Jump to content

Blocked because using Mime Sweeper?


Florian

Recommended Posts

Hi,

I don't know if this is the right forum, but the message I got linked to this forum.

Since a day or so, our company is listed on spamcop.

If I unstood this right, we are listed because mails to e.g. unknown users in our domain are not rejected during the connection.

Our Mime Sweeper takes this mails, processes it and then delivers it to our mailserver. If the user is unknown, the Mime Swepper sends back a message to the sending user (the address is normally faked for spam mails) and he gets mass mails from us that the user is unknown. But he has never send anything to us.

I understand the problem, but I don't know how to resolve this. I have not found a solution inside Mime Sweeper.

Does somebody know a solution?

Regards

Florian Schalk

Link to comment
Share on other sites

Please see http://www.mimesweeper.com/support/technot...em.aspx?ID=1347 (valid support contract required). Please also feel free to run far away from Internet companies that don't provide at least free unregistered read-only web-based access to their product support knowledgebases.

Link to comment
Share on other sites

Hi

I think we have the same problem - from exactly the same date as the original poster!

My understanding of the issue is the same as his, although there is a very big possibility that we might be blocked because of the stupidity of one our users too. I'm wondering if anyone can help me work it out?

(I've read the tech article posted above and am not sure how this helps with this issue - mail is still only bounced from the Exchange server and not during the initial SMTP conversation on Mime Sweeper)...

IP address 193.132.145.163 is currently on the bl.

We have 2 SMTP MimeSWeeper servers, and when one gets blocked, I have been able to switch the other one over to be the outgoing mail server, but eventually that gets blocked too.

The stupid action is that I found out that someone has created a mailbox on our exchange system that has an SMTP address that doesn't belong to us. He then sent out a mail shot through our SMTP server. Lots of the email addresses have been bouncing back to us, but the email domain isn't ours, so we've been bouncing the bounces - if you see what I mean...

:blush:

If it was this that is the reason for our blacklisting, then I would have expected it to stop by now (it was last wednesday)... Then I see the above post and I'm wondering if it's nothing to do with that (I have stopped this guy doing this now by the way!) but if it's because we are using Mimesweeper....

Please help!

Cheers

Ruth

Link to comment
Share on other sites

It sounds like you need to contact Clearswift's Mime Sweeper support personnel.

25470[/snapback]

I'm trying that too, but so far I believe that there's no way for it to block "unknown recipient" mails during the initial SMTP conversation. It will always accept them and THEN either bounce at the exchange server or when they're being analysed by the Mimesweeper service.

Surely this can't be a valid reason to register our mail as spam?

Link to comment
Share on other sites

There is a large increase of spew from that IP, although it is not presently listed in spamcop:

Volume Statistics for this IP 

Magnitude Vol Change vs. Average

Last day 4.2 300%

Last 30 days 4.3 392%

Average 3.6

you might have a compromized/hijacked machine or else you are bombarded with spam that is undeliverable and bounces..

Link to comment
Share on other sites

There is a large increase of spew from that IP, although it is not presently listed in spamcop:

you might have a compromized/hijacked machine or else you are bombarded with spam that is undeliverable and bounces..

25473[/snapback]

Thanks dra007

Please can you also look at 193.132.145.162 - that's currently the outgoing mail server (I changed it over when I realised the other one was blocked).

I don't think either server is currently blocked, but 163 was this morning.

I don't know how to stop this happening, we have always been bombarded with spam and have always bounced - like I say, Mimesweeper can't do anything else. Any ideas? We don't want to have to turn off NDRs altogether.

Thanks

Ruth

Link to comment
Share on other sites

You can check some of this yourself at: http://www.spamcop.net/bl.shtml?193.132.145.163 and http://www.spamcop.net/bl.shtml?193.132.145.162

Statistics:

193.132.145.163 not listed in bl.spamcop.net

Report History: ( 193.132.145.163 )

--------------------------------------------------------------------------------

Submitted: Monday, March 14, 2005 1:04:34 PM -0500:

Undeliverable: Re: BK88[Phharmaccy]

Statistics:

193.132.145.162 not listed in bl.spamcop.net

Report History: ( 193.132.145.162 )

--------------------------------------------------------------------------------

Submitted: Thursday, March 10, 2005 9:38:24 PM -0500:

Undeliverable: Re: /25-98/Medicattions

So yes, bounces do appear to be causing any problems you are seeing, perhaps even to the spamtrap addresses (which would not appear above).

(Wazoo edited the "member" URLS to the generic "www" addresses, though noting that the "history" events won't be available)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...