taphilo Posted April 28, 2004 Share Posted April 28, 2004 Hi, I own taphilo.com which is hosted at Interland in Atlanta, so there are multiple people sharing that IP mail server. Query bl.spamcop.net - 18.104.22.168 22.214.171.124 is imta06a2.registeredsite.com (Help) (Trace IP) (Senderbase lookup) 126.96.36.199 listed in bl.spamcop.net (127.0.0.2) Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 62.2 days. In the past 19.3 days, it has been listed 3 times for a total of 2.4 days In the past week, this system has: Been reported as a source of spam less than 10 times Been witnessed sending mail about 20 times Other hosts in this "neighborhood" with spam reports: 188.8.131.52 184.108.40.206 Now also I saw nobug.org (my local users group) being spoofed as well as my work bpa.gov domain being spoofed in spam and all were listed in spamcop as a spam domain. Since, from I read in here, if I did read it correctly, that any domain drops off after 48 hours of inactivity but from what I can see most of the people reporting seem to be pretty ignornant at looking at headers and reporting spam. They seem to label it immediately and never look at headers as to where it really originted from. Nor do they have multiple e-mail accounts to see if the same message with different return addresses from the same domain were recieved (which I can spot easily having multiple e-mail accounts on my own domain). To me that means that my, and others on that mail server, will all be listed pretty regularlly - 20 % if the time - due to people reporting randomly without knowing what they are doing. Last month I got bounced messages when I sent out meeting notices for Portland NOBUG user group meeting from my account. One receipient USES SPAMCOP (TNT Software here in Portland) and he happens also to be the President of NOBUG and of course the e-mails I send to HIM all bounce! I just sent out anothe mailing from taphilo.com and his e-mail just bounced back - hence me being here. I control taphilo.com, and nobug.org (hosted at Easystreet here in Portland Oregon) mail accounts for sending and I got around 30 bounced spam messages in various mail accounts over the last two weeks. All supposedly having been sent from those domains and I can tell that none were sent. It is amusing to get an e-mail from administrator[at]taphilo.com (and I have no account there with that name) to my own personal account telling me about an important message from the domain owner. It seems that when I forwarded our security office at Bonneville Power Administration (BPA.GOV) that a message I sent TO a TNT software e-mail account (the NOBUG president) was bounced because BPA was being labeled a spam domain it was IMEEDIATELY removed from the list - none of this 48 hour stuff. I guess Kevin being a federal security agent has more pull on removing domains than us mere federal employees. So, am I right that once listed in SPAMCOP that I pretty much have to live with having mail blocked 20% of the time? That spammers spoofing a domain can effecitvy put up a DOS against any domain of mail delivery once enough people using SPAMCOP blindly label a spoofed return mail address as spam? Tom Philo Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.