Jump to content
Sign in to follow this  
kpcom

ISP Blocklist Help

Recommended Posts

Greetings everyone,

About two days ago, I received a bounced e-mail from a domain which has been using the filter/block list from spamcop.net. I was wondering why was the e-mail bounced when the IP of my ISP IMSS server was not listed in the block list (nor can I find any information why it was blocked in the first place). I really appreciate it if anyone could help me get more information/interpretation regarding this matter. The following are the contents of the bounced e-mail:

> This is the Postfix program at host 202.160.21.82.

>

> I'm sorry to have to inform you that your message could not be

> be delivered to one or more recipients. It's attached below.

>

> For further assistance, please send mail to <postmaster>

>

> If you do so, please include this problem report. You can

> delete your own text from the attached returned message.

>

> The Postfix program

>

> <xxxxxxxxx[at]bisnesscenter.com>: host ms2.mail-shield.com[69.72.142.134]

said:

> 550-rejected because 202.160.21.82 is in a black list at

bl.spamcop.net

> 550

> Blocked - see http://www.spamcop.net/bl.shtml?202.160.21.82 (in reply

to

> RCPT TO command)

Thanks.

Regards,

kpcom

Share this post


Link to post
Share on other sites

There is some interesting data in SenderBase which suggests there may be indeed a problem with that IP:

Volume Statistics for this IP 

Magnitude Vol Change vs. Average

Last day 4.9 640%

Last 30 days 4.8 489%

Average 4.0 

The large increase in volume suggests the system behind the IP may be compromized.

Share this post


Link to post
Share on other sites

Two days is a long time, especialy noting that one can no longer report spam older than 2 days, and 2 days is also the age-off time for a SpamCopDNSBL listing after the spew stops. Yes, that IP is not listed now. However, it very well could have been at the time that e-mail was sent. There could also be a configuration problem at the recipient ISP, such that the e-mail was blocked for some reason, but the error message wrongly identified SpamCop.

However, the signs that dra007 points to are historically pointing to a probable problem situation. That SenderBase page notes 71 domains hosted, but then lists 58 identifed e-mail servers.... is the IP address you show in your rejected sample only serveing "you" or is it a shared system? Have you asked your ISP or the other ISP for any assistance or data? Have you re-sent the e-mail to see if the problem is "clear" .. based on the current "not listed" status ?

Share this post


Link to post
Share on other sites

Thank you very much for the replies. The server serves all the local users and right now it seems that the domain had lifted the blockage.

Regards

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×