david.thomas Posted June 16, 2008 Share Posted June 16, 2008 Hi, Email from our PowerMTA email server has generated problem stating we are running an open proxy on the server. The port 8080 had been open on the server but has now been closed by a firewall. Is there anyway to perform the same test Spamcop did to verify the problem has been resolved? The IP address in question is 83.137.133.216. Thanks, David Link to comment Share on other sites More sharing options...
agsteele Posted June 16, 2008 Share Posted June 16, 2008 Email from our PowerMTA email server has generated problem stating we are running an open proxy on the server. The port 8080 had been open on the server but has now been closed by a firewall. Is there anyway to perform the same test Spamcop did to verify the problem has been resolved? The IP address in question is 83.137.133.216 Is there a particular reason why you believe that the open proxy report came from SpamCop? At this point your IP is not listed in the SCBL. There is only one report from a user for your IP in the last 90 days. There may have been spam-trap reports that aren't open to the public to view. You are, however, listed at cbl.abuseat.org and pbl.spamhaus.org You'll have to deal with those lists through their own operators. Andrew Link to comment Share on other sites More sharing options...
david.thomas Posted June 16, 2008 Author Share Posted June 16, 2008 Is there a particular reason why you believe that the open proxy report came from SpamCop? At this point your IP is not listed in the SCBL. There is only one report from a user for your IP in the last 90 days. There may have been spam-trap reports that aren't open to the public to view. You are, however, listed at cbl.abuseat.org and pbl.spamhaus.org You'll have to deal with those lists through their own operators. The reason is we received the email with the following details [spamCop (83.137.133.216) id:3200297675] but thank you for your thoughts regarding the problem. We are aware of the CBL & PBL issues and are following that up with the respective groups. Link to comment Share on other sites More sharing options...
Farelf Posted June 16, 2008 Share Posted June 16, 2008 ...The port 8080 had been open on the server but has now been closed by a firewall. Is there anyway to perform the same test Spamcop did to verify the problem has been resolved?Hi David, can't help with the specific process used by SC but discussions here usually suggest the telnet relay-test.mail-abuse.org - as suggested http://forum.spamcop.net/forums/index.php?...ost&p=27379 other resources are shown in http://spamlinks.net/prevent-secure-relay-test.htm HTH [added on edit - a test with http://www.antispam-ufrj.pads.ufrj.br/cgi-...=83.137.133.216 was inconclusive. It appears to show an accepted relay in Test 8 but that is no proof by itself.] Link to comment Share on other sites More sharing options...
agsteele Posted June 16, 2008 Share Posted June 16, 2008 The reason is we received the email with the following details [spamCop (83.137.133.216) id:3200297675] but thank you for your thoughts regarding the problem. That represents one report (probably the one I found) but one report would not constitute an entry in the SCBL. Andrew Link to comment Share on other sites More sharing options...
StevenUnderwood Posted June 16, 2008 Share Posted June 16, 2008 That represents one report (probably the one I found) but one report would not constitute an entry in the SCBL. And SpamCop itself does not test for open proxies. It does submit to other tests (by other blocklists) those that show signs of being submitted through an open proxy. Link to comment Share on other sites More sharing options...
turetzsr Posted June 16, 2008 Share Posted June 16, 2008 Hi, David, and welcome! And SpamCop itself does not test for open proxies. <snip> ...Nor would SpamCop list your server solely because it met an open proxy test. See SpamCop FAQ (there's a link to it near the top left of each SpamCop Forum page) entry labeled "What is on the list?." Link to comment Share on other sites More sharing options...
DavidT Posted June 17, 2008 Share Posted June 17, 2008 The reason is we received the email with the following details [spamCop (83.137.133.216) id:3200297675] but thank you for your thoughts regarding the problem. None of us can see the email report referenced by that ID number, but I rather doubt that it was telling you that you had an open proxy...perhaps it only mentioned the possibility. In any case, it wasn't the result of a test, but rather a specific piece of email reported as spam by a SpamCop user. DT Link to comment Share on other sites More sharing options...
Farelf Posted June 17, 2008 Share Posted June 17, 2008 That represents one report (probably the one I found) but one report would not constitute an entry in the SCBL.Yeah, would have to be the same one AndrewReport History: -------------------------------------------------------------------------------- Submitted: Monday, 16 June 2008 7:45:20 PM +0800: Work with Russian overseas property partners 3200297675 ( 83.137.133.216 ) To: ripe[at]pure360.com None of us can see the email report referenced by that ID number, ...True enough but just for the benefit of new users, the foregoing limited detail can be pulled up by entering the report number in the "Jump to report ID:" box in any member's "Past Reports" tab on the member (log in) page. Link to comment Share on other sites More sharing options...
Merlyn Posted June 17, 2008 Share Posted June 17, 2008 Email from our PowerMTA email server has generated problem stating we are running an open proxy on the server. The port 8080 had been open on the server but has now been closed by a firewall. Is there anyway to perform the same test Spamcop did to verify the problem has been resolved? The IP address in question is 83.137.133.216. Open Proxy???? I don't think so more like spamming. --------------------------------------------------- See: http://www.spamhaus.org/sbl/sbl.lasso?query=SBL65317 83.137.133.0/24 is listed on the Spamhaus Block List (SBL) 16-Jun-2008 22:16 GMT | SR04 PUR3.NET Sending not-Confirmed-Opt-In spam from most IPs in this range. Content is casino, vistaprint, etc. --------------------------------------------------- According to senderbase every IP in the /24 is in multiple blocklists. Looks like spam to me. Link to comment Share on other sites More sharing options...
Merlyn Posted June 17, 2008 Share Posted June 17, 2008 The reason is we received the email with the following details [spamCop (83.137.133.216) id:3200297675] but thank you for your thoughts regarding the problem. We are aware of the CBL & PBL issues and are following that up with the respective groups. You followed up with the cbl and it looks lke they put you back on. ------------------------------------------------------------------------------------------------------ IP Address 83.137.133.216 is currently listed in the CBL. It was detected at 2008-06-15 23:00 GMT (+/- 30 minutes), approximately 1 days, 20 hours, 30 minutes ago. It has been relisted following a previous removal at 2008-06-13 10:18 GMT ---------------------------------------------------------------------------------------------------- The problem is if you ask to be delisted you should not spam the same address again Link to comment Share on other sites More sharing options...
Merlyn Posted June 19, 2008 Share Posted June 19, 2008 David are you a customer of pur3.net? Do you work for pur3.net? do you own pur3.net? what is your involvement with pur3.net? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.