Sreiser Posted August 13, 2004 Share Posted August 13, 2004 Hello, I just contacted the president of my ISP late tonight and emailed FTC.GOV about SPMACOP.NET. Not only did SpamCop.net prevent email to a friend but somehow interfered with me emailing to support[at]wispertel.net and I have an email account at wispertel.net. Furthermore, the reason listed here by SpamCop.net at this link: http://www.spamcop.net/w3m?action=blcheck&ip=38.116.135.226 .... is a lie. Causes of listing System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop) Additional potential problems (these factors do not directly result in spamcop listing) DNS error: 38.116.135.226 is secure.wispertel.net but secure.wispertel.net is 66.250.22.25 instead of 38.116.135.226 Listing History It has been listed for 47 hours This is a lie because 66.250.22.25 is NOT secure.wispertel.net, but it is DNS.wispertel.net. As far as I am concerned SpamCop.net is FAR WORSE than the spam it's supposed to stop and I think Spammers belong in jail. Anyway, I would like to see action taken against such an abusive organization as SPAMCOP.NET. Steve Link to comment Share on other sites More sharing options...
Sreiser Posted August 13, 2004 Author Share Posted August 13, 2004 Additionally, if Spamcop.net doesn't take remedial action, my next step is to contact my senators and congressmen at both the state and federal level about SpamCop.net. Link to comment Share on other sites More sharing options...
dra007 Posted August 13, 2004 Share Posted August 13, 2004 Did you have a good time venting your rage? Seems no one cares! Link to comment Share on other sites More sharing options...
Derek T Posted August 13, 2004 Share Posted August 13, 2004 Which part of: Pinned: Why Am I Blocked? FAQ Please read before posting did you not understand? Link to comment Share on other sites More sharing options...
louisd Posted August 13, 2004 Share Posted August 13, 2004 These are my favorite posts. I can't wait for your sentor an congressman to return from summer recess and do something about perfectly legal organizations such as Spamcop. I'm sure they won't be distracted by the presidential election, terrorism or things that they can actually control. I'm quite sure your dissatisfaction that some of your correspondants are not accepting your mail will be the first thing on their list. I would warn your ISP and friend as I would expect that congress will get the FBI involved and they'll be arrested for using a blocklist on their e-mail and probably sent to Guantanemo Bay with the rest of those that have done things this important. BTW -- You have much bigger problems tham the Spamcop list, your IP is also listed on SPEWS as a Richter address. Spamcop you'll drop off of, SPEWS on the other hand... Good luck. You're also on a few others (PSand based on the evidence, it seems quite appropriately. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted August 13, 2004 Share Posted August 13, 2004 This is a lie because 66.250.22.25 is NOT secure.wispertel.net, but it is DNS.wispertel.net. You need to check your reading skills. First of all, the DNS part does not lead to your listing, the sending messages (probably without your knowledge) to spamcops spamtrap addresses does. DNS error: 38.116.135.226 is secure.wispertel.net but secure.wispertel.net is 66.250.22.25 instead of 38.116.135.226 Second of all this does NOT say that (rDNS) 66.250.22.25 is secure.wispertel.net. It says (rDNS) 38.116.135.226 is secure.wispertel.net, which it is: C:\>nslookup > 38.116.135.226 Name: secure.wispertel.net Address: 38.116.135.226 and it says (DNS) secure.wispertel.net is 66.250.22.25, which it is: > secure.wispertel.net Name: secure.wispertel.net Address: 66.250.22.25 The DNS and rDNS should be the same information, which they are not. You are correct that (rDNS) 66.250.22.25 is dns.wispertel.net: > 66.250.22.25 Name: dns.wispertel.net Address: 66.250.22.25 but that is another DNS error because dns.wispertel.net is actually 66.250.22.4: > dns.wispertel.net Name: dns.wispertel.net Address: 66.250.22.4 Link to comment Share on other sites More sharing options...
dbiel Posted August 13, 2004 Share Posted August 13, 2004 BTW -- You have much bigger problems tham the Spamcop list, your IP is also listed on SPEWS as a Richter address. Spamcop you'll drop off of, SPEWS on the other hand... Good luck. You're also on a few others and based on the evidence, it seems quite appropriately. 15091[/snapback] And just to clarify, with SpamCop it does not matter how bad you have been in the past, if your server stops sending out spam or bouncing messages to spamtraps, then in a very short time (days not months) you will be automaticly dropped off the SpamCop list, no request required. It just happens by itself. And if your server has not been a serious violator, the time to drop off the list can become hours instead of days. It's all automatic based on a complex formula For more information see FAQ: What is on the list? Link to comment Share on other sites More sharing options...
Sreiser Posted August 13, 2004 Author Share Posted August 13, 2004 Hi. This is the qmail-send program at secure.wispertel.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <support[at]velocitywest.com>: 206.123.77.37 does not like recipient. Remote host said: 451 Blocked - see http://www.spamcop.net/bl.shtml?38.116.135.226 Giving up on 206.123.77.37. I'm not going to try again; this message has been in the queue too long. --- Below this line is a copy of the message. Return-Path: <avatar[at]wispertel.net> Received: (qmail 27923 invoked by uid 89); 12 Aug 2004 20:21:11 -0600 Delivered-To: wispertel.com-support[at]wispertel.com Received: (qmail 27921 invoked by uid 89); 12 Aug 2004 20:21:11 -0600 Delivered-To: support[at]wispertel.net Received: (qmail 27906 invoked from network); 12 Aug 2004 20:21:11 -0600 Received: from unknown (HELO ?192.168.0.100?) (38.116.140.252) by secure.wispertel.net with SMTP; 12 Aug 2004 20:21:11 -0600 Mime-Version: 1.0 X-Sender: avatar[at]wispertel.net[at]mail.wispertel.net Message-Id: <p06110402bd41d7600c67[at][192.168.0.100]> Date: Thu, 12 Aug 2004 20:27:51 -0600 To: support[at]wispertel.net From: Steven Reiser <avatar[at]wispertel.net> Subject: Hope this gets to you Content-Type: text/plain; charset="us-ascii" ; format="flowed" Hello, Lastnight I tried to email you an some site called "Spamcop.net wouldn't even let me talk to my own ISP and my email was rejected by Wispertel.net Steve Link to comment Share on other sites More sharing options...
Bumpkin Posted August 13, 2004 Share Posted August 13, 2004 Quoting the OP: Furthermore, the reason listed here by SpamCop.net at this link: http://www.spamcop.net/w3m?action=blcheck&ip=38.116.135.226 .... is a lie. 38.116.135.226 not listed in bl.spamcop.net Ouch. BUT...... From spews: 38.116.131.0 - 38.116.150.255, Cogent (Eddy Marin / SCR Concepts inc / OmniPointMarketing.com) Link: http://spews.org/ask.cgi?S373 From PSBL: Query Results Currently listed in PSBL? Yes. spam and removal history for 38.116.135.226 (times in UTC): Thu Aug 12 01:07:30 2004 spamtrap hit Not real sure your problem is with SpamCop.net at this point. If your own ISP is blocking you, you may just want to pick up the phone to find out why. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted August 13, 2004 Share Posted August 13, 2004 Please return to your original post and see the followups there http://forum.spamcop.net/forums/index.php?...075entry15075 Link to comment Share on other sites More sharing options...
dra007 Posted August 13, 2004 Share Posted August 13, 2004 wow...Eddy Marin...I've heard that name before.... Attention K-Mart shoppers.... Link to comment Share on other sites More sharing options...
Sreiser Posted August 14, 2004 Author Share Posted August 14, 2004 Did you have a good time venting your rage? Seems no one cares! 15077[/snapback] Yes, it was absolutely thrilling!!!! Thank you! Actually both myself and my ISP did care and got it resolved. Link to comment Share on other sites More sharing options...
Sreiser Posted August 14, 2004 Author Share Posted August 14, 2004 Which part of: did you not understand? 15079[/snapback] Derek, I read the FAQ and it did NOT address my issue at all. Steve Link to comment Share on other sites More sharing options...
Wazoo Posted August 14, 2004 Share Posted August 14, 2004 I read the FAQ and it did NOT address my issue at all. Steve That's pretty hard to believe, but then again, you start with a rant, end with a little whimper about the issue being handled. If the FAQ doesn't cover your situation, how about explaining so that the FAQ can be updated to address your alleged problem? Link to comment Share on other sites More sharing options...
Sreiser Posted August 14, 2004 Author Share Posted August 14, 2004 That's pretty hard to believe, but then again, you start with a rant, end with a little whimper about the issue being handled. If the FAQ doesn't cover your situation, how about explaining so that the FAQ can be updated to address your alleged problem? 15169[/snapback] Hi, I did not see anything in your FAQ saying SPAMCOP.NET blocks ISPs who happen to get blasted with viruses in email that get forwarded to an innocent unknowing end users email addresses list and then forwarded to the addresses in the last. That is the reason SpamCop.net blocked our ISP. I work for a major computer corporation IT department where we have three servers filtering all inbound email quite effectively. Hence, I am quite sick of spam and I want to see it ended as bad as you do, and if you are following what the w3 consortium is considering, there are couple options using IDs to validate either the domain or the user (one from Microsoft as well) that should do some serious damage to the SPAMMER market. Anyway, I just hope SpamCop.net blocks more REAL spam and not my whole ISP because endusers addresses get used against there will to forward viruses. Is that too unreasonable? Steve Link to comment Share on other sites More sharing options...
Wazoo Posted August 14, 2004 Share Posted August 14, 2004 Sorry, then I would have to state that you didn't read the "Why am I Blocked" FAQ ... that scenario is in there a number of times Link to comment Share on other sites More sharing options...
Derek T Posted August 14, 2004 Share Posted August 14, 2004 I work for a major computer corporation IT department I do hope, for their sake, that this is in an honorary capacity. To think that anyone actually pays you, given the level of ignorance and cluelessness you have demonstrated here, beggars belief. You still confuse IP with ISP, for example and still accuse spamcop of blocking when it doesn't and can't. Perhaps we need to reduce the reading-age level of the FAQ? Link to comment Share on other sites More sharing options...
WB8TYW Posted August 14, 2004 Share Posted August 14, 2004 Hi, I did not see anything in your FAQ saying SPAMCOP.NET blocks ISPs who happen to get blasted with viruses in email that get forwarded to an innocent unknowing end users email addresses list and then forwarded to the addresses in the last. That is the reason SpamCop.net blocked our ISP. Your own post said that the I.P. address was sending to spam traps. Which means that instead of using SMTP rejects for undelived e-mail, the mail servers generating auto-responses to usually forged addresses. Every time a new virus comes out, mail servers configured to generate bounces instead of using SMTP rejects effectively cause a denial of service attack on other mail servers and users. I have seen several users posting on usenet forums including spamcop ones, that they have lost real mail because they could not deleted the misdirected bounces fast enough. Some mail servers have been overloaded by such bounce attacks resulting from spam and viruses. The mail servers for test.com is an example. Even worse if if the mail server has a virus scanner that sends notifications to these addresses. According to posts on usenet AOL.COM has publically recognized that generating bounces is abusive, and has stated that on the spam-L mailing list that they are converting their mail servers to only do SMTP rejects. I work for a major computer corporation IT department where we have three servers filtering all inbound email quite effectively. Your postings indicate that you have not even done elementary research on the issue that you are posting about, or even about how e-mail works. Bouncing spam or viruses enough to get listed in spamtraps usually means that the mail server is poorly configured in it's spam control. Over 80% of the incoming spam can be rejected at the border mail server just by using conservative DNSbls, such as sbl-xbl.spamhaus.org, open proxy databases. So there is no reason the content from those listed I.Ps to ever make it into the mail servers. Filtering mail by content is inefficient spam control, and from all the mail servers I get mail on, the ones that use content filtering leak the largest amount of spam, and lose or reject the largest amount of real e-mail, and generate the most user complaints. The only reason that this is usually not noticed is that in most filtering systems, the e-mail is silently deleted, with neither the sender or the receiver knowing that the mail did not get read, and the users have decided that complaining to their IT department is useless, so they are using webmail accounts as a backup, which can result in confidential company e-mail sitting on external public servers. In the case of some U.S. businesses, for some employees, that is a violation of SEC regulations. If the mail server issues SMTP rejects when it determines that the incoming e-mail is spam or a virus, then the sending mail server will notify a real sender about the issue. Then someone will investigate. Usually when a real mail server is listed by an user reporing error, a polite request will get it delisted quickly. spam trap hits means a mail server configuration problem, and I have not seen actions from deputies for any manual overides unless they can determine it was a multi-hop exploit where the spamcop.net parser made a mistake. Sometimes if a deputy can be convinced that the mail server has been fixed to no longer send the mail to spam traps, there appears to also have been accellerated delistings. But then it would be a case where the deputy was in direct communcations with the ISP operating a mail server. That seems to happen rarely. A spamcop.net listing is as short as 1/2 hour and as much as 48 hours based on many factors measured for that I.P. address. The spam hit rate has to hit over 2% of the measured volume for a listing. For any commercial ISP to get their mail servers listed, they are going to have to bounce an quite a bit of spam or viruses. A spamtrap hit counts as two hits in the scoring. Hence, I am quite sick of spam and I want to see it ended as bad as you do, and if you are following what the w3 consortium is considering, there are couple options using IDs to validate either the domain or the user (one from Microsoft as well) that should do some serious damage to the SPAMMER market. You are again showing that you have done less research on the issue than one would get from browsing popular computer magazines, and since they are only trying to convince people to buy filtering software, they are completely ignoring proven and effective spam control methods. If you are really working in an IT department and have any responsibiities in the configuration of computers, you are way behind in your studies, especially anything to do with mail servers. While some of the plans show promise, they are not complete solutions, and will only prevent domains from being forged. Currently they also break any e-mail forwarding services. Essentially they are are request for the receivers to whitelist a set of I.P. addresses. They do nothing to stop the bulk of spam that is hitting the mail servers, unless you want to stop receiving e-mail from everyone execept a few white listed hosts. And some spammers control DNS servers so can easily shift to become compliant with the proposed systems. Of course those spammers are usually listed with the conservative DNSbls as soon as their presence on an I.P. address gets known. Anyway, I just hope SpamCop.net blocks more REAL spam and not my whole ISP because endusers addresses get used against there will to forward viruses. Is that too unreasonable? 15171[/snapback] If you can convince your ISP to use RFC compliant SMTP rejects, like AOL.COM has stated it is doing, then it should not get listed anywhere unless it is directly allowing spam to be sent. Anything that auto-responds to spam or viruses is going to have increasing problems communicating to the rest of the internet, as professtional mail server operators know that there is no reason for doing this. Many of the spamcop.net users whish that they could use spamcop.net to report such abusive mail servers that bounce, instead of only being protected when they start bouncing spam/viruses to spamtraps, so I would not expect many posters to support your point of view. http://www.moensted.dk/spam/?addr=38.116.1...6&Submit=Submit Your ISP is currently on: http://psbl.surriel.com/listing?ip=38.116.135.226 - Spamtrap hit. SPEWS both level 1 and level 2. ! [1] MARIN, see http://spews.org/ask.cgi?S373 !!!!!!! [2] Scott Richter/optinbig/WholesaleBandwidth, see http://spews.org/ask.cgi?S511 -John Personal Opinion Only Link to comment Share on other sites More sharing options...
turetzsr Posted August 20, 2004 Share Posted August 20, 2004 I work for a major computer corporation IT department15171[/snapback] I do hope, for their sake, that this is in an honorary capacity. To think that anyone actually pays you, given the level of ignorance and cluelessness you have demonstrated here, beggars belief. <snip> 15180[/snapback] Derek, ...I can't speak for the OP but as someone else who "work for a major computer corporation IT department," I want to let you know that not all of us IT employees are experts in e-mail and/ or datacomm. Personally, I develop and support internal internet-based applications and am pretty much self-taught (and, as you will know if you've been reading my posts in these fora still very ignorant about) e-mail and datacomm. Link to comment Share on other sites More sharing options...
Derek T Posted August 20, 2004 Share Posted August 20, 2004 Derek, ...I can't speak for the OP but as someone else who "work for a major computer corporation IT department," I want to let you know that not all of us IT employees are experts in e-mail and/ or datacomm. Personally, I develop and support internal internet-based applications and am pretty much self-taught (and, as you will know if you've been reading my posts in these fora still very ignorant about) e-mail and datacomm. 15479[/snapback] Fair enough but this is someone who claims to have read the FAQ......... I did not see anything in your FAQ saying SPAMCOP.NET blocks ISPs who happen to get blasted with viruses in email that get forwarded to an innocent unknowing end users email addresses list and then forwarded to the addresses in the last. That is the reason SpamCop.net blocked our ISP. leaving aside the fact that he'd been told umpteen times that SpamCop blocks nothing, this is the very first sentence in the FAQ......... Why Am I Blocked? Probable Causes If your email has suddenly been blocked by the SpamCop blocklist, it is probably because you share an IP address with other email users and there is someone who: * is using auto-responses that are replying to spam with forged spamtrap email addresses (such as Out-of-Office/Vacation notices, virus notifications, and 'created email' bounces); totally bl**dy clueless, I wouldn't pay him out in buttons. Link to comment Share on other sites More sharing options...
Merlyn Posted August 20, 2004 Share Posted August 20, 2004 Hi, I did not see anything in your FAQ saying SPAMCOP.NET blocks ISPs who happen to get blasted with viruses in email that get forwarded to an innocent unknowing end users email addresses list and then forwarded to the addresses in the last. That is the reason SpamCop.net blocked our ISP. I work for a major computer corporation IT department where we have three servers filtering all inbound email quite effectively. Hence, I am quite sick of spam and I want to see it ended as bad as you do, and if you are following what the w3 consortium is considering, there are couple options using IDs to validate either the domain or the user (one from Microsoft as well) that should do some serious damage to the SPAMMER market. Anyway, I just hope SpamCop.net blocks more REAL spam and not my whole ISP because endusers addresses get used against there will to forward viruses. Is that too unreasonable? Steve Steve 15171[/snapback] Sounds like another clueless BOFH. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.