Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by craigd

  1. Hi, Spamcop sends notification of spam reports to the owner of the IP address of the mailserver. In my case that is two steps from my email address and in practice one of these two steps is not forwarding the reports. This is incredibly frustrating, why can't spamcop send notifications to the domain email address? Our reverse dns is valid. A whois check will show two (not one, two) valid email addresses. If the spam reports could be sent to these addresses we would be able to at least determine why our mailserver is being black listed. Or at least if we can have some other method to access the spam reports. There must be some way that we can automatically validate that One the ONE occassion a spamcop employee responded to our emails we found the report came from a subscriber who had opted in to a genuine opt-in newsletter (I assume they forgot they'd subscribed). Subsequent reports we can't find out about so far. Just to forestall a couple of responses I might get: # Change IP addresses and go where the owner will reliably forward reports. Not possible for a range of reasons, many of which should be obvious. # The fault is my mailserver configuration. I seriously doubt it. We have valid reverse dns, SPF records on sending domains, good security, careful logging which would detect any compromise of server, etc, etc. # The fault is the emails we send which are actually spam. I don't think so, because the few mailing lists we run are all legitimate and well-run opt in news services. A small number of our customers send personal email via the server and some send highly commercially valuable emails such as invoices to their customers. However, if spamcop knows better, unfortunately we have yet to find out several days after we began asking. # Its not convenient for spamcop to look up whois records or provide any alternative (timely) way for server administrators to find out why their server is black listed. This may be true, but its even more inconvenient for us to have a large number of invoices to genuine customers bounce because someone forgot they subscribed to a newsletter. Spamcop is imposing a substantial commercial cost on us and I don't think it is unreasonable for us to ask that spamcop provide a working method to find out why this has happened and to take action. # You're only blacklisted for 24 hours, just be a bit patient. Patient? You take the calls from my clients explaining why their important emails are not getting through. You feel free to explain to them that probably they'll get through tomorrow (maybe). # Spamcop doesn't block emails. Correct, it doesn't. However, in practice a large number of email providers block all email from any IP address listed by spamcop. To say spamcop is not responsible for the failure of this email to get through may be theoretically correct but not practially correct. # You're a spammer, you must be if you don't like spamcop. OK I acknowledge its not easy to tell the difference between someone who intentionally sends unsolicited email. I would hope the professional manner of our email contacts, that we have clear reverse dns and valid contact details, that our IP address does not change, that we deal with highly reputable companies, that we answer phone calls (not that spamcop would know that), and many other reasons show that we are a legitimate business which is not breaking the rules.
  2. craigd

    Help please

    Help please! My mailserver has been blacklisted again. This time its a 'spamtrap'. What I need to know, is WHY this has happened so I can prevent it happening again. There is a link to an FAQ on autoresponders - as far as I know our mailserver behaves in the correct way. That is, does not reject emails after initially accepting them. I would like to prevent getting blacklisted again, but without any information at all about why we are blacklisted, how can I do it? Please, please do NOT reply to this post if you believe I am an intentional spammer. [edit]please note previous blacklisting problem was due to repeated complaints by a single person and has been resolved by spamcop, so there's no value in mentioning this[/edit]
  3. craigd

    Help please

    Unfortunately it is not their problem it is my problem. I am the one who's mailserver is blocked. Both the IP range owners and spamcop are causing me problems. Neither have any incentive at all to help me fix the problem. In both cases all I can do is ask as nicely as I know how for assistance. So far the results have been: spamcop not interested in changing their system to stop it punishing legitimate people but have provided some assistance through the forum (thanks); IP range owners not interested in wading through the spam they get and passing on spam reports and have provided zero assistance. Unfortunately I see no prospect for any change to the above situation.
  4. craigd

    Help please

    You bet, that would be great. Unfortunately neither of the bouncing email addresses are ours, they are the owners of the IP range which we are on so we do not have control of them. Who would have thought that when paying for an IP address one should find out whether the owners of the range would forward abuse emails? Connect.com.au won't forward emails even if they get them. I have higher hopes that netspeed can be convinced to accept emails to their postmaster address and forward the relevant ones to us, but I would be entirely relying on their generosity I have no ability to force the issue. Unfortunately we're not important enough for any emails to be sent direct to us, we're just the owners of the relevant domains (accurate reverse dns, working contact emails) : (
  5. craigd

    Help please

    Thanks Richard for providing additional information by email. This has enabled us to find the particular domain which has generated the incorrect bounce messages [edit]I forgot to say that this email support is absolutely essential, because it does not seem possible to get the information we needed in any other way.[/edit]
  6. Nobody here is suggesting I am a spammer, but still I am treated as some sort of evil incarnate because I dare to suggest that double opt in is not a reasonable requirement. Whatever, I will stop wasting my time trying to communicate to you people the problems you're causing me and other legitimate senders of email.
  7. Thanks. I have asked spamcop by email several times to direct emails regarding this IP address to us, but have not had any success. I guess this is just "too hard". I am familiar with Australian legislation and am 100% sure that we comply in every respect. I might add that nowhere in the legislation is double opt-in even mentioned let alone required. Spamcop requirements are MUCH tougher than our legislation, and I do not think the spamcop approach is reasonable! A proper whois on our domain will show valid contact emails. I'm not sure exactly what the report above is showing, certainly not the whois record for our domain. Yes, I'm not surprised that I won't get anywhere asking to get alerts sent to us, we're only the domain owners after all, we just rent the IP address. Again, 'too hard' I suppose. Finally, here's what the spamcop representative said: "While several people have reported mail from your server in the past, the recent reports have all been from a single user. I have written them and am awaiting a response with their explanation of why they are reporting the mail as spam." I think that qualifies as a single user repeatedly blacklisting us over the past 4-5 days. Of course we have to wait for the complainant to respond to their email (why would they respond immediately?) and in the mean time if the person complains again no doubt we'll be blacklisted for another 24 hours. Can anyone reading this see how awful this appears from my point of view?
  8. Hi Petzl, Thanks for the suggestion. I have done this, but will this mean black listing notifications from spamcop will go to that address? If so I will be very keen to do it. At present connect.com.au who own the IP range are supposed to forward any messages regarding my IP address but in practice this hasn't been happening. This goes right back to my initial question beginning this topic, which is how can I get spamcop to contact a working email address with any notifications on my mailserver. I do very much hope that your suggestion will solve this.
  9. Hi Dbiel, Thank you very much for taking the time to help me, I do genuinely appreciate that. I may be wrong but I understand from the spamcop deputy's email that while several complaints had been made, they were all by the same person. It would make a lot of sense to count this as one complaint rather than counting it as many complaints. Especially as we can't find and therefore remove the person who is complaining. You may be interested to know that 99% of the cost to us of operating our email service is due to spam filters. That is, the cost of paying our staff to deal with complaints from subscribers who do not receive our email due to spam filters of various sorts is about 100 times greater than the total of all other costs of running these servers/mailing lists/email services. This is the 'hidden cost' of spam.
  10. So now that we found one mistake it is now OK that one person can repeatedly black list us, including reporting our email on how to unsubscribe! Great system! deputies at admin dot spamcop dot net We did get replies, but very slow. I'm sure Richard is very overworked and doing his best, which is why the system needs to work better. Within an hour on the forum I had a list of complaints which we had not seen after 4 days of waiting for emails (admittedly including a weekend). The fact that we're on a different time zone would not help, although for this emergency we are checking email about 18 hours a day. I don't want to harrass persons who report spam. But it is totally rediculous that we can't remove the complainant from our distribution list and so he/she continues to complain. There must be a way to solve this problem. Unfortunately I am left with the impression that most here do not consider there to BE any problem, the fact that I complain on the forum just makes a good opportunity to evangelise double opt in, rather than indicating any problem. Unfortunately I did find an error we had made, so now I am sure nobody here will pay the slightest bit of attention to our problem.
  11. Hi Petzl, thank you for pointing out this error. I am very embarrassed and you are correct. The folk at crikey changed their website on us (we don't host this site) and either didn't tell us or we didn't pay attention. Either way, our senior developer is fixing this right now. This is a good example of how the spamcop service can help. If only the dialog could be more constructive. Also, it took several days for us to realise that posting on the forum was the only way to get a prompt reply to our questions. [edit] I should mention that I remain convinced that this mistake is NOT the cause of the spam reports which have come from ONE person repeatedly over the last week.[/edit]
  12. No, no, no - can't you just imagine for one second we are professionals here? Every email sent has TWO completely simple and clear ways to unsubscribe in it. In addition the same page you link to is the link where the person subscribed and can unsubscribe any time. There IS a perfectly working unsubscribe process. Correct, and we DO NOT DO THIS. You find me ONE, just ONE person who did not subscribe and I will send you $US100 of my personal money. Just because it is theoretically possible to happen doesn't mean it has happened. So now you're treating me as a spammer again? I can't win with you, can I? If I offer to remove people that don't want to get the newsletter then I'm a spammer listwashing, couldn't possibly be a reasonable person who is perfectly happy to unsubscribe those who no longer (repeat no longer) wish to receive our emails.
  13. This is the link for paid subscribers - several thousand people pay $100 per year to get this newsletter, in case you think we're sending junk. They rarely unsubscribe but do have a clear and well advertised mechanism to do so. The correct link for free subscribers is perfectly well working: http://www.crikey.com.au/articles/2005/03/007-0001-8942.html
  14. No, this is not correct. The confirmation email WAS REPORTED BY spam AND IS ON THE LIST QUOTED ABOVE. No, I disagree strongly, there IS an easy fix. All spamcop has to do is to enable legitimate businesses such as mine a way to get off your black list in a timely and efficient manner. That is, take proper and reasonable steps to enable us to communicate with you and to get the information which would enable us to take the appropriate action - whether this is fixing a security problem, unsubscribing a person who prefers complaining to spamcop to requesting unsubscription, etc.
  15. Hi dbiel, Could you please confirm that you are telling me that spamcop is mandating double opt in otherwise known as 'confirmed opt in' as the only "acceptable fashion" to run a mailing list. Anyone with a grudge against us can subscribe, confirm the email address, and report us as spam. So if we had a double opt in system spamcop would STILL be the mediator in enabling this attack against our business. [edit] This is the problem with a business that is run by unaccountable vigilantes. Just like I might sympathise with the goals of vigilantes hunting for criminals I do not like spam or spammers. However, vigilantism is rightly considered by most societies as incredibly harmful and I think on the internet anti-spam vigilantes are just as harmful.]
  16. 1. The newsletter operator would go out of business if this was required - the spammers would have won. We know through experience that this system, which we call "double opt in" results in very few subscribers. Instead we get a bunch of complaints "why aren't I getting my newsletter I subscribed to". You see this from the point of view of very technically able people but I'm afraid in practice the general public do not find easy that which you would like them to. They do NOT want to double opt in, they want a simple and reliable way to get an interesting and informative newsletter. 2. We did send a message to all subscribers telling them how to unsubscribe and making it clear that all unsubscribe requests would be honoured. This was a separate email as you suggest above. What happened? This email was reported as spam. 3. Our subscribers, when asked, do NOT request a double opt-in system. When we trialled it they complained. 4. Just because YOU think we should have a double opt-in system that means we have to does it? You are holier than us are you? 5. We comply with all laws and regulations, we deal promptly and positively with any complaints, we run our systems in a professional manner. But just one person decides to complain (without contacting us) and without trial, with very limited recourse, with the assumption of "guilt" we have a penalty applied to us. Repeatedly.
  17. Hi, I'd really, really like to know how you got the list above, because we've been trying for a week and not had anything even remotely as detailed from spamcop. We are very keen to ensure that the person who is complaining is removed from this mailing list but to date we have not had any opportunity to do this. The thing that is "missing here" is an open mind. You just assume that we are spamming, despite all the evidence to the contrary. We have been 100% open and up front and I have stated very clearly that not only are we 100% opt in, but I am willing to provide confirmation details on ANY case you can quote that will confirm this. Yes, let me repeat that, ANY CASE. How can I have this confidence if we are a spammer? We comply fully with the local anti-spam legislation which is much tougher than US regulations. 100% (not 99.9%, I do mean 100%) of subscribers have opted their own emails in. We send immediately a confirmation email so if someone has opted another person in that person is immediately aware and can unsubscribe. I mentioned subcontract. My business is subcontracted by the owners of the newsletter to handle the subscriptions, including payments for paid subscribers, and to deliver the newsletter email. The newsletter proprietor creates the content and sends it out using our system. There's nothing suspicious there, much as you would like there to be! You say "Evidently there are a bunch of reports from people who don't believe they subscribed." What you are missing, and this is the basic flaw with the entire spamcop system, is that people act irrationally. They subscribe, don't ask to unsubscribe and for irrational reasons report spam. People sometimes might maliciously report email as spam. I suspect this might be the case as we were recently told that ALL the reports against our mailserver came from the SAME PERSON. This person is effectively (not necessarily intentionally) costing us thousands of dollars by repeatedly reporting spam having NEVER contacted us, and as I said above having DEFINITELY opted to receive the newsletter in question.
  18. We've finally received one spam report from last week - amazingly the email that was reported as spam was an email we sent to all subscribers to a free newsletter (we also have a bunch of paid subscribers to this news service) explaining how to unsubscribe and assuring them that we would gladly unsubscribe anyone who did not wish to continue to receive the newsletter. This email says to just reply to be unsubscribed to make it as simple as possible. It was sent as we thought possibly a previous spam report might have resulted from someone who had difficulty unsubscribing or who thought that we would not unsubscribe them. So our reward for doing the right thing and taking extra steps to inform our subscribers (who had ALL opted in, there is absolutely no other way to get on that list) is to have our mailserver blocked again! You have no idea at all how frustrated and angry this system makes me. This is ABSOLUTELY not correct. Any example you submit I GUARANTEE I can tell you the date and time the person subscribed. And they did subscribe. We NEVER opt people in to a list. You just assume anyone reported is sending unsolicited email, and are not open at all to the idea that reports might result from mistakes (person forgot they subscribed) or as appears increasingly likely in this case a malicious intent. All of these instances are copies of a very legitimate newsletter that my business is subcontracted to send out. I can tell from the subject line it is the free version. As I said above, 100% of subscribers have opted in and have a working unsubscribe. Crikey.com.au is Australia's biggest independent source of news on media and politics, with several thousand paying subscribers. It is published by professionals and they do not spam anyone. If we could determine the person who made these reports they would be unsubscribed very fast indeed!
  19. Thanks for looking into this. I believe you're correct on the owner of the IP range. We pay an ISP for our IP addresses and they in turn pay for a larger range of addresses. Its basically a wholesale/retail system. This is quite common here in Australia, I don't know how it works elsewhere. Yes, our domain name is weftweb.net and the server's reverse dns is mail.weftweb.net. You will see two valid contact emails on the whois record for that domain, both of which come to my office although not direct to me. One reason mail traffic has reduced is that due to our blacklisting woes we have directed some email via another of our servers (don't worry its not an open relay). We thought our problems were over so switched back to mail.weftweb.net and then found we were back on the black list
  20. Hi Miss Betsy, thanks for the suggestions. I cannot rule out the machine being compromised, which is one reason I am so keen to see the specific spam reports. If it turns out the machine is compromised spamcop will certainly get a very big thankyou from me, because none of our monitoring shows anything that would look like a server compromise. Mail volume is within normal range, nothing unusual showing in my logs (security and mail), no unusual ports in action, etc. We only run in-house developed forms on web pages on this server, and our practices while probably not perfect are pretty tight, so again I am fairly confident that a broken/insecure webform is not the issue. Its a good suggestion, though and I've asked our senior developer to look into this further.
  21. Hi Steven, thanks for this suggestion. I have created an ISP account, so far I haven't been able to extract anything more than the same result you get by searching on the IP address. This would seem like a good way to get access to the detailed reports and to register my email as the correct contact for reporting to. However, the low level of validation to get the account (just a valid email address) would suggest to me that I'm probably not going to get the information I need.
  22. Hi, thanks for your quick response. the IP address is I administer this server and its definitely being black listed and I definitely can't find out why. OK domain addresses in email are worthless, I understand, but when the domain of the mailserver correctly resolves on a reverse dns then I think the domain would not be worthless. However, you may tell me that this step is often taken by spammers and so the address on the mailservers verified (by reverse dns) domain is not useful. Surely there could be some other mechanism, for me to authenticate myself as the legitimate contact for the blacklisted domain without having to wait for spamcop to reply to my email (which I can understand takes time, especially when I am on a very different time zone, being in Australia). The final part of your response assumes that spam is being sent from my mailserver. At this stage I do not believe this is the case. I do control as far as is practical the mail sent through my mailserver and attempted to describe the sort of email that is in my previous post. I've been reading your forum further and found people blacklisted who had purchase mailing lists - they should not be surprised, but I am quite confident this does not apply on my mailserver because I have a limited number of trusted customers who know well our rules.