Jump to content

mschmitt

Members
  • Posts

    57
  • Joined

  • Last visited

Everything posted by mschmitt

  1. I'm not sure what you're asking for here. ALSO: For some strange reason, even through this problem has been going on for months, it stopped right after I posted this forum thread! I have since received spams that were forwarded through iCloud but they no longer have the 100.x.x.x. address. Here's a recent example: https://www.spamcop.net/sc?id=z6743603637z09712024dfeec0f16cba6093bc954ffdz Now the internal iCloud hand-off is at 10.112.84.233.
  2. I've noticed that a lot of my spam is ending at a 100.x.x.x address, for example https://www.spamcop.net/sc?id=z6743104032z068b251bb86596b30e7fe37963fd992fz: The 100.64.0.0/10 address space is "Shared Address Space", intended for ISP internal use, such as in career-grade NAT. I thought that this was spammer spoofing of the headers, but when I look closer, I see that this is Apple internal iCloud routing. I ran the mail hosts test, and the probes from SpamCop to me have in part: Received: from mr85p00im-ztdg06021201.me.com (mr85p00im-ztdg06021201.me.com [17.58.23.189]) by mr85p00im-ztdg06021201.me.com (Postfix) with ESMTPS id CFA8E321282 for <xxx@xxx>; Tue, 1 Mar 2022 20:51:55 +0000 (UTC) Received: from unknown (unknown [100.108.117.178]) by mr85p00im-ztdg06021201.me.com (Postfix) with SMTP id AAA47320EB5 for <xxx@xxx>>; Tue, 1 Mar 2022 20:51:55 +0000 (UTC) Received: from mr11p00im-smtpin012.me.com by p28-mailgateway-smtp-5c9bd88869-2jm44 (mailgateway 2209B259) with SMTP id ac8a1f75-aeb2-42f2-ade8-1afa28cf6452 for <xxx@xxx>>; Tue, 1 Mar 2022 20:51:55 GMT Received: from prod-sc-www03.spamcop.net (vmx.spamcop.net [184.94.240.112]) by mr11p00im-smtpin012.me.com (Postfix) with SMTP id EC87727F9540 for <xxx@xxx>>; Tue, 1 Mar 2022 20:51:52 +0000 (UTC) So, we can see that the 100.108.117.178 header is within iCloud, and should be skipped over on the way to finding the real spam source. I forwarded this through to the mail host configuration, but it isn't showing any 100.x.x.x addresses in the mail host list.
  3. It depends on what particular thing caused each mail to be held today. For example, today mail may be caught by:SpamAssassin score exceeding limit Personal blacklist set in SpamCop email options SpamCop blacklist Other blacklists selected in the SpamCop email options (e.g. Spamhaus SBL/XBL/PBL, Composite Blocking List) Country source of email, selected in the SpamCop email options (South Korea, China, Nigeria, Argentina, and/or Brazil) Greylisting The personal blacklist is definitely no more. Notice that the Cisco Reputation Score is not in the current list. But one or more of the existing RBLs may be an input into the reputation score. SpamAssassin wouldn't be used with its current settings; it gets too many false positives. So... Cisco is not going to hold anything. Some of your current held messages will probably be blocked, but not all. Since they don't have a held mail, they can only block was it 100% certain to be spam.
  4. I'm wondering how this will affect the SpamCop block list? AFAIK, the source for the SBL is a) mail caught by spam traps, submissions through the SpamCop reporting system, and c) other mail systems & ISPs had the option of contributing to the list. Submissions to the reporting system come from a) SpamCop email subscribers who use the various methods of submitting spam (e.g. quick report from webmail, reporting held mail, etc.), Paid SpamCop reporting system subscribers who don't have SpamCop email, and c) users of the free reporting service. When the email system goes away the number of those users who still report is likely to drop. How much no one knows. To 10%? 5%? So the question is, what percentage of the total spam reports came from email subscribers? Is it a large portion? Or is it small compared to the spam traps and other reporting sources?
  5. Regarding announcement of end of SpamCopy Email... I hope the people compaining about the outages didn't ruin it for the rest of us. It says that " will be forwarded to your specified email address after spam filtering by SpamCop." How will filtering work? Will there still be a "held email" at SpamCop, but only accessible from the Held Email page? The change may not be a hardship for users who use SpamCop as their primary email address. But what about those of us that have all of our "public" email addresses forwarded to SpamCop? We can't forward from SpamCop to one of the other email systems and still have email from that system filtered. This is exacerbated when the most capable other email system is also the one that is the primary public address. What about the account billing? Will users receive prorated refunds? (In my case my account expires 3 days before SpamCop ends. I suppose I shouldn't renew!) SpamCop email system users received unlimited reporting credits. How will reporting work now? How much does the reporting system cost? The benefit of using SpamCop email was it was really easy to move undetected spam into the reporting system, without any problems with the web form (which truncates) or forwarding (which changes the email). And the SpamCop email system gave fine control over which blacklists were used, the sensitivity of SpamAssassin, and provided a whitelist. None of my other email accounts have these features; they just have let you turn their spam filter on or off. We need to start a topic to discuss alternative systems that provide the most value, especially for users who valued the features SpamCop provided. I presume this is no longer a taboo topic.
  6. The SSL certificate for server smtp.cesmail.net expired Saturday, August 11th.
×
×
  • Create New...