Jump to content


  • Posts

  • Joined

  • Last visited

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Location
    California, USA

eric's Achievements


Member (2/6)



  1. Email forwarding is also not working. I'm set up to send my incoming email to Spamcop Email service for filtering, then they send the ham back to me at a secret email address. Nothing has come back from CES since about 9:30AM PDT today.
  2. [also posted on spamcop.mail newsgroup] No mail is being accepted for filtering at the Spamcop mx: [deleted][at]spamcop.net... Connecting to mx.spamcop.net. via esmtp... 220 mxin1.cesmail.net ESMTP >>> EHLO mail.[deleted].com 250-mxin1.cesmail.net 250-PIPELINING 250-8BITMIME 250 SIZE 0 >>> MAIL From:<[deleted]> SIZE=4578 250 ok >>> RCPT To:<[deleted]> >>> DATA 250 ok 354 go ahead >>> . 451 qq internal bug (#4.3.0) [deleted]... Connecting to mx2.spamcop.net. via esmtp... 220 mx70.cesmail.net ESMTP >>> EHLO mail.[deleted].com 250-mx70.cesmail.net 250-PIPELINING 250-8BITMIME 250 SIZE 0 >>> MAIL From:<[deleted]> SIZE=4578 250 ok >>> RCPT To:<[deleted]> >>> DATA 250 ok 354 go ahead >>> . 451 qq internal bug (#4.3.0) [deleted][at]spamcop.net... Deferred: 451 qq internal bug (#4.3.0) This seemed to start today at about 13:51 PST, and is still happening as of 15:29 PST. It appears to be an error at both cesmail MX hosts. As far as I can tell, this error is generated by qmail under some circumstances when it can't process an incoming SMTP transaction. No clue from the outside what the problem might be that started causing this just seconds after a successful SMTP message handoff.
  3. Here's another report. We are getting "451 qq internal bug (#4.3.0)" errors from mxin1.cesmail.net and possibly others. mx71.cesmail.net seems to accept incoming mail OK, haven't seen mail this morning processed by other MX servers.
  4. Definitely down, perhaps a local disk failure: telnet mx2.spamcop.net 25 Trying Connected to mx2.spamcop.net ( Escape character is '^]'. 421 unable to read controls (#4.3.0) Connection closed by foreign host. Can't receive new email, either, since our email is filtered by SpamCop mail. I would hope that loud alarms and pager pings go off when this kind of error occurs, but it's been at least 7.5 hours now.
  5. I have an email filtering account set up to filter all my email and forward it to a secret email address. Starting last night I'm seeing these errors while forwarding email to SC: Oct 12 08:40:17 mail sendmail[2124]: l9BHgrml019814: to=[me][at]spamcop.net, [user1][at]spamcop.net, delay=21:53:14, xdelay=00:00:00, mailer=esmtp, pri=2494409 , relay=mx2.spamcop.net., dsn=4.0.0, stat=Deferred: Connection reset by mx2.spam cop.net. Oct 12 08:40:17 mail sendmail[2124]: l9BHStOx019627: to=[me][at]spamcop.net, del ay=22:11:05, xdelay=00:00:00, mailer=esmtp, pri=2501800, relay=mx2.spamcop.net., dsn=4.0.0, stat=Deferred: Connection reset by mx2.spamcop.net. Oct 12 08:40:18 mail sendmail[2126]: l9CFeDOD002123: to=<quick.64TA0gYbpcQMPWYl[at] spam.spamcop.net>, ctladdr=<mail[at]mail.abcstuff.com> (8/12), delay=00:00:03, xdel ay=00:00:03, mailer=esmtp, pri=121815, relay=vmx2.spamcop.net. [], d sn=2.0.0, stat=Sent (ok: Message 1736896502 accepted) Oct 12 08:43:38 mail sendmail[2180]: l9CFhKBo002178: to=[user2][at]spamcop.net, delay= 00:00:05, xdelay=00:00:01, mailer=esmtp, pri=81112, relay=mx.spamcop.net. [64.88 .168.71], dsn=4.2.0, stat=Deferred: 450 Delivery delayed temporarily (#4.7.1) Oct 12 08:43:38 mail sendmail[2180]: l9CFhKBo002178: mx.spamcop.net.: SMTP DATA- 1 protocol error: 250 ok Roughly 50% of emails getting forwarded to SC for filtering are being rejected variously with "Connection reset", "Delivery delayed temporarily", or "protocol error" 4xx error status. The pattern seems to be that MX servers with names of the form "vmx*.spamcop.net" work fine, but servers "mx1.spamcop.net" and "mx2.spamcop.net" are not accepting incoming SMTP transactions from our mail server at Only mx.spamcop.net and mx2.spamcop.net are published in the DNS, I assume SC has some internal load balancing behind those two public names. If MX servers mx1 or mx2 come up in the rotation, the transaction fails. On an immediate manual rerun of the queue, the same message that had just been rejected is accepted by a different SC MX server. Maybe something needs a whack on the side?
  6. No, you miss the point. I have some number of email correspondents who, for better or worse, are stuck with ISPs that are listed on the SCBL from time to time. For example: AOL, Earthlink, etc. I am not about to whitelist the entire sending domain, but I would like to whitelist the addresses I expect to receive email from. A common starting point for that list is addreses to which I have sent email, plus addresses from which I have received email that I accepted. I would like to upload a list of those addresses in bulk. As time goes by, addresses on that list will become obsolete, and I would like to be able to delete them from the list. Paging through 35+ web pages is not my idea of the most efficient way to do this, especially if the one I am looking for ends up at the end of the list in sorted order. I guess I don't understand *your* premise! Are you claiming that you never receive email from anyone at a large ISP that gets itself listed, but that you want to whitelist so that the email gets through without delay? (or even worse, doesn't get through because it is buried in a pile of real spam, not false positives?)
  7. I know this has been mentioned from time to time in the past, but the SC email whitelist interface needs work, and now it's time. With the dramatic increase in spam of late, and the higher (in my personal experience) SCBL listing of certain ISPs causing desired mail to be blocked, the interface to the whitelist feature really needs to be augmented. The current interface simply doesn't scale. It would suit my needs if I could upload a text file of the same strings that are now used by the whitelist function, and have my uploaded list entirely replace the installed whitelist on my SC email account. With a matching download to text file capability, I can download the current whitelist, edit it to remove entries, widen/narrow the string match, and add lots of new names, then upload the new whitelist. With more ISPs getting listed due to p0wned boxen and whatever, the whitelist is even more important than ever to expedite desired email from senders stuck on those ISPs. When will this long-requested feature request be acknowledged, and maybe even scheduled?
  8. I wonder... since the "rule" says would it be sufficient to parse the spam both ways, with and without the so-called extraneous headers in question, and see if the results of the parse are in any way different? Cancel one, submit the other. If all reports and reporting addresses are the same for the two parses, then nothing was done to change what SpamCop found or did not find.
  9. Was working for me just fine at about 1700 PDT. Then on my next attempt to access at about 1830 PDT I got the "Connection refused" error from my browser. Still the case at 2200 PDT, five hours down and counting. Can't even telnet to port 80 on webmail.spamcop.net, connection refused. He's dead, Jim.
  10. I don't use Popgate, but in Internet tradition I'll take a stab in the dark I've seen this same behavior with our Eudora users if the local Eudora file gets "confused" i.e. loses its hash of MsgIDs which have been downloaded, and email messages get downloaded again (and again...). The downloaded duplicates are marked as "read", but they are downloaded as "new". New, but "already read". Since the POP client decides which of the available messages to download, I would tend to suspect a problem with Popgate losing its local database/hash of old messages, rather than a POP server problem.
  11. (Steering only slightly off-topic) This kind of thing is why I'm glad that the registrar I use for several domains (company as well as "vanity domains" for family and friends) has an automatic renew feature. If I keep credit card information on file with them, they'll automatically renew domains when they come up. That way I don't need to worry about forgetting, or being away on vacation for 2 critical weeks. Probably many registrars do this now, but it used to be rare. Even Network Solutions does it, I believe, although I certainly would not recommend them to anyone who is not already stuck with them. The registrar I do recommend, and use myself, is GoDaddy. <oblig>No connection, just a satisfied user.</oblig> A customer who was frustrated no end by NetSol's failure to respond to numerous technical issues over time, and thereby became an ex-customer of Network Solutions.
  12. [this comment probably should move over to the FAQ Under Construction forum] True enough, but the subject of uber-munging is not found by the Forum search function (until my original post in this topic/thread). Even the word "uber" only appeared twice, and not in the context of munging. In fact, if I click on the "Forum FAQ" link at the top of the page, and use my browser to search for the word "mung", it shows up only once in the whole FAQ page, in what turns out to be an answer to an ISP's question, not a typical SC user's question. A search for the word "mung" using the Forum search feature returns way too many results to be useful. The FAQ topic you suggested, about "mole" reporting, does not itself contain the word "mung". It is necessary to know to search the FAQ for one word or another, and if you don't know the magic word, you can't readily find the answer. That FAQ really seems to be intended to answer the question posed by someone who saw that term and doesn't know what it means. What I hear a need for many times is kind of the inverse, where the questioner knows some words which describe a concept, but don't know the correct term for it. I know just how hard this can be, since for my company web site search engine I have to try to come up with all the possible words someone might use to describe something they are looking for, when they don't know the correct "magic" word to use. Kind of like going into a hardware store to find a part when you don't know its proper name (and can't bring in a sample). Drives hardware store people crazy trying to figure out exactly which "doohickey" is the right one! It seems like there have been numerous posts here by someone asking a question, the answer given is "see the FAQ", but even a simple text search of the FAQ using words used in the question comes up empty. In this specific case, please consider these suggestions for the FAQ: - change the title of 'what is "mole" reporting' to something like 'what is "mole" reporting (see also "hiding your identity when reporting spam") - I gather that the original FAQ entries, of which the "mole" reporting is an example, are not easily edited because the individuals who have authorization are overloaded with other more important work. Otherwise, it would be good to add some "see also xx" cross-links. A good one here would be for the "mole reporting" FAQ to have a link to a new FAQ describing the spam Munging preferences option (which does not appear to be described in any FAQ, old or new, that I can find today). - add a new entry "hiding your identity when reporting spam" which describes the built-in munging options in the reporting User Preferences (namely "Obscure identifying information", "Leave spam copies intact", and "Become a "mole" - Don't even send reports (mostly pointless)". Good place to have cross-links to the above-mentioned 'what is "mole" reporting' FAQ, and to the proposed new "what is uber-munging?" entry - add a new entry "what is uber-munging" which might be derived from one of Mike Easter's descriptions. Unfortunately, I did not save any of them, and they seem to have expired off the NNTP server. Perhaps Mike can cons one up from his archive? Anyway, this is all meant as constructive suggestions to help people who come in here not knowing what they are looking for. For my company search engine, I try to ask as many "non-experts" as possible for the words they would use to describe something I'm holding in front of them; then I try to embed those words into my description. Sometimes it goes into an HTML comment, so it is searchable but doesn't clutter up the screen.
  13. The Preview Reports screen shows all the reports that will be sent, one after the other. I have my preferences set to mung, and the reports I just previewed do mung most of the appearances of my recipient address. Other clearly identifiable identifiers do not get munged -- my full name, my phone number, city name, whatever else the particular spam might have added. Could be to facilitate listwashing, could be to make the spam seem more "legitimate". If those un-munged identifiers are bothersome, see Mike Easter's discussions of "uber-munging" in the SpamCop newsgroups. I couldn't find any similar references here in the forum. Basically, it comes down to being impossible to completely remove any trace of which spam is being reported (and therefore which email address it was sent to). Even the number of spaces between words can be used to encode your identity for the spammer. Those garbage apparently-random letters might be an attempt to fool Bayesian filters, or they might encode an identifier. There's really no way for you to know for sure.
  • Create New...