Jump to content


  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

1,803 profile views

Telarin's Achievements

Advanced Member

Advanced Member (3/6)



  1. An email directly to their ISP might also help, depending on how they are setup and whether or not the ISP or the emailer is the one getting the spamcop reports.
  2. The only place your email could be blocked is your mail provider. If JustHost is your email provider, then either the person you talked to is completely clueless, or just outright lieing to you. Which blocklists they use, and how they choose to use them are decisions entirely up to them. What was their response about white-listing the yahoo groups outgoing servers? There are a bunch of them, I know, but I believe they are mostly in a contiguous IP range, so it shouldn't be too much trouble to just add the entire range.
  3. Well, it looks like facebook.com is already listed at rfc-ignorant.org for invalid abuse address and bad whois data. I know several mail admins that use rfc-ignorant.org listings as part of a weighted spam filter, so maybe they will eventually work to resolve them (though I doubt it, it seems that many larger internet companies seem to be of the opinion that RFCs do not apply to them).
  4. I believe if you just click on the forgot password link on facebook, it will send the password to the registered email address. Then you should be able to login and delete the account without any problems. However, keep in mind that a lot of the "facebook friend request" type emails are not really from facebook and are nothing more than phishing scams.
  5. My impression of the OP is that he is asking for a queryable DNS type service like the current bl.spamcop.net, but that returns a hit if there are ANY reports. If that is indeed the question you are asking, then the answer is No, there is currently no such service offered by spamcop, though it would certainly be handy for building a weighted spam filtering system.
  6. They are phishing for account information for battle.net (World of Warcraft) accounts.
  7. Go to ARIN.net Put the IP in question ( into the "SEARCH WHOIS" box and click search You will see two allocations: clicking on the link in the first one gives us: Clicking on the second link gives:
  8. The IP block is directly allocated to Logicweb, who then has reassigned a portion to Prime Directive, LLC The logicweb reporting address is abuse[at]logicweb.com and is probably the better contact to use than the gmail contact listed for the reassignment.
  9. That behavior is normal. The computer still has to connect and handshake before the connection can be dropped. I don't think exchange actually drops the SMTP connection until after the RCPT TO stage, so it is normal, especially on a high traffic server to show these connections that will eventually be dropped in the current connections list. To really see if it is working or not, check messages you are receiving and see if any of them are from IPs currently listed in spamcop. Also note that any entries in your Global Accept list will override BL entries. Personally, I use Exchange 2003 SP2 with spamcop, spamhaus, a couple country specific BLs, and an internal BL that I maintain using the built in DNS server in Windows Server, and it works quite well for me.
  10. Those are generally good practices for an ISP providing services to residential customers, howerver, it sounds like the OP provides services to commercial customers. Commercial customers generally run their own mail servers, and will not accept using an ISP smarthost as a reasonable requirement. That being said, I can certainly see Don's concern. The OP said: This sounds to ME like they are passing the spamcop reports on to the customer, who is then allowed to simply listwash. In my opinion, the customer should never see the spamcop report. At best, they should be sending an email to the customer with nothing more than the recipient email address and requiring that they provide data showing how they obtained that email address, and show evidence that it was a legitimate confirmed opt-in subscription. If they can't prove that, then they need to dump the entire list that the email address in question came from, as it is clearly dirty. If it happens more than once, they need to be disconnected. Of course, that is my personal opinion, but I think it is a reasonable requirement that anyone handling a large mailing list should be able to show when and where every email address was obtained.
  11. As far as I go, Spamcop never "visits" (with WGET or otherwise) links in emails. The most action it takes is to do a DNS lookup on the site itself. I SUPPOSE if the spammer had full control of the DNS servers AND used a different host name for each spam sent out that they could build a list of which host names have ever had their DNS A record queried, but I don't think that would be practical in most if not all situations. As far as data in the querystring portion of the URL, that would not go through, as only the host.domain.tld portion would ever be queried against the DNS server.
  12. Do a google search Windows Password Reset CD. You should be able to download a utility program that you can burn to a bootable CD. Then boot your computer with the CD, and you should be able to reset the admin password for Windows. If it seems a bit too complicated for you, you may want to take it to a local computer shop to do it for you.
  13. Seth, I also run an exchange server can have my users submit spam to a shared folder for reporting. I manually review the submitted spam, clean out any legitimate messages, and submit the rest to spamcop daily. I use a program call OLSpamCop to submit all the messages in a single batch. I also have my account setup for quick reporting so that I do not need to process each message individually. In this way I am able to submit several hundred messages in just a few minutes. I would not recommend using quick reporting until you have done manual submissions for a while and made sure that your mailhost setup is working correctly, as you don't want to accidentally report yourself.
  14. The rejection message is generated by the receiving server and would have nothing to do with the orange-wanadoo system setup. However, even if you know the IP address, there is going to be little to nothing you as a user can do about it. This is something that their mail system management team would have to address to solve. The fact that there is a spamcop listing for some of their servers indicates either they have a major configuration problem causing their SMTP servers to send backscatter, they have a customer sending a large volume of spam through their SMTP servers, or they have a security breach allowing a spammer outside their network to relay through their SMTP servers. Either way, it is a problem that their support will have to resolve in order to get delisted.
  15. Since the domain provided in the link is cert-services.net, which appears to have no affiliation with spamcop of cesmail, I would say that this email is DEFINITELY not legitimate. One also has to wonder why you would need to install a program in order to access a website, another good sign that the message is not legit.
  • Create New...