Jump to content

[Resolved] Spamcop certified?


moltar

Recommended Posts

Posted

Are you sure it is the IP address being used to send mail.

Could other IP addresses be involved either directly or via forwarding?

A complete set of headers of the mail that is being blocked would be helpful in determining what is going on.

Posted

Yes I am sure. As I said before I don't think this is a problem with SpamCop. I am not sure if everyone noticed that message. [at]canada.com admitted that it is their fault and they will be looking at it today and tomorrow. The SpamCop theory was before I read them the error message.

Posted

I am sorry that we miss read your post #24. We read into it that you were still looking for help. Your last post indicates that you have located the problem as being outside of SpamCop influence so we will mark this topic as resolved.

Thank you for your participation in our forums.

We hope that you are able to resolve the problem with canada.com.

Posted

I am sorry if you missunderstood me dbiel, but I didn't even mean this as a support topic. It was more of a question which lead into a discussion. I just wanted to underline the fact the SpamCop here was not in question anymore as I felt many were thinking.

Well, as I said earlier I would call canada.com and talk to them and report back here. So I called in today.

Of course, the problen was not fixed. It's been two month, why would it be fixed in just one day? Today's rep denied everything that yesterday's rep said. I did not write down the name of the rep I spoke with yesterday. Didn't learn my lesson and didn't not write today's rep's name either. Dammit. Today's rep said that I do not need to certify with SpamCop, but this was even more of a circuis. Here is a summary of a half an hour argument:

- My IP does not match the domain (I assume he referred to rDNS, I could not confirm that this is what he meant)

- I must get "Trusted Privacy Seal - Bonded Sender" (anyone know where can I get one?)

- Canada.com has a "tight security" and they reject all mail that does not come from certified senders.

- They cannot do anything about it. They cannot lower the security and they cannot white list the IP/domain in question. Basically they told me off. Even though the person has a paid email account.

He also pointed out that the IP address has no information listed in SenderBase under the "Other information about this IP address" header.

After I did a lookup for Canada.com itself, there was no information either. His excuse was "we are currently having a problem that canada.com is blocking itself" (i have no idea how is that possible or what to even make out of this).

Posted

And I thought trying to communicate with Hotmail was bad! <g>

Ironport that owns SpamCop also has a hand in Bonded Sender - that's probably where the confusion is.

Since I am not a server admin, I can't help very much with the technical details. I googled Bonded Sender and found two sites bondedsender.com and bondedsender.org The .com mentions Ironport

And every time I forget to get the person's name is the time I need to have it!

HTH

Miss Betsy

Posted

It's ok. The solution is: client told Canada.com to go to hell. Got a free gmail account with more space and features. Forward all the mail from the old account into gmail. Now that I think about it, I should have told him to get spamcop account. Maybe it's not too late :)

Posted

The lack of SenderBase data was why I was asking if this was the correct IP address.

12/07/05 11:59:44 dns 69.64.32.230

nslookup 69.64.32.230

Canonical name: terrahost.ca

Addresses:

69.64.32.230

ns1.terrahost.ca reports the following MX records:

Preference Host Name IP Address TTL

10 mail.terrahost.ca 69.64.32.230 86400

http://www.mxtoolbox.com/diagnostic.aspx?H...il.terrahost.ca

RESULT: mail.terrahost.ca

Banner: TIMEOUT waiting for banner after 10.531 seconds

Connect Time: 0.109 seconds - Good

Transaction Time: 10.640 seconds - Not good!

Relay Check: OK - This server is not an open relay.

Rev DNS Check: OK - 69.64.32.230 resolves to terrahost.ca

GeoCode Info: Geocoding server is unavailable

12/07/05 11:57:38 IP block 69.64.32.230

Trying 69.64.32.230 at ARIN

Trying 69.64.32 at ARIN

OrgName: Server4You Inc.

OrgID: SERVE-6

Address: 710 North Tucker Blvd

Address: Suite 610

City: St. Louis

StateProv: MO

PostalCode: 63101

Country: US

NetRange: 69.64.32.0 - 69.64.63.255

CIDR: 69.64.32.0/19

NetName: S4Y1-NET

NetHandle: NET-69-64-32-0-1

Parent: NET-69-0-0-0-0

NetType: Direct Allocation

NameServer: NS1.NAMESERVERSERVICE.COM

NameServer: NS2.NAMESERVERSERVICE.COM

Comment: http://www.server4you.com

RegDate: 2003-07-30

Updated: 2004-04-29

RAbuseHandle: SWI19-ARIN

RAbuseName: Wintz, Sascha

RAbusePhone: +1-866-342-5749

RAbuseEmail: abuse[at]server4you.net

Some more wierdness; http://www.senderbase.org/search?searchString=terrahost.ca

Volume Statistics for this Domain

Magnitude Vol Change vs. 30 Day

Last day ........ 2.3 .. 39%

Last 30 days .. 2.2

Yet: No address list shown since no email was detected from terrahost.ca.

The "problem" I think is showing here is that the MX and IP address showing thus far is handling the incoming e-mail. (or at least I'm trying to say that there's a possibility here) What seems to be missing is where the outgoing e-mail is actually being handled .. the IP address of that system, what the headers actually indiciate, etc. Server4you may actually be handling outgoing via some sort of "smarthost" setup, and "your" e-mail is being outward routed by one of their other servers, thus possible leading into the "it's not coming from where it says it is" scenario ???? (just tossing out the question)

http://www.senderbase.org/search?searchString=server4you.net

Posted

The outgoing email is handled through the same server. I guess the amount of outgoing mail is so small that is not noticed by senderbase? I personally don't even use my own server's SMTP - I send everything through my ISP. That terrahost.ca domain is my domain, not clients. Though his is on the same IP. I never used SMTP on terrahost.ca server to send email.

That a pretty simple setup on the server. It's one server running qmail. It handles both incoming and outgoing mail. Uses all 5 IPs that are available on the server. that *.30 IP is shared among all the customers. 2 reserved for DNS. 2 Reserved for my own stuff.

Posted
thus possible leading into the "it's not coming from where it says it is" scenario ???? (just tossing out the question)

37396[/snapback]

Here is a test that I did. I created a test[at] email account. Logged in into the webmail (to make sure that all the headers are original). Sent a test mail to my spamcop.net email account. Here is the lightly edited email I received:

X-AntiVirus: Checked by Dr.Web [version: 4.33, engine: 4.33.0.10250, virus records: 95116, updated:  6.11.2005]
Return-Path: &lt;test[at]clientdomain.ca&gt;
Delivered-To: spamcop-net-moltar[at]nospamcop.net
Received: (qmail 28510 invoked from network); 7 Dec 2005 18:36:55 -0000
X-spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on blade2.cesmail.net
X-spam-Level: 
X-spam-Status: hits=0.6 tests=NO_REAL_NAME version=3.1.0
Received: from unknown (192.168.1.101)
  by blade2.cesmail.net with QMQP; 7 Dec 2005 18:36:55 -0000
Received: from ns1.terrahost.ca (HELO hunox.ca) (69.64.32.229)
  by mailgate.cesmail.net with SMTP; 7 Dec 2005 18:36:55 -0000
Received: (qmail 973 invoked from network); 7 Dec 2005 13:36:54 -0500
Received: from localhost (127.0.0.1)
  by localhost with SMTP; 7 Dec 2005 13:36:54 -0500
Received: from CPE000c41490566-CM014170123447.cpe.net.cable.rogers.com
	(CPE000c41490566-CM014170123447.cpe.net.cable.rogers.com [72.139.xx.xxx])
	by webmail.clientdomain.ca (Horde MIME library) with HTTP; Wed,  7 Dec
	2005 13:36:54 -0500
Message-ID: &lt;20051207133654.f7fttwjke54ckcww[at]webmail.clientdomain.ca&gt;
Date: Wed,  7 Dec 2005 13:36:54 -0500
From: test[at]clientdomain.ca
To: moltar[at]nospamcop.net
Subject: test
MIME-Version: 1.0
Content-Type: text/plain;
	charset=ISO-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
User-Agent: Internet Messaging Program (IMP) H3 (4.0.3)
X-SpamCop-Checked: 192.168.1.101 69.64.32.229 127.0.0.1 72.139.xx.xxx 

test

Posted

Received: from ns1.terrahost.ca (HELO hunox.ca) (69.64.32.229)

HELO string????

But compare the listing seen at http://www.senderbase.org/search?searchString=69.64.32.229 to those seen for the .230 previously referenced.

The "no listings" note is still there, but .... other lines have data .. for instance;

Date of first message seen from this address 2004-10-17

12/07/05 13:09:07 Slow traceroute hunox.ca

Trace hunox.ca (69.64.40.175) ...

64.159.0.62 RTT: 27ms TTL:112 (ge-9-0.hsa1.StLouis1.Level3.net ok)

63.208.32.162 RTT: 29ms TTL:112 (server4you-gw.stl1.us.inetbone.net bogus rDNS: host not found [authoritative])

69.64.40.175 RTT: 27ms TTL: 53 (hunox.ca ok)

ns1.terrahost.ca reports the following MX records:

Preference Host Name IP Address TTL

10 mail.hunox.ca 69.64.40.175 86400

http://www.senderbase.org/search?searchString=69.64.40.175 shows more "no data"

Posted
I am sorry if you missunderstood me dbiel, but I didn't even mean this as a support topic. It was more of a question which lead into a discussion. I just wanted to underline the fact the SpamCop here was not in question anymore as I felt many were thinking.

37393[/snapback]

Not a problem. Thank you for your posts. It adds to the pool of shared information. We just wanted to be sure that your needs were being met in the best way that we know how. Thank you again for your participation.
Posted

Ok I see that the IPs are different now. They are both mine though. I can only set one HELO string per server. If there are many domains hosted, it's impossible to know which one is which. Maybe I should remove it all together?

As for IP difference. Why is this causing a problem? What should I do? I've never experienced anything like that.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...