Florian Posted March 11, 2005 Share Posted March 11, 2005 Hi, I don't know if this is the right forum, but the message I got linked to this forum. Since a day or so, our company is listed on spamcop. If I unstood this right, we are listed because mails to e.g. unknown users in our domain are not rejected during the connection. Our Mime Sweeper takes this mails, processes it and then delivers it to our mailserver. If the user is unknown, the Mime Swepper sends back a message to the sending user (the address is normally faked for spam mails) and he gets mass mails from us that the user is unknown. But he has never send anything to us. I understand the problem, but I don't know how to resolve this. I have not found a solution inside Mime Sweeper. Does somebody know a solution? Regards Florian Schalk Link to comment Share on other sites More sharing options...
Jeff G. Posted March 11, 2005 Share Posted March 11, 2005 Please see http://www.mimesweeper.com/support/technot...em.aspx?ID=1347 (valid support contract required). Please also feel free to run far away from Internet companies that don't provide at least free unregistered read-only web-based access to their product support knowledgebases. Link to comment Share on other sites More sharing options...
ruth11 Posted March 15, 2005 Share Posted March 15, 2005 Hi I think we have the same problem - from exactly the same date as the original poster! My understanding of the issue is the same as his, although there is a very big possibility that we might be blocked because of the stupidity of one our users too. I'm wondering if anyone can help me work it out? (I've read the tech article posted above and am not sure how this helps with this issue - mail is still only bounced from the Exchange server and not during the initial SMTP conversation on Mime Sweeper)... IP address 193.132.145.163 is currently on the bl. We have 2 SMTP MimeSWeeper servers, and when one gets blocked, I have been able to switch the other one over to be the outgoing mail server, but eventually that gets blocked too. The stupid action is that I found out that someone has created a mailbox on our exchange system that has an SMTP address that doesn't belong to us. He then sent out a mail shot through our SMTP server. Lots of the email addresses have been bouncing back to us, but the email domain isn't ours, so we've been bouncing the bounces - if you see what I mean... If it was this that is the reason for our blacklisting, then I would have expected it to stop by now (it was last wednesday)... Then I see the above post and I'm wondering if it's nothing to do with that (I have stopped this guy doing this now by the way!) but if it's because we are using Mimesweeper.... Please help! Cheers Ruth Link to comment Share on other sites More sharing options...
Jeff G. Posted March 15, 2005 Share Posted March 15, 2005 It sounds like you need to contact Clearswift's Mime Sweeper support personnel. Link to comment Share on other sites More sharing options...
ruth11 Posted March 15, 2005 Share Posted March 15, 2005 It sounds like you need to contact Clearswift's Mime Sweeper support personnel. 25470[/snapback] I'm trying that too, but so far I believe that there's no way for it to block "unknown recipient" mails during the initial SMTP conversation. It will always accept them and THEN either bounce at the exchange server or when they're being analysed by the Mimesweeper service. Surely this can't be a valid reason to register our mail as spam? Link to comment Share on other sites More sharing options...
dra007 Posted March 15, 2005 Share Posted March 15, 2005 There is a large increase of spew from that IP, although it is not presently listed in spamcop: Volume Statistics for this IPĀ Magnitude Vol Change vs. Average Last day 4.2 300% Last 30 days 4.3 392% Average 3.6 you might have a compromized/hijacked machine or else you are bombarded with spam that is undeliverable and bounces.. Link to comment Share on other sites More sharing options...
ruth11 Posted March 15, 2005 Share Posted March 15, 2005 There is a large increase of spew from that IP, although it is not presently listed in spamcop: you might have a compromized/hijacked machine or else you are bombarded with spam that is undeliverable and bounces.. 25473[/snapback] Thanks dra007 Please can you also look at 193.132.145.162 - that's currently the outgoing mail server (I changed it over when I realised the other one was blocked). I don't think either server is currently blocked, but 163 was this morning. I don't know how to stop this happening, we have always been bombarded with spam and have always bounced - like I say, Mimesweeper can't do anything else. Any ideas? We don't want to have to turn off NDRs altogether. Thanks Ruth Link to comment Share on other sites More sharing options...
StevenUnderwood Posted March 15, 2005 Share Posted March 15, 2005 You can check some of this yourself at: http://www.spamcop.net/bl.shtml?193.132.145.163 and http://www.spamcop.net/bl.shtml?193.132.145.162 Statistics: 193.132.145.163 not listed in bl.spamcop.net Report History: ( 193.132.145.163 ) -------------------------------------------------------------------------------- Submitted: Monday, March 14, 2005 1:04:34 PM -0500: Undeliverable: Re: BK88[Phharmaccy] Statistics: 193.132.145.162 not listed in bl.spamcop.net Report History: ( 193.132.145.162 ) -------------------------------------------------------------------------------- Submitted: Thursday, March 10, 2005 9:38:24 PM -0500: Undeliverable: Re: /25-98/Medicattions So yes, bounces do appear to be causing any problems you are seeing, perhaps even to the spamtrap addresses (which would not appear above). (Wazoo edited the "member" URLS to the generic "www" addresses, though noting that the "history" events won't be available) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.