Wrongful Block list

[memoires1]

I am a private home owner and don't have any bulk mailings or spam originating at my IP. Yet today I found mail being bounced back from a company I deal with, it had a link to Barracudanetworks which showed my IP address listed as poor. I check my IP address through Google and then found SpamCop also has my IP address listed as Poor. In total I found 4 such services also have my IP address listed as poor; the rest are normal.

One such service showed about 15 spams from my IP address on October 7. Actually I was not in the country on that day and for the last 10 days was on an overseas trip.

Thus I am confused WHY Spamcop has illegally listed my IP address, this would come under defamation in a court of law.

I issued a mail to Barracudanetworks and they have now delisted my IP address. I do intend to take some legal action if they list my IP again.

Any advice on this issue why SpamCop listed my IP address as poor would be welcome.

While stamping out spam is in everyones interest, harassment of law abiding citizens is illegal.

Thank you,

Steven

Japan

[SpamCopAdmin]

I don't see any connection to SpamCop, but if you want to email me the IP you're talking about, I will be happy to look into it for you.

- Don D'Minion - SpamCop Admin -

- service[at]admin.spamcop.net -

.

[Farelf]

...I am a private home owner and don't have any bulk mailings or spam originating at my IP. Yet today I found mail being bounced back from a company I deal with, it had a link to Barracudanetworks which showed my IP address listed as poor. I check my IP address through Google and then found SpamCop also has my IP address listed as Poor. In total I found 4 such services also have my IP address listed as poor; the rest are normal.

One such service showed about 15 spams from my IP address on October 7. Actually I was not in the country on that day and for the last 10 days was on an overseas trip. ...

Hi Steven. If you are talking about the IP-address you posted from (only a few of 'here' can actually see that) then that should never be sending mail direct to the internet. Almost certainly you are sharing it with a computer that is doing just that. It does not appear to be a static address and only your network operator would have any chance of knowing who was using it and when. Chances are if you are using a router and 'power cycle' it you will be allocated a completely different IP-address. Is the one you had trouble with the same as the one you had before your trip?

All those BLs/services are unlikely to be wrong about spam coming from there. Your IP is not currently listed by SC but it looks like it once was. SC delisting is automatic when the spam stops but the reputation score (SenderBase) is a different thing. That should not affect you at all when you send mail in the normal way, as an authorised sender through your mail service provider's mail server.

...Thus I am confused WHY Spamcop has illegally listed my IP address, this would come under defamation in a court of law. ...

I strongly suggest you take up Don's offer and find out just what did happen - I think I am right in supposing it was another Bird View Corporation user and I would further suspect someone has done what actually needed to be done - find the compromised machine and remove it from the network until it is cleaned up. It is not against any law anywhere for SC to publish an IP-address that is the source of spam. SC blocks no-one - it is the users of the SCbl who might (but not this time) - and those are the mail recipient networks, using it because they want to.

...I issued a mail to Barracudanetworks and they have now delisted my IP address. I do intend to take some legal action if they list my IP again.

Any advice on this issue why SpamCop listed my IP address as poor would be welcome.

While stamping out spam is in everyones interest, harassment of law abiding citizens is illegal. ...

Delisting before the problem is found is actually counterproductive but it seems/might be that this was fixed co-incidental to your action. Actually I would be amazed if Barracuda reacted to your email at all. Can you prove you own the IP-address involved? If it was the one you posted from you can't. They wouldn't/shouldn't do anything unless you could.

Seriously, take Don up on his offer to help and resign yourself to learning a lot more about the operation of email systems - no offence intended but you are way off target.

[Miss Betsy]

There are numerous resources on this forum that explain how email works and how the internet works on netiquette. You might have read the pinned FAQ Why Am I Blocked? It attempts to explain it in laymen's terms. 'poor' ratings generally mean that the administrator of that IP address is not diligent in stopping spam from being sent. On blocklists, an IP address is either listed or it isn't. There are no ratings.

If you are having problems with rejected mail, it is between you and your ISP. No one wants to get spam and does not have to thanks to blocklists. As a responsible member of the internet, you are the one responsible for seeing that spam is not sent through the IP address you are using.

Don is always willing to help you find the reasons, if spamcop lists your IP address. There are others who frequent this forum who may be able to help also, particularly with non-spamcop issues.

Good Luck in finding out what is wrong and becoming a responsible internet user - just as I hope you are a responsible driver on the highway.

Miss Betsy

[memoires1]

Suddently for some reason I had difficultly sending e-mails to a company I am dealing with. In there return mail there was mention of an outfit called Barracuda networks. I checked what my I.P. address was using http://whatismyipaddress.com/ and found that it is on 6 blacklists including SpamCop.

One site psbl.surriel.com showed a list of spam reports from my IP for October 7.

This is interesting because I wasn't in this country and no one had access to my computers during Oct.7 and 14, can be proven by passport stamps.

I am judging this listing on the above 6 sites as being a case of Harassment as; 1) I am a normal home owner with no bulk e-mailings or spamming activity; 2) I was out of the country during the period listed on one of the sites (the stamps in my passport prove this).

I fully support any effort to wipe out spam, but if that intrudes upon peoples rights and is harassment then you are taking the effort into illegal arenas and are yourselves in-the-wrong. The TV networks will surely be interested in this micky mouse approach to wiping out spam I am sure.

As the spam professionals can simply reset their IP's whenever they want, this makes the system of IP blacklisting flawed as a means of catching spam. I also question not only the legality of these lists but also validity. I have had my e-mail address spoofed so I am now checking if IP spoofing is common.

The situation is very simple this listing is wrongful blame and harassment and I plan to take action against any company that illegally lists my IP.

As I couldn't find an e-mail to write to I am posting my complaint in the forum.

Steven

Japan.

[edit - merged from Instructions/Tutorials - sending PM]

[Derek T]

The situation is very simple this listing is wrongful blame and harassment and I plan to take action against any company that illegally lists my IP.

What part of "Read the FAQs before making silly assertions" do you not understand?

[memoires1]

Firstly I would like to thank all of you that replied, I only just received the first e-mail notification about replies, that is why I was silent - as someone questioned my lack of response.

Firstly I would like to thank Don for his kind offer and I have sent him the relevant details.

Re: T-Shirt Wearing Out's - Miss Betsy 2 replies. Thank you for your response, stimulating. I am unsure what you mean by my IP address sending direct mails to the internet; I have a wireless modem at this side and I currently use my 2 home page servers to send and receive e-mails. Regarding the IP address I was only aware of what it was from today, so I can only assume it was the same as before my trip, I really don't know. I can still send some mails to places where I have sent for a while, it is just a few that e-mails are being rejected by the receipt servers of companies that I only recently started business with. So it seem I am not shut out by the ISP as you seem to have inferred.

Regarding becoming a responsible internet user; I having used computers since the late 1970's and the internet since the mid 1980's; that was a period before all the nut cases and crazy money seekers came out of there closets were everything was governed by manners, it seems the manics are the ones who need to be responsible users; blacklisting the IP address of responsible users while the spam professions just change or mask their IP more often than some people change their socks is like using a plaster to stop blood gushing from an artery. Driving, well almost 40 years and no issues, I have a gold drivers licence by the way. Thank you very much for your thoughts.

Sincerely,

Steven

[Miss Betsy]

I am sure that you intend to be a responsible internet user. In the old days (and even today in some places) people could leave their keys in their cars, leave their house doors unlocked, did not have to show ID in order to pay a merchant, etc. Not so today. It is irresponsible to leave your keys in your car on the parking lot of the super market. I know one person who did. His car was stolen, driven to another state where a murder was committed, and driven back and dumped in a lake. It might have been a teenager taking a joy ride who wouldn't have done it without it being so easy to do.

It is the same with the internet. The 'sending' end is the only place where the spam can be stopped. If you are not sharing this IP address with someone else (that's where the ISP comes in who is responsible for the other people doing what they should), then you are responsible for seeing that no botnet herder or other spam sneak does not use your space to send spam. There is no one else who can stop them. Just as a good driver understands how his vehicle works and maintains it properly. Since you have been on the internet for a long time and do understand about netiquette, I am going to skip advice on mailing lists. I am sure that if you do have a mailing list for your business, you observe best practices.

Even people who have a lot more technical knowledge about computers and computer safety than you do have been known to let their wireless routers be vulnerable.

Basically, every computer has an IP address when it connects to the internet. Some IP addresses are static which means that no other computer uses that IP address. Most email goes through an ISP or an email service (such as spamcop) and hundreds of people use the same mail servers. If anyone of them is careless and has been infected with a trojan, it will be sending spam. Then, the blocklists detect the spam, but they cannot pick which of the hundreds of computers that are sending the spam. Only the ISP can do so.

If you are not sending your email through a common mail server and are doing it yourself, then there are other things that could get you on blocklists. The most common being that you do not reject email at the server level, but accept it and return it to the forged return path which goes to an innocent person as 'backscatter' As the technically non-fluent member of this forum, I can't explain how you use best practices as a server admin. I know how a car engine works; I have never replaced an air filter and couldn't tell you how to do it.

As for ISPs rejecting your email. Every server admin in charge of receiving mail has hir own mix of filtering for spam. If you are lucky, they reject at the server level so that you get an Non-delivery message stating why the email was rejected. Too often, they are either dropped or shuttled to a Junk mail folder for the client. Most server admins do not use spamcop blocking list to reject email because it is very aggressive and will catch 'false positives' (the other users on a spamming IP address). Your problems are not with the blocklists who are simply stating facts that spam is coming from this IP address, but with the receiving server admin who is blocking your IP address for some reason - usually based on blocklists, but could be that he hates anyone named Steven.

I repeat. There are people here who can help you figure out what your problem is - particularly Wazoo who will ask you all kinds of what seem to be irrelevant questions and is very blunt in his opinions so if you have thin skin, don't read his posts. I can only give you the concepts because I am only an end user like you.

I hope this clears things up a little bit for you about how email works today and how one needs to be more security conscious to be a responsible netizen.

Miss Betsy

[rconner]

I'm truly sorry to hear about your problem, it is a distressingly common one. With any luck, Don will get an answer for you tout-suite.

I'm sure this was a big surprise out of the blue for you, and I can understand the resentment. Yet, these blocklisting mechanisms you describe are generally fact-based, and not driven by human caprice -- if they say that spam came from the IP you mention, you can pretty well believe it. That doesn't mean, on the other hand, that you sent it.

You should regard these notifications less as defamations or accusations and more as warnings of security problems at your end of the network. People block your address not because someone told them you are a bad person but because they have hard evidence of abusive behavior coming from the address.

Here are some things to look into at your end:

1. Most of the spam we receive today comes from zombie computers -- that is, computers that have been subverted by various means (see this Wikipedia article). These machines can send spam all day long, as long as they are turned on and connected to the internet. This can happen while you sit in front of the computer, and you might never know. This can happen even if you are out of the house or out of the country. If this happened to your computer, then it needs to get cleaned up.
   
2. Another possibility is that someone sharing your IP address (i.e., another computer somewhere else), or a previous user of the IP (if you are on dynamic addressing) was the culprit. Your ISP is the party that needs to straighten this out.
   
3. Since you use a WiFi access point, it is possible that others can connect to it as well and send spam through it. You might check your AP to see that you are using WPA2 security with an unguessable password, and possibly a MAC filter as well. If you can, you might also want to turn on logging in your AP so you can see what computers are connecting and at what times.
   
4. You say that you use two "home page servers" to send your mail. If you are using a local copy of Sendmail or something else of the sort to send this mail directly to the external hosts, then you may wish to reconsider the practice; it used to be OK to send "direct to MX" in this fashion, but it has since become the #1 tool of spammers, and many mail services now block connections that appear to come from dynamic IPs or otherwise don't look like "real" mail hosts.
   
5. If, on the other hand, you send your mail through your ISP's mail services like the rest of us (using plain ol' MS Outlook Express, Thunderbird, Apple Mail, etc.), it could very well be that one or more of their mail hosts got listed for spam. Again, this is a matter for your ISP. This would not really be your fault in any way, and there is little that you yourself could do about it, but it does definitely affect you.
   

No doubt Don will help you diagnose the problem so that you can seek an appropriate remedy.

-- rick