sweb_admin Posted October 21, 2004 Share Posted October 21, 2004 We have big smtp server with many accounts. Sometimes our clients send spam. How I can view headers of spam mails for what our server listed in Spamcop? We fight with spammers , but we need know who send spam. Link to comment Share on other sites More sharing options...
Derek T Posted October 21, 2004 Share Posted October 21, 2004 Reports are sent to the registered abuse address. Make sure yours is up-to-date. Link to comment Share on other sites More sharing options...
turetzsr Posted October 21, 2004 Share Posted October 21, 2004 Reports are sent to the registered abuse address. Make sure yours is up-to-date.19089[/snapback] ...The abuse address to which SpamCop will send its reports can be found by using URL http://www.spamcop.net/sc?track=<IPaddr>, replacing "<IPaddr>" with the IP address of your outbound e-mail server. Link to comment Share on other sites More sharing options...
Wazoo Posted October 21, 2004 Share Posted October 21, 2004 If reports have been sent, the spam is within the complaint. If you are not finding reports, then the listing would be due to spamtrap hits, which do not generate reports. (Had you provided an IP address to look at, we could see what caused the listing.) If due to spamtrap hits, a note to Deputies <at> admin.spamcop.net may get some data provided to help your search. Link to comment Share on other sites More sharing options...
Merlyn Posted October 21, 2004 Share Posted October 21, 2004 sweb rings a bell. I think I remember you or someone from sweb in the newsgroup some time back. I will have to search. Anyhow..... Wow we have a slew of things to search for: Resolved sweb.com to 209.82.178.172 [sweb.com has 4 MX records mail.sweb.com.(1) spam-fw-1.atlga1.skiplink.net.(5) ion.sweb.com.(7) ultrafunky.com.(10)] Resolved mail.sweb.com to 208.254.247.4 mail.sweb.com has no MX records -> [sweb.com has 4 MX records spam-fw-1.atlga1.skiplink.net.(5) ion.sweb.com.(7) ultrafunky.com.(10) mail.sweb.com.(1)] Not in Spamcop Resolved spam-fw-1.atlga1.skiplink.net to 209.82.178.10 spam-fw-1.atlga1.skiplink.net has no MX records -> atlga1.skiplink.net has no MX records -> [skiplink.net has 2 MX records backup-mx-1.atlga1.skiplink.net.(20) spam-fw-1.atlga1.skiplink.net.(10)] Not in Spamcop Resolved backup-mx-1.atlga1.skiplink.net to 198.177.254.137 backup-mx-1.atlga1.skiplink.net has no MX records -> atlga1.skiplink.net has no MX records -> [skiplink.net has 2 MX records spam-fw-1.atlga1.skiplink.net.(10) backup-mx-1.atlga1.skiplink.net.(20)] Not in Spamcop Resolved ion.sweb.com to 209.82.178.172 ion.sweb.com has no MX records -> [sweb.com has 4 MX records mail.sweb.com.(1) spam-fw-1.atlga1.skiplink.net.(5) ion.sweb.com.(7) ultrafunky.com.(10)] Not in Spamcop Resolved ultrafunky.com to 66.23.211.137 ultrafunky.com has no MX records Not in Spamcop Well, I can't find you listed Which sweb are you talking about and what IP? Link to comment Share on other sites More sharing options...
sweb_admin Posted October 22, 2004 Author Share Posted October 22, 2004 Thanks a lot. By the way, we're russians, so sweb.ru. Link to comment Share on other sites More sharing options...
Wazoo Posted October 22, 2004 Share Posted October 22, 2004 Offering up the IP address in question would have been so much easier for all concerned ... sweb.ru MX (Mail Exchanger) Priority: 30 mx2.spaceweb.ru sweb.ru MX (Mail Exchanger) Priority: 20 mx1.spaceweb.ru mx1.spaceweb.ru A (Address) 81.222.135.64 mx1.spaceweb.ru A (Address) 81.222.135.67 mx1.spaceweb.ru A (Address) 81.222.135.68 mx1.spaceweb.ru A (Address) 81.222.135.69 mx2.spaceweb.ru A (Address) 81.222.134.2 81.222.135.64 listed in bl.spamcop.net 81.222.135.67 not listed in bl.spamcop.net 81.222.135.68 not listed in bl.spamcop.net 81.222.135.69 not listed in bl.spamcop.net 81.222.134.2 not listed in bl.spamcop.net cannot find an mx for mx1.spaceweb.ru 81.222.135.69 is an mx ( 20 ) for spaceweb.ru Causes of listing System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop) Next step already addressed within the "Why am I Blocked" pinned item, FAQ, and my previous reponse in this Topic. Link to comment Share on other sites More sharing options...
Merlyn Posted October 22, 2004 Share Posted October 22, 2004 I hope this helps you. Resolved sweb.ru to 81.222.134.9 [sweb.ru has 2 MX records mx1.spaceweb.ru.(20) mx2.spaceweb.ru.(30)] SORBS spam and Open Relay Blocking System: Aggregate zone: dnsbl.sorbs.net -> 127.0.0.6 spam Received See: http://www.dnsbl.sorbs.net/lookup.shtml?81.222.134.9 SORBSSPAM List of hosts that have been noted as sending spam/UCE/UBE to the admins of SORBS. : spam.dnsbl.sorbs.net -> 127.0.0.6 spam Received See: http://www.dnsbl.sorbs.net/lookup.shtml?81.222.134.9 SORBSSPEWS-L1 spam Prevention Early Warning System - Level 1 Mirror: l1.spews.dnsbl.sorbs.net -> 127.0.0.2 ! [1] eltel, see http://spews.org/ask.cgi?S1432 SORBSSPEWS-L2 spam Prevention Early Warning System - Level 2 Mirror: l2.spews.dnsbl.sorbs.net -> 127.0.0.2 ! [1] eltel, see http://spews.org/ask.cgi?S1432 DNSBLAUSPEWS spam Prevention Early Warning System: spews.dnsbl.net.au -> 127.0.0.2 81.222.134.9 See http://spews.org/ and http://www.dnsbl.net.au/spews/ BUSSPEWS spam Prevention Early Warning System: spews.blackholes.us -> 127.1.0.1 [1] eltel, see http://spews.org/ask.cgi?S1432 ------------------------------------------------------------------------------ Resolved mx1.spaceweb.ru to 81.222.135.68 to 81.222.135.69 to 81.222.135.64 to 81.222.135.67 SORBS spam and Open Relay Blocking System: Aggregate zone: dnsbl.sorbs.net -> 127.0.0.6 spam Received See: http://www.dnsbl.sorbs.net/lookup.shtml?81.222.135.67 SORBSSPAM List of hosts that have been noted as sending spam/UCE/UBE to the admins of SORBS. : spam.dnsbl.sorbs.net -> 127.0.0.6 spam Received See: http://www.dnsbl.sorbs.net/lookup.shtml?81.222.135.67 SORBSSPEWS-L1 spam Prevention Early Warning System - Level 1 Mirror: l1.spews.dnsbl.sorbs.net -> 127.0.0.2 ! [1] eltel, see http://spews.org/ask.cgi?S1432 SORBSSPEWS-L2 spam Prevention Early Warning System - Level 2 Mirror: l2.spews.dnsbl.sorbs.net -> 127.0.0.2 ! [1] eltel, see http://spews.org/ask.cgi?S1432 DNSBLAUSPEWS spam Prevention Early Warning System: spews.dnsbl.net.au -> 127.0.0.2 81.222.135.67 See http://spews.org/ and http://www.dnsbl.net.au/spews/ BUSSPEWS spam Prevention Early Warning System: spews.blackholes.us -> 127.1.0.1 [1] eltel, see http://spews.org/ask.cgi?S1432 ----------------------------------------------------------------------------------------- Resolved mx2.spaceweb.ru to 81.222.134.2 SORBS spam and Open Relay Blocking System: Aggregate zone: dnsbl.sorbs.net -> 127.0.0.6 spam Received See: http://www.dnsbl.sorbs.net/lookup.shtml?81.222.134.2 SORBSSPAM List of hosts that have been noted as sending spam/UCE/UBE to the admins of SORBS. : spam.dnsbl.sorbs.net -> 127.0.0.6 spam Received See: http://www.dnsbl.sorbs.net/lookup.shtml?81.222.134.2 SORBSSPEWS-L1 spam Prevention Early Warning System - Level 1 Mirror: l1.spews.dnsbl.sorbs.net -> 127.0.0.2 ! [1] eltel, see http://spews.org/ask.cgi?S1432 SORBSSPEWS-L2 spam Prevention Early Warning System - Level 2 Mirror: l2.spews.dnsbl.sorbs.net -> 127.0.0.2 ! [1] eltel, see http://spews.org/ask.cgi?S1432 DNSBLAUSPEWS spam Prevention Early Warning System: spews.dnsbl.net.au -> 127.0.0.2 81.222.134.2 See http://spews.org/ and http://www.dnsbl.net.au/spews/ DRBL-WORK-BILIM Distributed RBL node: bilim-systems.net: work.drbl.bilim-systems.net -> 127.0.0.2 BUSSPEWS spam Prevention Early Warning System: spews.blackholes.us -> 127.1.0.1 [1] eltel, see http://spews.org/ask.cgi?S1432 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.