emmacoopertarry Posted April 27, 2004 Share Posted April 27, 2004 Hi- I have pop3 access to my business emails, and i dial up using AOL (I know, broadband hasn't reached us yet!). Recently my emails have been disappearing into thin air, and it was only when i got an email from one of Spamcop's clients (monitor consultancy) saying that i had been blacklisted that i realised what was happening. my website(s) are hosted with 1&1 and i have asked them about this - they say that so long as i am using their authenticated smtp server (i am), there shouldn't be a problem. is it possible that my aol dial up is causing the problem? any suggestions would be very, very gratefully received as this is having a huge impact on my profitability - many of my clients think that i am simply not responding to their emails! i can't send to any btinternet address, for example, as my emails are just not arriving! help please! Emma Cooper Tarry I-Candi Designs Link to comment Share on other sites More sharing options...
Spambo Posted April 27, 2004 Share Posted April 27, 2004 Give the IP that is allegedly blocked, or a copy of one of the bounce messages. There is no way anyone can give you advice if they can't determine what the problem is. Link to comment Share on other sites More sharing options...
emmacoopertarry Posted April 27, 2004 Author Share Posted April 27, 2004 I've just sent myself an email from the offending account to my gmail address. this is the header: Delivered-To: emmacoopertarry[at]gmail.com Received: by 10.11.119.45 with SMTP id r45cs4498cwc; Tue, 27 Apr 2004 10:22:08 -0700 (PDT) Received: by 10.11.122.75 with SMTP id u75mr42340cwc; Tue, 27 Apr 2004 10:22:07 -0700 (PDT) Return-Path: <emma[at]i-candi-designs.co.uk> Received: from 64.12.138.7 (HELO rly-ip03.mx.aol.com) by mx.gmail.com with SMTP id v56si108027cwb; Tue, 27 Apr 2004 10:22:07 -0700 (PDT) Received: from smtp-loh01.proxy.aol.com (smtp-loh01.proxy.aol.com [195.93.52.86]) by rly-ip03.mx.aol.com (v98.19) with ESMTP id RELAYIN3-4408e96613d5; Tue, 27 Apr 2004 13:20:33 -0400 Received: from Emma (ACBA2277.ipt.aol.com [172.186.34.119]) by smtp-loh01.proxy.aol.com (8.12.11/8.12.11) with ESMTP id i3RHKPVZ018549 for <emmacoopertarry[at]gmail.com>; Tue, 27 Apr 2004 17:20:29 GMT Message-Id: <200404271720.i3RHKPVZ018549[at]smtp-loh01.proxy.aol.com> Reply-To: <emma[at]i-candi-designs.co.uk> From: "Emma Cooper Tarry" <emma[at]i-candi-designs.co.uk> To: <emmacoopertarry[at]gmail.com> Subject: testing Date: Tue, 27 Apr 2004 18:20:22 +0100 Organization: I-Candi Designs MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0077_01C42C84.505772B0" X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Thread-Index: AcQse8eIaCdjN07FSleTznbyxzEyxg== X-Scanned-By: MIMEDefang 2.40 X-Apparently-From: Rodneygilberttar[at]aol.com X-AOL-IP: 195.93.52.86 the bounced email reads as follows: [at]i-candi-designs.co.uk is blacklisted by bl.spamcop.net IMPORTANT NOTICE Your message has not been delivered to the recipient at Monitor Group because it arrived via an Internet mail server that has been reported as a source of unsolicited bulk email (aka "spam"). If your message is related to legitimate business with Monitor, please call your contact at Monitor and ask them to work with their local helpdesk to make alternate arrangements for the delivery of your message. TO PREVENT FUTURE DELIVERY PROBLEMS Please contact your IT, computer systems or email administrator and inform them that your mail server is suspected of sending or relaying spam. It will help him/her resolve the problem if you forward this entire message. If you do not have such an administrator and directly subscribe to an Internet connection provided by a telephone company, cable operator or similar Internet Service Provider (ISP), you should be able to address your message to postmaster[at]isp.com, where isp.com is the name of your service provider. For more information about the anti-spam organization that has 'blacklisted' your mail server, please note the name in the subject of this message and follow the appropriate link below: bl.spamcop.net --> http://www.spamcop.net sbl.spamhaus.org --> http://www.spamhaus.org i hope this helps - i'm going to be eternally grateful to anyone who can get me out of this hole!! Emma Link to comment Share on other sites More sharing options...
Wazoo Posted April 27, 2004 Share Posted April 27, 2004 I have pop3 access to my business emails, and i dial up using AOL (I know, broadband hasn't reached us yet!). AOL for connectivity, POP3 elsewhere for e-mail ... nothing out of the ordinary Recently my emails have been disappearing into thin air, and it was only when i got an email from one of Spamcop's clients (monitor consultancy) saying that i had been blacklisted that i realised what was happening. Not sure I can follow the disappearing description ... even if you are listed (an IP would be nice so "we" could take allok at something) .. this would not cause all of your e-mail to disappear. Being listed in a BL only shows as a problem when trying to e-mail to another ISP that happens to be using that BL ... The odds that each and every e-mail you send is hitting an ISP that uses the same BL tool set and only drops your e-mail vice sending a bounce is really pretty slim. my website(s) are hosted with 1&1 and i have asked them about this - they say that so long as i am using their authenticated smtp server (i am), there shouldn't be a problem. is it possible that my aol dial up is causing the problem? Use of AOL to dial up should have no bearing on it. That you are using an authenticated connection to 1&1's server says nothing about a spam issue. any suggestions would be very, very gratefully received as this is having a huge impact on my profitability - many of my clients think that i am simply not responding to their emails! i can't send to any btinternet address, for example, as my emails are just not arriving! As mentioned already, the IP address in question, a bounce message, something that can be used to look at what's going on in your specific case would be a great start. Link to comment Share on other sites More sharing options...
emmacoopertarry Posted April 27, 2004 Author Share Posted April 27, 2004 sorry - i should probably point out that not every single one of my messages is not arriving, just emails to some (and weirdly, only some) clients on yahoo.com, aol.com and hotmail.com addresses, but no emails are arriving at btinternet.com addresses. my emails are also being flagged as 'possible spam' and 'spam alert' even when they contain no obvious words that would act as a trigger - i've learnt to stop using the word 'free' !! probably 25+ emails a day are not getting to their target... any thoughts? Link to comment Share on other sites More sharing options...
Wazoo Posted April 27, 2004 Share Posted April 27, 2004 OK, you posted while I was typing away in my last ... first note on your posted issue .. what happened to the 1&1 host you mentioned originally? The path of your sample is from your AOL account and only goes through the AOL server farm, which of course then leads us to the following; 64.12.138.7 listed in bl.spamcop.net (127.0.0.2) Query bl.spamcop.net - 64.12.138.7 64.12.138.7 is rly-ip03.mx.aol.com Since SpamCop started counting, this system has been reported about 470 times by about 60 users. It has been sending mail consistently for at least 182.8 days. In the past 616.9 days, it has been listed 19 times for a total of 33.1 days In the past week, this system has: Been reported as a source of spam about 10 times Been detected sending mail to spam traps Been witnessed sending mail about 4290 times The first obvious is to actually use the 1&1 e-mail account you said you were using, on the assumption that their outgoing server is 'clean' ..?? Link to comment Share on other sites More sharing options...
emmacoopertarry Posted April 27, 2004 Author Share Posted April 27, 2004 hi Wazoo - thanks for this - i am using the i-candi-designs email address - i am sending and receiving from outlook using 1&1's settings for my domain - i have absolutely no idea why it thinks i am sending and receiving from aol. this could easily be the problem - is changing my dial up provider the only answer, do you think? is there any way of getting around this issue? Link to comment Share on other sites More sharing options...
Spambo Posted April 27, 2004 Share Posted April 27, 2004 [snip] [at]i-candi-designs.co.uk is blacklisted by bl.spamcop.net [snip] The above statement, which is found in the bounce, is a bald faced lie. The SCBL lists only IP addresses, it does NOT list domain names or email addresses. Since i-candi-designs.co.uk is a domain name and NOT an IP address it is definately not listed in the SCBL. 04/27/04 13:19:46 -0500 dns i-candi-designs.co.uk Mail for i-candi-designs.co.uk is handled by mx00.schlund.de mx01.schlund.de Canonical name: i-candi-designs.co.uk Addresses: 212.227.127.208 http://www.spamcop.net/w3m?action=checkblo...212.227.127.208 212.227.127.208 not listed in bl.spamcop.net SpamCop has no record of this system i hope this helps - i'm going to be eternally grateful to anyone who can get me out of this hole!! Emma It still leaves too many IPs to check, however the ones I did check do not show as being listed in the SCBL - however there appears to be a number of IPs in the range of the mail servers you use that are getting spam reports so it is very possible that one of them is listed. Link to comment Share on other sites More sharing options...
emmacoopertarry Posted April 27, 2004 Author Share Posted April 27, 2004 interesting... the 'bald faced lie' is the subject line of the email i received from monitor.com alerting me to the problem in the first place. the full subject line read as follows: "Message Rejected: [at]i-candi-designs.co.uk is blacklisted by bl.spamcop.net <RE: Urgent - Max Bday>" (ok, so this wasn't a work email... ;-) ) Link to comment Share on other sites More sharing options...
Wazoo Posted April 27, 2004 Share Posted April 27, 2004 hi Wazoo - thanks for this - i am using the i-candi-designs email address - I see that in the From: and Reply To: lines (which actually you may want to go back and edit these addresses out before they get snagged up in yet another spammer's list of known-good ones) i am sending and receiving from outlook using 1&1's settings for my domain - i have absolutely no idea why it thinks i am sending and receiving from aol. this could easily be the problem - Wow! I'll admit, you've got me confused on this one. I didn't notice the "Outlook" in the last glance ... now recalling I just saw another poster make mention of AOL now allowing IMAP access to an AOL e-mail account ... Guess I'm out of date .. when did AOL allow you to use a tool like Outlook to run through their e-mail system? Even if you answer that, the headers still show that you've not used any services of the 1&1 ISP. You may want to verify the account set-up/config data for that account and see if you are actually pointed to a 1&1 server to handle e-mail. Trying to work out how you're getting e-mail if not configured for a direct connection, I'm only coming up that the 1&1 server is forwarding incoming there to your AOL account????? But that doesn't quite get into the "authenticated server" conversation, unless there's stuff not said or understood by all, which I've already admitted to being surprised by the Outlook / AOL combo ... is changing my dial up provider the only answer, do you think? is there any way of getting around this issue? You need to get your outgoing off of the AOL server that's currently listed, and I can only point to the above confusion factor <g> small extra note ... any idea where the X-Apparently From line data may have come from? Link to comment Share on other sites More sharing options...
Spambo Posted April 27, 2004 Share Posted April 27, 2004 interesting... the 'bald faced lie' is the subject line of the email i received from monitor.com alerting me to the problem in the first place. the full subject line read as follows: "Message Rejected: [at]i-candi-designs.co.uk is blacklisted by bl.spamcop.net <RE: Urgent - Max Bday>" (ok, so this wasn't a work email... ;-) ) It might help for you to know that the SCBL is nothing but a database that contains IP addresses that have been determined to have been the source (origination point) of spams that are currently being reported by SpamCop users. SpamCop uses this database to DIVERT potential spam to its customer's "Held Mail" folder. SpamCop DOES NOT bounce any emails based on this database. If you were writing to a valid [at]spamcop.net address (or an address used by a SpamCop customer) the email you sent would not bounce. The data is available to the public, and some admins DO use it to bounce emails. Other admins use the data to tag potential spam, to divert potential spam to special folders away from their customer's inboxes, to defer the acceptance of emails (giving the admins over the IPs a chance to terminate the spam operation), or as part of a "points system" where no single source decides if an email is rejected. Since SpamCop cannot control how outsiders use the data they obtain there could be other uses as well. Whatever choice the mail admin makes, the decision is his/hers (or the decision of their boss). SpamCop is not involved in this decision, and it cannot control what they say in their bounce messages. In this case the admin has the mail server that is rejecting the email configured to lie since domain names are not part of the queried database. Link to comment Share on other sites More sharing options...
Merlyn Posted April 27, 2004 Share Posted April 27, 2004 Lets take a closer look at the problem: Resolved i-candi-designs.co.uk to 212.227.127.208 [i-candi-designs.co.uk has 2 MX records mx00.schlund.de.(10) mx01.schlund.de.(10)] When we look up the mail servers you use, the both point to a farm of servers they use for mail: mx01.schlund.de: Resolved mx01.schlund.de to 212.227.126.164 to 212.227.126.211 to 212.227.126.213 to 212.227.126.215 to 212.227.126.217 to 212.227.126.140 to 212.227.126.146 to 212.227.126.148 to 212.227.126.150 to 212.227.126.159 mx00.schlund.de: Resolved mx00.schlund.de to 212.227.126.158 to 212.227.126.163 to 212.227.126.210 to 212.227.126.212 to 212.227.126.214 to 212.227.126.216 to 212.227.126.139 to 212.227.126.147 to 212.227.126.149 to 212.227.126.153 At any time your mail can be sent through any of the above servers. Most of them are not on the Spamcop list but a couple have been on the list for spam and are no longer on the list and one or two might still be listed. Here is an example of the first few: 212.227.126.164 not listed in bl.spamcop.net 212.227.126.211 not listed in bl.spamcop.net 212.227.126.213 not listed in bl.spamcop.net (it has been listed 4 times for a total of 6.8 days) 212.227.126.215 not listed in bl.spamcop.net (it has been listed 4 times for a total of 5.7 days) If you want to look up the rest use http://www.spamcop.net/bl.shtml Link to comment Share on other sites More sharing options...
Wazoo Posted April 27, 2004 Share Posted April 27, 2004 Lets take a closer look at the problem: Resolved i-candi-designs.co.uk to 212.227.127.208 [i-candi-designs.co.uk has 2 MX records mx00.schlund.de.(10) mx01.schlund.de.(10)] When we look up the mail servers you use, the both point to a farm of servers they use for mail: What am I missing Merlyn? All I see is AOL servers in the sample e-mail (ignoring the receipt at gmail ..) Link to comment Share on other sites More sharing options...
Merlyn Posted April 27, 2004 Share Posted April 27, 2004 Lets take a closer look at the problem: Resolved i-candi-designs.co.uk to 212.227.127.208 [i-candi-designs.co.uk has 2 MX records mx00.schlund.de.(10) mx01.schlund.de.(10)] When we look up the mail servers you use, the both point to a farm of servers they use for mail: What am I missing Merlyn? All I see is AOL servers in the sample e-mail (ignoring the receipt at gmail ..) Up above it says: "Message Rejected: [at]i-candi-designs.co.uk is blacklisted by bl.spamcop.net <RE: Urgent - Max Bday>" Link to comment Share on other sites More sharing options...
Wazoo Posted April 27, 2004 Share Posted April 27, 2004 OK .. Monitor Group is not gmail.com .... The explanation of the strange Apparently From, the AOL sequence, etc. is based on your interpretation that what the OP's description of "from the offending account" was actually a Forwarded and edited snippet of the actual original bounce message returned from the "real" original e-mail ... OK .. think I'm up to speed .... ???? maybe that also clears up my confusion over the Outlook / AOL combo ???? Thanks for pointing out the obvious (I think/hope) Link to comment Share on other sites More sharing options...
royj Posted May 3, 2004 Share Posted May 3, 2004 i have a similar problem. my address is rjtechne[at]iol.ie and my publisher is at [at]aol. i have had important messages blocked by aol because it says iol is a spam source. what is more, my own address has been hijacked by a virus spammer, who sends it to the world with an executable of about 40k. i have received this myself, purportedly from myself. i get messages from recipients to say that 'my' e-mail has not been delivered, from address i have never heard of, so the spam-virus must be raiding other peoples mailbox. this situation is totally impossible and is wasting endless time. i can handle the virus plague, as i use mailwasher to kill all suspicious stuff in the server mailbox, but my main problem is how to get un-lacklisted by [at]aol, so that i can communicate with the many contacts i have in the us who are aol clients. royj Link to comment Share on other sites More sharing options...
Merlyn Posted May 3, 2004 Share Posted May 3, 2004 how to get un-lacklisted by [at]aol, so that i can communicate with the many contacts i have in the us who are aol clients. royj That is a question you will have to ask AOL. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.