Jump to content

Mail sent from SpamCop webmail rejected as spam


Recommended Posts

Posted

This has only happened in one place, so the system there may be messed up, but here's what happened:

I sent a message to a friend at a nearby university. The message bounced back as "unsolicited bulk e-mail." I tried replying to the postmaster address, which also bounced back as UBE.

I was not sending funny email with attachments or anything.

Eventually, I used a different e-mail service to hail the postmaster, and got this response [obfuscated to prevent identification of e-mail or server addresses]:

===================================================

I have changed the filter to allow your mail through.

Note: Your Email client or your Email server is grossly misconfigured. My guess is that any site using SPAMassasin will treat your Email as spam.

Most problems with your client/server seemed to be related to a misconfigured HORDE webmail interface and/or SMTP server.

Anyway, your Email is identified as coming from yourname[at]spamcop.net[at]cesmail.net when it should say it came from yourname[at]cesmail.net (most likely).

See headers below:

Received: from q93.59.343.111.ip.zdwfwe.net (q93.59.343.111.ip.zdwfwe.net

[111.22.33.44]) by webmail.spamcop.net (Horde) with HTTP for

<yourname[at]spamcop.net[at]cesmail.net>; Tue, 9 Aug 2005 22:13:13 -0400

webmail.spamcop.net is not equal to q93.59.343.111.ip.zdwfwe.net

which is the machine you sent your mail from.

================================================

Note that the postmaster identified two potential problems: the "dual [at]" address and the mismatch between the webmail domain and the client machine address.

My take on this is that they have SPAMassassin configured incorrectly, because I'm sure I've sent e-mail to other places with SPAMassassin and had no problems. Also, I didn't find anything in the forums about this sort of problem (although I didn't spend a long time looking).

But is it possible that something is wrong (or even recently changed) about the way SpamCop webmail constructs the headers, that would anger SPAMassassin?

Thanks!

Posted
See headers below:

Received: from q93.59.343.111.ip.zdwfwe.net (q93.59.343.111.ip.zdwfwe.net

        [111.22.33.44]) by webmail.spamcop.net (Horde) with HTTP for

        <yourname[at]spamcop.net[at]cesmail.net>; Tue,  9 Aug 2005 22:13:13 -0400

webmail.spamcop.net is not equal to q93.59.343.111.ip.zdwfwe.net

which is the machine you sent your mail from.

[/font]

31514[/snapback]

You don't mention if your spamcop account is a spamcop.net or a cesmail.net one.

However, other than the double address, there is absolutely nothing wrong with the Received header....It is telling someone reading the headers that you were using 111.22.33.44 to interface with the webmail system at spamcop.net via HTTP. This person does not seem to know how to read headers very well.

A quick test of the webmail system does seem to indicate that the double addressing is currently occuring. I do not recall this being mentioned before, however...possibly a new wrinkle...

Received: from 64.9.52.218 ([64.9.52.218]) by webmail.spamcop.net (Horde)

with HTTP for <myaccount<at>spamcop.net<at>cesmail.net>; Wed, 10 Aug 2005

22:10:39 -0400

OK, not a new wrinkle as I just found this message with the same multiple domain dated from 2003 and I have never had any problems emailing anyone from that account.

Received: from kopinproxy.kopin.com (kopinproxy.kopin.com [199.79.137.84])

        by webmail.spamcop.net (Horde) with HTTP for

        <myaccount,at>spamcop.net<at>cesmail.net>; Tue, 26 Aug 2003 11:51:41 -0400

Posted

Thanks, Steven,

I have never had any previous problems, either.

I have a spamcop account, not cesmail.

The thing that really smokes me is that I have run into a few places recently that have implemented a true spam firewall, meaning the suspected spam is bounced and the intended recipient never even knows the mail was sent. Further, the message returned to the sender has no instructions on how to prove that it wasn't spam (not even a phone number).

In this case, I couldn't even e-mail the postmaster because those messages were "suspected UBE," too. I had to use a different ISP to send mail to the postmaster.

Sounds like we'll have to go back to using phones and snail-mail to communicate!

<_<

Posted
I couldn't even e-mail the postmaster because those messages were "suspected UBE," too. I had to use a different ISP to send mail to the postmaster.

31558[/snapback]

When you encounter such a case, please try the abuse address for that domain, and if it bounces due to "suspected UBE," submit that bounce using the RFC-Ignorant.Org abuse Submission Form.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...