Jump to content

Need Help


Recommended Posts

Hi,

We are blacklisted with 193.172.8.36 as IP. We did al the things SpamCop advised for removal from the block. It will take another 18 hours before SpamCop remove us from the blacklist. How can I be removed from the blacklist so our users can mail again ?

Greetz,

M.Wijkhuisen

Link to comment
Share on other sites

According to the database, someone (you?) already used the "express delisting" option, and then your IP went back on the list. Because you're only allowed to use that feature once, and must be sure that you fix your backscatter problem *before* you use it, I think you'll have to wait another 17 hours before the IP will be clear. I'm just another user -- you can get an official answer from SpamCopAdmin if he sees this topic and responds.

DT

Link to comment
Share on other sites

yes that was last week, then there was an attack from china on our mail relay, then we have reloaded the OS on the mail relay to be sure there was no backdoor on that server and checked every client and server in the internal lan and checked every server in our DMZ. Al servers and clients came out clean. And now spamcop says we have misdirected bounce messages and the spam where he talks about is from last week.

Link to comment
Share on other sites

We are blacklisted with 193.172.8.36 as IP. We did al the things SpamCop advised for removal from the block.

Out of curiosity, just what "things" did you actually do?

It will take another 18 hours before SpamCop remove us from the blacklist. How can I be removed from the blacklist so our users can mail again ?

http://www.senderbase.org/senderbase_queri...ng=193.172.8.36

Volume Statistics for this IP

Magnitude Vol Change vs. Last Month

Last day ..... 2.7 .. 471%

Last month ..2.0

A bit confusing .. 'seen' traffic has gone up from a couple of hundred to over a thousand e-mails a day, but your complaint is that your users can't send 'any' e-mail???

http://spamcop.net/w3m?action=checkblock;ip=193.172.8.36 talks about both spamtrap hits and suggests the probability/possibility of Misdirected Bounces .. nothing about plain old user Reports. Not knowing what you did (as asked above) so perhaps this traffic number is on its way down ...?????

Edit: ouch! While I was typing the previous, you posted again .. why are you using the term "mail relay" ..????

Link to comment
Share on other sites

we have 2 "mail" servers, one our "mail relay", this is a server which relays the domains we have in our organizations, (Thats why i use Mail relay and on our IT department everybody then knows about which server we talk about :)) and scans the incoming and outgoing massages, the messages that are allowed and are clean then send to our internal Exchange.

We can send not to al our users needs because they use spamcop.net as blacklist

Link to comment
Share on other sites

I removed 193.172.8.36 from our list.

The server is sending delivery failure notices to spamtrap addresses that feed our complaint database. A spamtrap is an unused address whose sole reason for existence is to see if people will send unsolicited mail to it. Spamtraps are basically the nonexistent addresses at small vanity domains owned by us or our associates.

It's misdirected bounces that are causing the server to be listed. Our trap addresses aren't sending any mail, so they shouldn't be getting any bounces. The bounces are being sent "delayed." Instead of refusing mail during the SMTP conversation, the server is accepting mail with forged headers and then later sending a bounce to what it thinks is the sender, but is in reality a forged return address. Delivery failure notices should be sent by the sending server that failed to deliver the message, not by the receiving server that rejected it.

This FAQ offers suggestions about solutions.

http://www.spamcop.net/fom-serve/cache/329.html

Misdirected bounces are becoming a *huge* problem. The beleaguered victims of spammer forgery are being inundated with bounces. Allowing the system to send that mail is just not right.

- Don D'Minion - SpamCop Admin -

service[at]admin.spamcop.net

.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...