Also blocked, not blacklisted

[boxter]

My email is being blocked. However, I checked my IP address: 68.74.155.42

It is not blacklisted. For the first time today, I had emails from two different recipients blocked.

Headers as follows with email prefixes XXX-ed out

__________________________________________

A message that you sent could not be delivered to one or more of its

recipients. This is a permanent error. The following address(es) failed:

XXX[at]chicagolandec.org

SMTP error from remote mail server after RCPT TO:<XXX[at]chicagolandec.org>:

host groupware.chicagolandchamber.org [70.224.151.67]:

550 5.7.1 216.12.202.106 has been blocked by bl.spamcop.net

------ This is a copy of the message, including all the headers. ------

Return-path: <XXX[at]vista-development.com>

Received: from adsl-68-74-155-42.dsl.emhril.ameritech.net ([68.74.155.42] helo=SBC)

by pro18.msshost.com with esmtpa (Exim 4.52)

id 1Em0P6-0002nD-DQ

for XXX[at]chicagolandec.org; Mon, 12 Dec 2005 21:00:37 -0600

_______________________________________________

BLOCK #2

SMTP error from remote mail server after end of data:

host mail.spectruminc.com [65.43.98.10]: 554 5.7.1 Message cannot be accepted, content filter rejection bl.spamcop.net

------ This is a copy of the message, including all the headers. ------

Return-path: <XXX[at]vista-development.com>

Received: from adsl-68-74-155-42.dsl.emhril.ameritech.net ([68.74.155.42] helo=SBC)

by pro18.msshost.com with esmtpa (Exim 4.52)

id 1Elwrf-0004gN-5N

for XXX[at]peacockcolors.com; Mon, 12 Dec 2005 17:13:51 -0600

_________________________________________________

I should also mention that our email domain has been hijacked in the past by spammers in the past offering stock tips. But those would not have originated from our IP address.

Can someone help us to resume normal business e-communication and avoid this issue with others? Thanks!

[Wazoo]

My email is being blocked. However, I checked my IP address: 68.74.155.42

It is not blacklisted.  For the first time today, I had emails from two different recipients blocked.

Headers as follows with email prefixes XXX-ed out

__________________________________________

A message that you sent could not be delivered to one or more of its

recipients. This is a permanent error. The following address(es) failed:

  XXX[at]chicagolandec.org

    SMTP error from remote mail server after RCPT TO:<XXX[at]chicagolandec.org>:

    host groupware.chicagolandchamber.org [70.224.151.67]:

    550 5.7.1 216.12.202.106 has been blocked by bl.spamcop.net

37747[/snapback]

Your IP address and the IP address of the e-mail server(s) involved are not the same. Going with the bit of stuff seen as actually pertinant;

http://www.spamcop.net/w3m?action=checkblo...=216.12.202.106

216.12.202.106 listed in bl.spamcop.net (127.0.0.2)

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 19 hours.

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam less than 10 times in the past week

So, both spamtrap hits and spam are being seen coming from that IP address ... this situation is actually addressed within the Why am I Blocked? FAQ entry, also tagged with a "Read before posting" note ...

http://www.spamcop.net/sc?track=216.12.202.106 says that abuse[at]ev1.net should have received any reports/complaints sent. Have you talked to them yet?

[Jeff G.]

Report History follows:

Submitted: Saturday 2005/12/10 03:05:29 -0500:

A message from your constituent - PLEASE SUPPORT UNIVERSAL ONLINE VOTING THIS...

1581187691 ( 216.12.202.106 ) To: spamcop[at]imaphost.com

1581187683 ( 216.12.202.106 ) To: abuse[at]ev1.net

--------------------------------------------------------------------------------

Submitted: Saturday 2005/09/17 20:08:27 -0400:

Market Alert kkhkezib

1510205006 ( 216.12.202.106 ) To: spamcop[at]imaphost.com

1510205001 ( 216.12.202.106 ) To: abuse[at]ev1.net

[boxter]

Thanks Wazoo. I have now communicated with "abuse" as you suggest.

We have been doing a monthly email blast sent only to "subscribers" who have granted permission. While this could potentially be the problem, judging from the links you provided, this is not the source of the problem. Especially since we have not done any bulk mailing in three weeks. The issues reported are within 10 days.

With your assistance, I now believe it is our Web Hosting Co. that has some of their customers causing a problem for all. Our organization is not able to guarantee that this will not occur again within 24 hours. Only our hosting company can and likely will not.

I am still learning about this but now believe it is best for us to change hosts and find one that has more control of the spamming habits of their customers.

[turetzsr]

Hi, boxter,

...Thank you for:

• not accusing SpamCop of blocking you
  
• taking a "please help me understand and fix the problem" attitude rather than a negative one
  
• coming back with a follow-up report
  
• understanding what is going on so well
  

Not everyone does this! <g>

<snip>

We have been doing a monthly email blast sent only to "subscribers"  who have granted permission.  While this could potentially be the problem, judging from the links you provided, this is not the source of the problem.

37779[/snapback]

...Presuming your conclusion to be true (and I have no reason to believe it is not), I would nevertheless point you to the SpamCop forum article "Am I running mailing lists responsibly?" You may already be following the suggestions there but just in case ....

<snip>

I am still learning about this but now believe it is best for us to change hosts and find one that has more control of the spamming habits of their customers.

37779[/snapback]

...Looks like you hit the nail on the head. Of course, they might have a reasonable explanation, so it might be appropriate to give them a bit of a chance (which I gather from what you wrote that you are planning to do).

...Good luck!

[boxter]

turetzsr:

My hosting company responded: "you can request your recipients to ask their admins to allow the mails from your domain." They further mention that they can not control the actions of other servers and hence we cannot force them to remove us from their blacklist similarly no other company can force us to remove their IP's from our blacklist.

Not what I requested. They did not address: "SpamCop users have reported system as a source of spam less than 10 times in the past week" -their typical not our fault/nothing we can do response. Maybe less than 10 is good. I know we were not one of the 10 and did not generate: A message from your constituent - PLEASE SUPPORT UNIVERSAL ONLINE VOTING THIS... as Jeff G added.

We are hoping to get through the next 24 hours without one of their customers spamming again to temporarily clear our name. Meanwhile, I am shopping for a new hosting service. You get what you pay for. spam control is a new criteria.

I have also learned from this experience that while our previous email marketing is well intentioned, the bar has been raised for what is defined as spam. For fear of losing subscribers who would benefit from our information, we have not proactively requested subscribers to confirm their subscriptions. We will explore some methods to achieve this.

We're considering outsourcing our e-nurturing to a service like constant contact.

It's not easy considering the scope of this disruption. But, I can begin to understand how this is helping with the spam problems we all face. We will try to be part of the solution vs. part of the problem. If web hosting companies can not govern their customers, they will lose them. If that happens enough, things will improve.

All that said, this is experience is a genuine nuisance. I have to vent just a little.

[Miss Betsy]

Everyone wants to vent when it comes to spam!

Thank you for not venting on the people who answered your posts. But you are always welcome to 'rant and rave' in the Lounge! It's good to let off steam now and again!

Let us know if you have other questions. Someone may be able to give some good advice. (see other Forums and the FAQ).

Miss Betsy

[turetzsr]

turetzsr:

37802[/snapback]

...That's just my SpamCop Forum user id. I prefer to be addressed as "Steve T" (see my sig). Thanks! <g>

...However, I think you meant Wazoo, as he is the one who suggested that you contact abuse[at]ev1.net (which I presume is your hosting company). In any event, glad you came back to follow up with us. Thanks!

My hosting company responded:  "you can request your recipients to ask their admins to allow the mails from your domain."

37802[/snapback]

...That is certainly a good idea.

They further mention that they can not control the actions of other servers and hence we cannot force them to remove us from their blacklist similarly no other company can force us to remove their IP's from our blacklist. 

 

Not what I requested.  They did not address: "SpamCop users have reported system as a source of spam less than 10 times in the past week"  -their typical not our fault/nothing we can do response. 

<snip>

37802[/snapback]

...You clearly get it -- wish your service provider (and others like them) did! <g>

I have also learned from this experience that while our previous email marketing is well intentioned, the bar has been raised for what is defined as spam.  For fear of losing subscribers who would benefit from our information, we have not proactively requested subscribers to confirm their subscriptions.  We will explore some methods to achieve this.

37802[/snapback]

...Outstanding, thanks!

We're considering outsourcing our e-nurturing to a service like constant contact.   

 

It's not easy considering the scope of this disruption. But, I can begin to understand how this is helping with the spam problems we all face.  We will try to be part of the solution vs. part of the problem.  If web hosting companies can not govern their customers, they will lose them.  If that happens enough, things will improve.

37802[/snapback]

...Again, you show you get it. Kudos! <g>

All that said, this is experience is a genuine nuisance. I have to vent just a little.

37802[/snapback]

...I concur fully with Miss Betsy (and I'm certain she did not mean to imply that this rant should have been taken to the Lounge, as it was entirely within the context of your inquiry about the disruption to your e-mail communication).

[Miss Betsy]

Did I ask a moderator to move the post? I just invited him to rant as much as he wanted to in the Lounge whenever spam and its consequences got to him. Rants are good for the soul sometimes.

My hosting company responded:  "you can request your recipients to ask their admins to allow the mails from your domain." 

37802[/snapback]

That is certainly a good idea....

37807[/snapback]

But I don't agree with Steve on this issue. IMHO, whitelisting defeats the whole purpose of blocklisting. The only way whitelisting would work is if one always had to whitelist bulk email, but NEVER non-bulk email.

Even though it is a big nuisance now, if more people had Boxter's attitude, the spam problem would be licked very quickly - at least for those who are responsible internet users.

Miss Betsy

[turetzsr]

Did I ask a moderator to move the post?

37813[/snapback]

...No, you didn't. I just wanted to emphasize that you did not intend to suggest that boxter's "ranting" here was out-of place when you wrote:

<snip>

But you are always welcome to 'rant and rave' in the Lounge!

<snip>

37805[/snapback]

Just me being anal-retentive, again. <g>

<snip>

That is certainly a good idea....

<snip>

37807[/snapback]

But I don't agree with Steve on this issue. IMHO, whitelisting defeats the whole purpose of blocklisting. The only way whitelisting would work is if one always had to whitelist bulk email, but NEVER non-bulk email.

37813[/snapback]

...Not sure why you say this. IMHO, the purpose of blocklisting is to give service providers a way to identify potential spam because of the IP address of the source of an e-mail. That, as I think we all agree, is a blunt instrument and one that SpamCop recommends be used not to block but rather to sort and/ or tag e-mail from suspect sources (even though you and I both agree that SMTP reject of such e-mail is better for several reasons). Whitelisting known individual e-mail addresses somewhat sharpens that instrument. Whitelisting bulk e-mail, IIUC and IME (in my experience), is much more likely to let in spam, as a higher percentage of bulk e-mail is spam.

Even though it is a big nuisance now, if more people had Boxter's attitude, the spam problem would be licked very quickly - at least for those who are responsible internet users.

37813[/snapback]

...Absolutely! A "check mark" for the human cloning proponents! <g>

[Miss Betsy]

Whitelisting known individual e-mail addresses somewhat sharpens that instrument. Whitelisting bulk e-mail, IIUC and IME (in my experience), is much more likely to let in spam, as a higher percentage of bulk e-mail is spam.

IMHO, it is much better to make the *sender* do something about getting email to you. I realize that businesses can't do that with clients so whitelisting is, like tagging, something that is necessary.

The reason that making the *sender* responsible for ensuring that email works is because the sending end is the only place that it can be controlled. When end users start to realize that they have to choose a responsible provider is when things will start changing. And if everyone they know whitelists them, they never will make a fuss with the ones who can make a change.

The whitelisting of bulk email is just a dream of mine. It is possible to have a header line identifying email as bulk email. And bulk email is the problem. One already has to confirm subscription to legitimate bulk email and many lists already ask you to whitelist them. The people to be blocked are the ones who send bulk email without identifying it as bulk email. Since the sending ISP can identify bulk email, he can enforce the use of identification. Therefore, receivers can block all bulk email except that which is whitelisted and accept all individual email (which would only be blocked if the ISP was incompetent enough not to be able to identify and make rules about bulk email). Open proxies and relays are blocked. Since it costs money to accept bulk email, ISPs could charge if one accepted any bulk email instead of using the whitelisting method. However, anyone who wanted to receive spam could by paying an extra fee. The spammers get their suckers; the majority get all the email they want - even from long lost cousins or neighbors who have a lawn mower to sell. And any they don't want are so few and far between that there is no problem in JHD. Those who send (or accept) bulk email pay more which makes it less attractive to spammers. The only problem is that it would take too much education of too many people to implement.

Miss Betsy

[turetzsr]

IMHO, it is much better to make the *sender* do something about getting email to you.  I realize that businesses can't do that with clients so whitelisting is, like tagging, something that is necessary.

<snip>

It is possible to have a header line identifying email as bulk email.  And bulk email is the problem.  One already has to confirm subscription to legitimate bulk email and many lists already ask you to whitelist them.  The people to be blocked are the ones who send bulk email without identifying it as bulk email.  Since the sending ISP can identify bulk email, he can enforce the use of identification. <snip> Since it costs money to accept bulk email, ISPs could charge if one accepted any bulk email instead of using the whitelisting method.  However, anyone who wanted to receive spam could by paying an extra fee. <snip>

37823[/snapback]

...OIC. I now understand! As usual for thoughts from you, lots of good ideas there. <g>