vookenmeister Posted February 3, 2004 Posted February 3, 2004 Hi.... I'm sending this post for 2 reasons. 1) Complain about deputies[at]spamcop.net 2) Summarize my post about my trials over the last 2 days of figuring why our business mail server was blacklisted. good news is we have 1 hour left till we are FREE... ------------------------- 204.194.72.241 listed in bl.spamcop.net (127.0.0.2) Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 99.0 days. It has been listed for 47 hours. ------------------------- in an hour, I can stop redirecting our corporate email over slow links and send it back to our main server and out our 100M ethernet internet connection. Deputies[at]spamcop.net. I sent an email and got a short, less than helpful reply. I sent a reply to their reply and never heard back. Summary - we got blacklisted with no warning or reason. I found out due to a bounced email. - i visited spamcop.net and entered our IP, 204.194.72.241. it said we had received less than 10 complaints from less than 10 users. what does that mean? 1 user complained. 7? Certainly can;t tell. Especially, because the example trail on the site was anonymous. - so no warnings due to a mole and no evidence on what caused it. Great! - i sent an email to bl[at]admin.spamcop.net for help - NO REPLY for hours - visited this forum (BINGO!!!). Special thanks to those who helped. - got some excellent advice. - was told to email deputies[at]spamcop.net for the evidence - got the evidence and asked for more guidance. <crickets chirping> yes, silence is all I got. no reply back from deputies Apparently multiple times our mail server received emails to invalid recipients and sent bounce messages back to the from address (probably forged by Mydoom). we deny email to invalid users BEFORE checking for viruses. We do not send virus notifications. Anyways, one of these forged from addresses, must have been a spamtrap or mole. (which is why we got ZERO notice and there was ZERO evidence) The "mole" reported our server and we got added to the blacklist. Explained the issue to deputies but was told we would be delisted in 48 hours. Great. Thanks for nothing!!! Anyways, having an architecture discussion in the morning with our CIO. Apparently, SOLELY because of spamcop (we are not delisted anywhere elseon the Internet), we need to do one of two things: 1) Stop sending bounces for emails delivered to unknown recipients. 2) Find a way to deny the email via smtp rejection codes at our perimeter. We'd prefer #2. however, I don't think it's technically possible since our outside MX server simply accepts emails, checks it for spam, and then forwards it to our internal mail server (which checks for viruses and unknown recipients). LASTLY, SPECIAL THANKS TO THIS FORUM. I haven't gotten much real work done, but I learned a lot. - paul
Recommended Posts
Archived
This topic is now archived and is closed to further replies.