you clutter this discussion up with somethng that basically boils down to your remark that "it won't work" ... yet don't actually define what the "what" is ....

Once again, as stated in many, many places .. the SpamCopDNSBL is a list, period. If an ISP chooses to use it, that's the decision of that ISP. You've chosen to (continue to) use an ISP that has chosen to use that BL in a blocking fashion. Not quite understanding why you seem to think that this is "my" problem ....

Share this post


Link to post
Share on other sites

Isn't it the responsibility of spamcop to inform its subscribers/users (??) of the possible ways of handling potential spam email?

It does. ISPs who use it may not pass that information to their users.

Your post advocates a

(x) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from

state to state.)

Since the internet is international, laws won't work so the only way that fighting spam is effective is technical. Spamcop and other blocklists are the natural way for a netiquette based system to fight unwanted email. If ISPs used some PR, blocklists could also be marketbased since customers would be informed and would demand reliable, competent email service that was neither blocked nor received undue amounts of spam.

(X) Mailing lists and other legitimate email uses would be affected

Yes they are affected and have developed ways to ensure delivery.

(X) Users of email will not put up with it

If email users understood how effective it is, they would demand the service. Anyone who asks a correspondent to receive email from them when it is shown that they are sending from a spammy IP address is asking the equivalent of sending a package by a carrier who also insists on delivering several greasy, dirty packages crawling with bugs for every legitimate package. A person would be horrified to discover that his package was accompanied by these dirty packages and would do something about - complain to the carrier or change carriers. No one would insist that the recipient accept all the dirty packages just to receive one legitimate package.

(X) Many email users cannot afford to lose business or alienate potential employers

For those who want to receive all their email, there are services and programs (such as the spamcop email service) that will tag potential spam. Returning the email at the server is more efficient because the sender gets a message that the email has not been delivered.

Specifically, your plan fails to account for

The only thing that the plan fails to account for, IMHO, is how to educate end users. Any competent ISP understands and uses blocklists.

and the following philosophical objections may also apply:

(X) Why should we have to trust you and your servers?

You don't. That's the beauty of blocklists. My server, my rules. As an end user, you have to choose a server admin who shares your philosophy. No one has to use spamcop, however, many do because it does identify IP addresses where spam originates. The internet is based on netiquette. Miss Manners says the way to treat those who are rude is the 'cut direct' and blocklists are the internet equivalent.

Furthermore, this is what I think about you:

(X) Nice try, dude, but I don't think it will work.

It is the accepted way of dealing with spam by those who administer servers.

Miss Betsy

Share this post


Link to post
Share on other sites

I admit that I have only skimmed the FAQs and read-me's.

And I know that there is already a huge yahoo-thread that probably covers most of the issues.

I guess that makes me another YAHOO ranting about yahoo... :rolleyes:

Some of you have probably blacklisted my nick already :D

(BTW, the spam-solution-form was an attempt at humor - but I think that it did have some valid/interesting points)

here's some more:

1) your measures are to harsh

2) the regular user can't always easily switch ISP

3) the regular user can't always easily change his/her contact point (email address)

4) the ISP ought to inform its subscribers that it is using a BL in a blocking manner

5) the ISP ought to read the FAQs on this forum (I'm not sure if mine has! :) )

Share this post


Link to post
Share on other sites

I admit that I have only skimmed the FAQs and read-me's.

And I know that there is already a huge yahoo-thread that probably covers most of the issues.

I guess that makes me another YAHOO ranting about yahoo... :rolleyes:

Well, there's nothing like steppimg into a pile of something because one didn't survey the area first. Why not take the time to read some of that stuff before jumping in with some bad information?

(BTW, the spam-solution-form was an attempt at humor - but I think that it did have some valid/interesting points)

Perhaps your opinion .. I fail to see the humour involved after so many folks have spent the time to offer information, suggestions, explanations, etc.

here's some more:

1) your measures are to harsh

2) the regular user can't always easily switch ISP

3) the regular user can't always easily change his/her contact point (email address)

4) the ISP ought to inform its subscribers that it is using a BL in a blocking manner

5) the ISP ought to read the FAQs on this forum (I'm not sure if mine has! :) )

1) as compared to what?

2) no one 'here' said directly to switch ISPs (though that is an option) .. most suggestions were about another e-mail provider ...

3) doesn't seem like an issue if one is talking about a freebie Yahoo account ...???? and again, this conversation / discussion is about an individual trying to correspond with a family member ... take the "universal Yahoo stuff" to the Yahoo discussion please ...

4) and the user should know / learn enough to ask the questions ....

5) also included in the above remark .... the ISP may be perfectly happy with the way they set things up.

Share this post


Link to post
Share on other sites

<snip>

Some of you have probably blacklisted my nick already :D

That's called something else 'killfile' is one word. I don't ever ignore users on the ng or the forum - though I admit if I am in a hurry, I won't bother reading posts from certain persons.

(BTW, the spam-solution-form was an attempt at humor - but I think that it did have some valid/interesting points)

here's some more:

1) your measures are to harsh

2) the regular user can't always easily switch ISP

3) the regular user can't always easily change his/her contact point (email address)

4) the ISP ought to inform its subscribers that it is using a BL in a blocking manner

5) the ISP ought to read the FAQs on this forum (I'm not sure if mine has! :) )

You can have multiple email addresses. I have 3 hotmail accounts; two webmail accounts plus the two that come with my ISP (how I connect to the internet).

The suggestion was that you sign up with yahoo to communicate with your father-in-law. It's free. Yahoo won't block yahoo traffic.

And yes the ISP ought to inform its subscribers that it is using a bl to block email. However, typical ISPs don't have good communication skills, it seems to me. If they told their users in the right way, the users would be enthusiastic. But they think that all end users are ignorant, uneducable doofuses and won't understand the value of blocklists because they won't read the information carefully and will just complain.

Miss Betsy

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×