kpcom Posted January 27, 2005 Share Posted January 27, 2005 Greetings everyone, About two days ago, I received a bounced e-mail from a domain which has been using the filter/block list from spamcop.net. I was wondering why was the e-mail bounced when the IP of my ISP IMSS server was not listed in the block list (nor can I find any information why it was blocked in the first place). I really appreciate it if anyone could help me get more information/interpretation regarding this matter. The following are the contents of the bounced e-mail: > This is the Postfix program at host 202.160.21.82. > > I'm sorry to have to inform you that your message could not be > be delivered to one or more recipients. It's attached below. > > For further assistance, please send mail to <postmaster> > > If you do so, please include this problem report. You can > delete your own text from the attached returned message. > > The Postfix program > > <xxxxxxxxx[at]bisnesscenter.com>: host ms2.mail-shield.com[69.72.142.134] said: > 550-rejected because 202.160.21.82 is in a black list at bl.spamcop.net > 550 > Blocked - see http://www.spamcop.net/bl.shtml?202.160.21.82 (in reply to > RCPT TO command) Thanks. Regards, kpcom Link to comment Share on other sites More sharing options...
dra007 Posted January 27, 2005 Share Posted January 27, 2005 There is some interesting data in SenderBase which suggests there may be indeed a problem with that IP: Volume Statistics for this IP Magnitude Vol Change vs. Average Last day 4.9 640% Last 30 days 4.8 489% Average 4.0 The large increase in volume suggests the system behind the IP may be compromized. Link to comment Share on other sites More sharing options...
Wazoo Posted January 27, 2005 Share Posted January 27, 2005 Two days is a long time, especialy noting that one can no longer report spam older than 2 days, and 2 days is also the age-off time for a SpamCopDNSBL listing after the spew stops. Yes, that IP is not listed now. However, it very well could have been at the time that e-mail was sent. There could also be a configuration problem at the recipient ISP, such that the e-mail was blocked for some reason, but the error message wrongly identified SpamCop. However, the signs that dra007 points to are historically pointing to a probable problem situation. That SenderBase page notes 71 domains hosted, but then lists 58 identifed e-mail servers.... is the IP address you show in your rejected sample only serveing "you" or is it a shared system? Have you asked your ISP or the other ISP for any assistance or data? Have you re-sent the e-mail to see if the problem is "clear" .. based on the current "not listed" status ? Link to comment Share on other sites More sharing options...
kpcom Posted January 27, 2005 Author Share Posted January 27, 2005 Thank you very much for the replies. The server serves all the local users and right now it seems that the domain had lifted the blockage. Regards Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.