Blocked or Not?

[platone]

Hy!

I think someone is missreporting my ip in your and other spam databases.

My inernet provider keeps on giving me the same ip. I continously get blocked.

What can i do against it?

Changing my Internet provider would be a good start? I have a good reason to think they do it on purpose.

I 've checked your database if my IP is blocked, and it turned out to be not. But when I'm trying to send my e-mai through Kerio Mail Server it says: Result: delayed, Status: 4.1.8 451 4.7.1 Blacklisted by bl.spamcop.net. So, is t blocked or not? I'm confused.

Anyone can give me a good explanation for this?

Thanx.

[dra007]

Give us the IP number so we can tell you what puts it in the SCBL.

[StevenUnderwood]

First, it would be the IP address of your server, not your client.

Second, sometimes servers errors are misconfigured to point to spamcop when another BL is actually involved.

If you indicate your IP address, we may be able to help more.

[platone]

My IP is: 81.0.127.202

Thanks in advance

[StevenUnderwood]

My IP is: 81.0.127.202

That is the IP you are posting from. It would be very rare that you would be browsing from your mail server, which is the IP address we need.

host 81.0.127.202 = b202.dummy.pool.eol.hu

Microsoft Windows XP [Version 5.1.2600]

© Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Steven>nslookup

Default Server: resolver2.opendns.com

Address: 208.67.220.220

> set type=mx

> pool.eol.hu

Server: resolver2.opendns.com

Address: 208.67.220.220

Non-authoritative answer:

pool.eol.hu MX preference = 10, mail exchanger = mail.elender.hu

> set type=any

> mail.elender.hu

Server: resolver2.opendns.com

Address: 208.67.220.220

Non-authoritative answer:

mail.elender.hu internet address = 212.108.200.67

mail.elender.hu internet address = 212.108.200.82

mail.elender.hu internet address = 212.108.200.109

212.108.200.67 not listed in bl.spamcop.net

212.108.200.82 not listed in bl.spamcop.net

212.108.200.109 not listed in bl.spamcop.net

But these may not be your outgoing servers.

[platone]

First, it would be the IP address of your server, not your client.

I've posted my IP in the other topic but i post it here as well : 81.0.127.202

Hope guys you can help me:S

[platone]

That is the IP you are posting from. It would be very rare that you would be browsing from your mail server, which is the IP address we need.

host 81.0.127.202 = b202.dummy.pool.eol.hu

Hmmm...

I don't think I understand what you're saying :S I'm using dynDNS updater (software) as well. So i set up this acount "digitalgyor.dyndns.info" in my internet hostname at Kerio's domain configuration. And I'm using the same PC for mail server as I'm working on. I'also have a D-link router that has got the ip: 81.0.127.202. My router is set to DHCP so I gt the 192.168.0.180 IP.

I don't know if this information is enough to tell the problem :S

Tell me If need more info plz.

Thanks.

[StevenUnderwood]

And I'm using the same PC for mail server as I'm working on.

That is possibly your problem right there though this list is not widely used as far as I have seen. 81.0.127.202 is not listed on spamcop but is listed at: http://tqmcube.com/dnsbl/dnsbl_remove.php with a comment of: TXT= "81.0.127.202 Dynamic IP or generic rDNS. Please create a unique pointer or use your ISP`s mail service.

Many mail servers will not accept email from machines in end user space. You should be using your ISP's mail server to send your messages.

[platone]

That is possibly your problem right there though this list is not widely used as far as I have seen. 81.0.127.202 is not listed on spamcop but is listed at: http://tqmcube.com/dnsbl/dnsbl_remove.php with a comment of: TXT= "81.0.127.202 Dynamic IP or generic rDNS. Please create a unique pointer or use your ISP`s mail service.

Many mail servers will not accept email from machines in end user space. You should be using your ISP's mail server to send your messages.

The reason is why I'm using own mailserver instead of ISP's is because I simply don't trust them (and I have a good reason for that). What do you mean by "creating a unique pointer"? can you explain me how to do that.

[Farelf]

Not sure why you wanted to post in two topics (then note the information needed in one was in the other but you would repeat it anyway). DON'T DO THAT. Topics merged.

Presumably the temporary error message you quoted "Result: delayed, Status: 4.1.8 451 4.7.1 Blacklisted by bl.spamcop.net" did not include the IP address being blocked? As Steven says, 81.0.127.202 is not on the SCBL. SenderBase implies a link with pool.eol.hu and there are servers from there listed - but not by SC that I can see on a quick look. I think a "generic" error message was used, mentioning SC as the cause when that is not correct. Go back to the "rejector" for the real reason (451 would seem to be a temporary rejection code, you may even be unblocked by now).

Not a SpamCop issue, it would seem (until demonstrated otherwise).

[platone]

Not sure why you wanted to post in two topics (then note the information needed in one was in the other but you would repeat it anyway). DON'T DO THAT. Topics merged.

Presumably the temporary error message you quoted "Result: delayed, Status: 4.1.8 451 4.7.1 Blacklisted by bl.spamcop.net" did not include the IP address being blocked? As Steven says, 81.0.127.202 is not on the SCBL. SenderBase implies a link with pool.eol.hu and there are servers from there listed - but not by SC that I can see on a quick look. I think a "generic" error message was used, mentioning SC as the cause when that is not correct. Go back to the "rejector" for the real reason (451 would seem to be a temporary rejection code, you may even be unblocked by now).

Not a SpamCop issue, it would seem (until demonstrated otherwise).

Ok. Sorry, wont happen again.

I've asked for an IP removal at the URL Steven mentioned me. Hope it solves the problem for now. But I still don't understand what Steven meant by creating a unique pointer.

[Wazoo]

A number of posts edited to lose the excessive vertical white space and way too much un-needed quoted material.

A couple of basically duplicated posts deleted, which also required editing of a couple of other posts, as they included contents/pointers to those deleted posts.

Steven's "create a pointer" was the included text in a description of data found on another BL. But the concept behind that comment has already been explained, you are running an e-mail server on a "dunamic IP address" which will be blocked automagically by huge numbers of ISPs for that reason alone.

As there is confusion expressed by others, I'll go ahead and offer the simple conjecture that the other BL comments were meant to suggest the simple matter of a valid rDNS that matched the alleged sending Domain, which of course it won't .... creating an A record would also imply some 'control' over that IP address, which of course doesn't exist in this case.

[Farelf]

...But I still don't understand what Steven meant by creating a unique pointer.

Sorry, nor do I (something to do with the A record?) - Steven will, no doubt, explain in due course.

[Derek T]

The reason is why I'm using own mailserver instead of ISP's is because I simply don't trust them (and I have a good reason for that). What do you mean by "creating a unique pointer"? can you explain me how to do that.

Then get an ISP you DO trust. Sending email from dynamic space is sheer folly.

Failing that, ask ISP for a static IP.

[Wazoo]

telnet 81.0.127.202 25

220 AVG ESMTP Proxy Server 7.5.432/7.5.432 [268.15.15/581]

help

502 Error: command not implemented

helo

250 localhost Hello

12/12/06 06:21:57 Slow traceroute 81.0.127.202

Trace 81.0.127.202 ...

166.49.160.51 RTT: 189ms TTL:208 (t2a3-ge2-0.hu-bud.eu.bt.net ok)

166.49.155.130 RTT: 177ms TTL:208 (166-49-155-130.eu.bt.net bogus rDNS: host not found [authoritative])

212.108.255.221 RTT: 161ms TTL:208 (No rDNS)

81.0.72.58 RTT: 252ms TTL:208 (adsl1-bud2-f-0-0-2.net.eol.hu ok)

* * * failed

whois -h whois.ripe.net 81.0.127.202 ...

inetnum: 81.0.127.0 - 81.0.127.255

netname: ELENDER

remarks: INFRA-AW

descr: Euroweb Internet Service Provider

descr: Budaors, Hungary

country: HU

admin-c: ENA8-RIPE

tech-c: ENO7-RIPE

status: ASSIGNED PA

mnt-by: AS5561-MNT

mnt-domains: AS5561-MNT

role: Euroweb Network Administrations

address: Euroweb Internet Service Provider

address: Puskas Tivadar utca 8-10

address: H-2040 Budaors

address: Hungary

phone: +36 1 8897000

fax-no: +36 1 8897100

abuse-mailbox: abuse[at]euroweb.hu

admin-c: IM307-RIPE

tech-c: BL101-RIPE

nic-hdl: ENA8-RIPE

mnt-by: AS5561-MNT

route: 81.0.64.0/18

descr: Elender Net

origin: AS5561

mnt-by: AS5561-MNT

81.0.127.202 PTR record: b202.dummy.pool.eol.hu. [TTL 3600s] [A=81.0.127.202]

Registering here with a freemail.hu address doesn't help with trying to track things down, clear things up.

http://mailsc.spamcop.net/sc?track=81.0.127.202

Parsing input: 81.0.127.202

host 81.0.127.202 = b202.dummy.pool.eol.hu (cached)

host 81.0.127.202 = b202.dummy.pool.eol.hu (cached)

No recent reports, no history available

Report routing for 81.0.127.202: spamcop[at]sa.ew.hu

http://www.spamcop.net/w3m?action=checkblo...ip=81.0.127.202

81.0.127.202 not listed in bl.spamcop.net

http://www.senderbase.org/search?searchBy=...ng=81.0.127.202

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day ......... 1.8 .. -100%

Last 30 days ... 1.2 .... -99%

Average ......... 3.0

Network Owner Elender Inc.

Domain pool.eol.hu

Date of first message seen from this address 2004-10-27

CIDR range 81.0.127.0/24

# of domains controlled by this network owner 685

[Telarin]

You won't be able to send mail from a mailserver on a dynamic IP address reliably.

Many ISPs will reject mail outright because you are in dynamic IP space, and email should generally not originate from dynamic space. The list that you requested removal from will not likely remove you because 1) You do not own the IP address 2) The IP address is correctly listed as dynamic space.

Other ISPs require a PTR record in DNS before they will accept mail from a server. A PTR record can only be created by the ISP that controls that IP space, and cannot be created on a dynamic IP since it will change regularly.

If you want to run your own mail server, you will need to find someone with a mail server in Static space with a proper PTR record to relay your mail for you. In most cases, you can smarthost through your ISPs mailserver, but if, as you say, you don't trust them, then you will need to look for someone else to smarthost through.

[StevenUnderwood]

Sorry, nor do I (something to do with the A record?) - Steven will, no doubt, explain in due course.

As Wazoo mentioned already, and just to be very clear, that is what is returned if you query the blocklist entry for that list. It is not my wording, but theirs.

My take is that because your IP resolved to a very generic name, they are assuming it is not static and should not be hosting a server. They are also saying that if this is not the case and it is a static address that is allowed (by TOS) to have a server, then the name should be changed to a more non-generic one. If you do not control the name associated with that IP address (which is likely in this case), then you should be using ISP's assigned mail server and not sending mail direct to MX. The reason for this last part is that the bulk of spam and viruses are coming from end user machines.