OPAbuse Posted November 13, 2013 Posted November 13, 2013 Hello! I work with an ESP that sends marketing and transactional email on behalf of our clients. We send emails in a round robin fashion over a shared pool. Meaning that multiple senders are using all of the same IPs. We're getting notifications that our IPS are hitting spamtraps but without any evidence to go on there isn't much we've been able to deduce. We're partners with Returnpath and are trying to locate the user hitting traps by setting each of our lowest seeding 20% of senders on a seperate IP so we can isolate the account hitting traps and then can kick them off our system but that's not working. Does anyone have any wisdom for we can isolate a possible offender to remove them from using our software?
Derek T Posted November 13, 2013 Posted November 13, 2013 Hello! I work with an ESP that sends marketing and transactional email on behalf of our clients. We send emails in a round robin fashion over a shared pool. Meaning that multiple senders are using all of the same IPs. We're getting notifications that our IPS are hitting spamtraps but without any evidence to go on there isn't much we've been able to deduce. We're partners with Returnpath and are trying to locate the user hitting traps by setting each of our lowest seeding 20% of senders on a seperate IP so we can isolate the account hitting traps and then can kick them off our system but that's not working. Does anyone have any wisdom for we can isolate a possible offender to remove them from using our software? Please supply a IP address. We can't help without one.
turetzsr Posted November 13, 2013 Posted November 13, 2013 ...And I suspect that since S_pam Traps are involved we will not be able to help much even with the IP address. My suggestion would be to write to the SpamCop Deputies at deputies[at]admin.spamcop.net and include some evidence that you have administrative responsibility for the IP address that is hitting the S_pam Traps. Do not expect too much information from the deputies (they zealously guard the identities of the S_pam Traps) but hopefully they will be able to provide enough information to point you in the right direction. ...Although I do not know whether it will help, you may wish to peruse what seem to be the likely articles in the SpamCop FAQ (links to which appear near the upper left of each SpamCop Forum page) labeled "Help for abuse-desks and administrators." ...Good luck!
Farelf Posted November 14, 2013 Posted November 14, 2013 ...Does anyone have any wisdom for we can isolate a possible offender to remove them from using our software? If the IP addresses are listing in the CBL (http://cbl.abuseat.org/lookup.cgi) you might find enough information if you have all outgoing logged - but it isn't sounding particularly like a botnet.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.