dano Posted May 7, 2004 Share Posted May 7, 2004 The following domains have been sending out hundreds of thousands of spam emails fraudently using our domain (compucorporation.com) in the From and Reply to addresses: medsimages.com cheapcheeseeducation.com I have sent numerous emails to SpamCop, signed up for an account and forwarded an example of the bounced spam we are receiving, but we keep getting error messages stating: >SpamCop encountered errors while saving spam for processing: >SpamCop could not find your spam message in this email: Even worse, now we are receiving bounced email indicating that our domain is in your RBL! This is extremely frustrating, please email back to do[at]compucorporation.com how we can get some help dealing with this criminal spammer, and get our domain out of your RBL. Thank you. Dan Link to comment Share on other sites More sharing options...
dano Posted May 7, 2004 Author Share Posted May 7, 2004 The following domains have been sending out hundreds of thousands of spam emails fraudently using our domain (compucorporation.com) in the From and Reply to addresses: medsimages.com cheapcheeseeducation.com I have sent numerous emails to SpamCop, signed up for an account and forwarded an example of the bounced spam we are receiving, but we keep getting error messages stating: >SpamCop encountered errors while saving spam for processing: >SpamCop could not find your spam message in this email: Even worse, now we are receiving bounced email indicating that our domain is in your RBL! This is extremely frustrating, please email back to do[at]compucorporation.com how we can get some help dealing with this criminal spammer, and get our domain out of your RBL. Thank you. Dan Link to comment Share on other sites More sharing options...
Chris Parker Posted May 7, 2004 Share Posted May 7, 2004 The following domains have been sending out hundreds of thousands of spam emails fraudently using our domain (compucorporation.com) in the From and Reply to addresses: medsimages.com cheapcheeseeducation.com This sort of thing happens on a regular basis. Unless you have deep pockets you'll just have to wait it out. No responsible ISP will terminate your contact based on your domain being forged into the from/reply-to addresses in a message. I have sent numerous emails to SpamCop, signed up for an account and forwarded an example of the bounced spam we are receiving, but we keep getting error messages stating: >SpamCop encountered errors while saving spam for processing: >SpamCop could not find your spam message in this email: SpamCop is not designed to report bounce spam. Doing so may result in the termination of your SpamCop priviledges. Even worse, now we are receiving bounced email indicating that our domain is in your RBL! Please provide a copy of the error message. Spamcop does not provide support for blocking by domain name. Spamcop only publishes a list of IP addresses that have been reported as sending spam. DNS records indicate that 216.217.57.23 is responsible for your mail. That server is not listed. See: http://www.spamcop.net/w3m?action=checkblo...p=216.217.57.23 Link to comment Share on other sites More sharing options...
Spambo Posted May 7, 2004 Share Posted May 7, 2004 The following domains have been sending out hundreds of thousands of spam emails fraudently using our domain (compucorporation.com) in the From and Reply to addresses: What IP(s) are allegedly listed? compucorporation.com resolves to 216.217.57.23 (No MX records found) http://www.spamcop.net/w3m?action=checkblock&ip=216.217.57.23 says: 216.217.57.23 not listed in bl.spamcop.net Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 171.9 days. It has never been listed. Link to comment Share on other sites More sharing options...
Wazoo Posted May 7, 2004 Share Posted May 7, 2004 First of all, SpamCop doesn't work on Domain names. The IP address of the spam spew source is the issue. Parsing input: compucorporation.com host 216.217.57.23 = park01.gkg.net (cached) Reporting addresses: abuse[at]newedgenetworks.com http://www.spamcop.net/w3m?action=checkblo...p=216.217.57.23 216.217.57.23 not listed in bl.spamcop.net It has never been listed. In the past week, this system has: Been reported as a source of spam less than 10 times Been witnessed sending mail about 450 times So we have a small problem in that the data above doesn't seem to show you as being listed, but this may not be the correct IP. Maybe you have evidence in the form of a bounce/rejection message that you say you've received that would show the IP in question. I have sent numerous emails to SpamCop To whom at SpamCop? And what was asked? SpamCop holds no power over spammers to stop them from forging addresses in their spew. signed up for an account and forwarded an example of the bounced spam we are receiving, but we keep getting error messages perhaps the info at http://www.spamcop.net/fom-serve/cache/19.html would get you started on figuring out how to actually gather enough data to submit a good spam complaint so that the parsing engine could work on it? A bit of confusion in this Topic, as "dano" posted first over in "E-Mail" and had a response over there .... then for some reason posted the same query in "Help" which also garned some responses .... Merged both Topics into this existing one in "Help" Link to comment Share on other sites More sharing options...
Miss Betsy Posted May 7, 2004 Share Posted May 7, 2004 Spamcop blocklist (and the reporting that leads to listing) deals *only* in IP addresses. It does not deal with domain names. It is common for spammers to forge the From and Reply to fields with different names. Most people who deal with blocking spam realize that those are forgeries. Some consumers use Mailwasher to bounce them which sends them all to you. Other ISP's use bounce emails to report non-deliverable email and they also come to you. It is against spamcop rules to report these bounces (though many people do report them on their own). If you tried to report bounces, perhaps that's why you got errors (I forget what spamcop says when it sees a bounce). OTOH, many new spamcop reporters do not 'forward as attachment' which causes errors. There are different ways to forward depending on the kind of email reader you use and descriptions are in the spamcop FAQ. If 216.217.57.23 is your IP address, it is not listed in bl.spamcop.net, but there is a spam sample for 4/29. It looks like garden variety spam. If so, then either you share the mail server with someone who is spamming or your computer has been compromised and the spammer is using it to send spam. There is no way to 'get out of the bl' until the spam stops being reported. Then the IP address drops out of the blocklist (the maximum it takes is 48 hours). Please post back and confirm the IP address that is being blocked. It has nothing whatsoever to do with the forgeries. If your computer is compromised, then you will need to fix it or you will end up on the blocklist again when the spammer uses it again. Miss Betsy Link to comment Share on other sites More sharing options...
Merlyn Posted May 8, 2004 Share Posted May 8, 2004 What makes you think you are blocked? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.