Jump to content

When will be de-listed????


Recommended Posts listed in bl.spamcop.net (

Since SpamCop started counting, this system has been reported about 10 times by less than 10 users. It has been sending mail consistently for at least 24.5 days. In the past 10.6 days, it has been listed 2 times for a total of 7.8 days

In the past week, this system has:

Been detected sending mail to spam traps

Been witnessed sending mail about 190 times

unfortunately the spam was sent to spamtraps!

Link to comment
Share on other sites

Hi, Jan,

Any time / sample that SpamCop detected regarding to such spamtraps?


...Sorry, we here don't have the information available to help you with that. Please send a request via e-mail to "deputies <at> spamcop.net" with the IP address being blocked and any reject messages.

...Good luck!

Link to comment
Share on other sites

My company email server had been passed the ORDB test since last week but found our IP is still listed on {insert specific DNSbl here} ....

If that question is not covered in one of the existing pinned topics, it should be.

Apparently the ORDB tests are not complete. Passing an open relay test does not mean that your system is secure, or properly configured.

People show up on the various forums about DNSbls all the time saying that, and then it turns out that they actually had a serious security problem on their server.

The dsbl.org has a forum for asking questions about their DNSbl, and they can do a more comprehensive test on your server for vulnerabilities, and possibly give you pointers on how to fix them.

The first thing that shows up for your I.P. address is that you do not have an rDNS configured. While that will not affect your spamcop.net listing, it will cause many mail servers to either refuse your mail, or to silently delete it unread.

Put that on your list of things to get fixed as all servers visible on the Internet are supposed to have a valid rDNS.

First check:


Shows no major DNSbls beside Spamcop.net currently listing your I.P. address.

The fastest look up from there is the MAPS-OPS list to see if it has any spam samples.

It does, but they are not current. Apparently that I.P. addres was an open relay in November of 2003.

A google groups search of ".sightings spam 2004" does not show anything, so your back to the case of needing a response from a deputy.

Typically what shows up is either a weak password on a mail server that is allowing a spammer access, or something on a mail server that is generating a new mail message in response to anything that it receives.

If you have a virus scanner on the mail server, make sure that it is neversending out virus reports to people outside of your network. Those notifications are not going to anyone that had anything to do with sending the virus.

It is against the rules for spamcop.net members to report abusive bounces and misconfigured virus scanners. The rules for spamtraps may be different.


Personal Opinion Only

Link to comment
Share on other sites

Finally de-listed .... :lol:

btw, thanks for your detailed explanation and I have much more understanding with SpamCop now. :)

Is there any way to use SpamCop with Exchange? I found a link in SpamCop but it is blank.....


Link to comment
Share on other sites

Is there any way to use SpamCop with Exchange?

Exchange eh? that explains a lot! Best thing to do with exchange IMNSHO is to put a linux distro disc in the CD-ROM and select the 'delete all windows partitions' option during install :D

Link to comment
Share on other sites

My company email server had been passed the ORDB test since last week but found our IP is still listed on SpamCop ....

Could anyone can check it for us?

Our mail server IP :


Jan Leung

Your exchange server is relaying spam for spammers. It appears that your exchange server is being used by spammers exploiting the SMTP/AUTH hack. Please see this faq for information about the exploit and how to fix the problem:

http://news.spamcop.net/cgi-bin/fom?file=372 This exploit allows spammers to relay thru your exchange server.

This relaying does *not* show up using standard open relay tests as the spammer has gained "legal" access to your server by hacking an account/password combination.

You can write to me at the address in my sig and I can give you slightly more information.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...