Jump to content

Please help, our legitimate business is blocked!


Tres Wright

Recommended Posts

Hello,

I've read through the FAQ and hope I am posting in the right place :) I am an architect with a small firm named "Brand-Sayers Architects, Inc." in the Dallas, Texas area. We have been receiving bounceback messages from some of our clients and consultants for months now, and I'm finally taking the time to see if I can get it resolved. We do not have a permanent IT person (we only have 15 employees), but we do have a consultant. I spoke with him about our email being blocked and he thinks it may have something to do with the fact that we are tied to an SBC mail server, but he did not know of a solution. Below is one of the many bounceback messages I have received, please let me know if there is any further info you need. This has been very frustrating, we are a legitimate business and we correspond a lot via email and it's difficult when some messages don't go through. I hope we can get some help in resolving this.

Thank you!

--Tres Wright

-----Original Message-----

From: MAILER-DAEMON[at]mail26a.sbc-webhosting.com [mailto:MAILER-DAEMON[at]mail26a.sbc-webhosting.com]

Sent: Wednesday, January 18, 2006 3:02 PM

To: twright[at]brand-sayers.com

Subject: failure notice

Hi. This is the qmail-send program at mail26a.sbc-webhosting.com.

I'm afraid I wasn't able to deliver your message to the following addresses.

This is a permanent error; I've given up. Sorry it didn't work out.

<klee[at]staleysteel.com>:

216.201.128.40 does not like recipient.

Remote host said: 554 Service unavailable; Client host [216.173.237.164] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?216.173.237.164

Giving up on 216.201.128.40.

--- Below this line is a copy of the message.

Return-Path: <twright[at]brand-sayers.com>

Received: from mx02.stngva01.us.mxservers.net (204.202.242.66)

by mail26a.sbc-webhosting.com (RS ver 1.0.95vs) with SMTP id 4-0132978119

for <klee[at]staleysteel.com>; Wed, 18 Jan 2006 16:02:14 -0500 (EST)

Received: from www.brand-sayers.com [216.173.246.121] (EHLO Computer00)

by mx02.stngva01.us.mxservers.net (mxl_mta-1.3.8-10p4) with ESMTP id 7ccaec34.29117.398.mx02.stngva01.us.mxservers.net;

Wed, 18 Jan 2006 16:01:59 -0500 (EST)

From: "Tres Wright" <twright[at]brand-sayers.com>

To: "'Kimberly Lee'" <klee[at]staleysteel.com>

Subject: FW: Return Approvals on Comerica Projects - Status Update Request

Date: Wed, 18 Jan 2006 15:02:30 -0600

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0634_01C61C40.3F195FB0"

X-Mailer: Microsoft Office Outlook, Build 11.0.5510

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180

Thread-Index: AcYcX8wyTVvnLOtASxuBbiAnyIULzwABILpQAAOKLyA=

X-spam: [F=0.2459419899; heur=0.984(6700); stat=0.010; spamtraq-heur=0.343(2006011807)]

X-MAIL-FROM: <twright[at]brand-sayers.com>

X-SOURCE-IP: [216.173.246.121]

Message-ID:<20060118160214.GA13297[at]mail26a.sbc-webhosting.com>

X-Loop-Detect:1

X-DistLoop-Detect:1

This is a multi-part message in MIME format.

------=_NextPart_000_0634_01C61C40.3F195FB0

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit

By the way, our office does not have auto-responder capabilities, so I don't think this is a spam trap issue.

Thanks,

Kimberly

Moderator Edit: removed a lot of extra vertical whitespace, e-mail content with no header data (but with 'personal' data included) so was not helpful ....

Link to comment
Share on other sites

216.201.128.40 does not like recipient.

Remote host said: 554 Service unavailable; Client host [216.173.237.164] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?216.173.237.164

Giving up on 216.201.128.40.

39410[/snapback]

Did you follow the link in the error message?

Did you follow the link toward the top of that page lebeled: Information about the reasons for listing (blocking) your mail server (216.173.237.164)?

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

host 216.173.237.164 = mail26a.sbc-webhosting.com (cached)

It does look like you are using a shared sbc-webhosting.com's email server which has sent messages to spamtrap addresses and gotten itself listed. Since you do not administer that server, the most you can do is complain to sbc-webhosting about the listing and that you are not getting what you pay for.

An admin at sbc-webhosting can contact the deputies[at]spamcop.net to find out what is hitting the spamtraps, but it is likely that that server (maybe all their servers) are configured to accept all email to their domains and then bounce back the non-deliverables to forged addresses in the headers. I say likely because (just a user of spamcop's services) there are no reports from human reporters, which would be a sign of the more common "spam" everyone recognizes.

By the way, our office does not have auto-responder capabilities, so I don't think this is a spam trap issue.
It would not be your office causing the problem but the server you use to send you messages. You are sharing your mail server with a number of other companies, likely not all configured as well as your are. I am testing for mis-directed bounces right now and will report back my findings.
Link to comment
Share on other sites

I am testing for mis-directed bounces right now and will report back my findings.

39413[/snapback]

First part of the test is not looking good:

C:\&gt;telnet mail-fwd.sbc-webhosting.com 25

220 mx30.stngva01.us.mxservers.net ESMTP mxl_mta-1.3.8-10p4; Wed, 18 Jan 2006 18:56:01 -0500 (EST); NO UCE
helo underwwood.spamcop.net
250 mx30.stngva01.us.mxservers.net
mail from: &lt;stevenunderwood[at]yahoo.com&gt;
250 Sender Ok
rcpt to: &lt;test1234567890[at]brand-sayers.com&gt;
[COLOR=red]250 test1234567890[at]brand-sayers.com ok (normal)[/COLOR]
data
354 Start mail input; end with &lt;CRLF&gt;.&lt;CRLF&gt;
This is a test to checkl for mail bouncing.
.
quit
[COLOR=red]250 1-0892588611 Message accepted for delivery[/COLOR]
221 mx30.stngva01.us.mxservers.net Service closing transmission channel


Connection to host lost.

I will next report where I receive the bounce message from, assuming I get one. I should unless you receive messages for all addresses to your domian.

Link to comment
Share on other sites

I will next report where I receive the bounce message from, assuming I get one.  I should unless you receive messages for all addresses to your domian.

39414[/snapback]

http://www.spamcop.net/sc?id=z860238708z13...16a505f387b546z

I have cancelled this report because I did this as a test, but if a spammer had forged my email address in a spam, I would have reported it and one of sbc-webhosting.com's mail servers would have received the report.

Other hosts in this "neighborhood" with spam reports

216.173.237.165 216.173.237.166 216.173.237.167 216.173.237.180

Link to comment
Share on other sites

I have nothing to add to Steve's expertise other than this observation:

I get a lot of spam each day from sbc global servers. It's a sewer and I suggest you get out of it and move your domain to a less spam-friendly/clueless outfit.

Link to comment
Share on other sites

Thanks guys, I appreciate the help! I'll talk to the bosses about it. I doubt we'll be able to move to another server though because SBC is one of our clients. We may just have to live with our email not getting through to a couple of people. It's unfortunate that spam Cop blocks legitimate businesses like ours in the interest of throwing a wider net to catch as much spam as possible. spam is of course a big problem, but it should be dealt with in a manner that doesn't infringe on legitimate business. I would rather delate a few spams each day and know that I am getting all legitimate messages sent to me than chance not getting good messages in an attempt to block the bad. Thanks again.

Link to comment
Share on other sites

/snip

I would rather delate a few spams each day and know that I am getting all legitimate messages sent to me than chance not getting good messages in an attempt to block the bad. Thanks again.

39456[/snapback]

That is commendable, except most of us here get 200-1000 spam e-mails a day, some even more, hardly a number you would want to delete manually....

Link to comment
Share on other sites

It's unfortunate that spam Cop blocks legitimate businesses like ours in the interest of throwing a wider net to catch as much spam as possible.

39456[/snapback]

The IP address is the smallest "net" that can be used which can not be forged by the sender. If you are sharing an IP with a spammer, you will be affected. Switch to another IP, or even better, your own IP, and you will not have this problem.
Link to comment
Share on other sites

It's unfortunate that spam Cop blocks legitimate businesses like ours in the interest of throwing a wider net to catch as much spam as possible. spam is of course a big problem, but it should be dealt with in a manner that doesn't infringe on legitimate business.

39456[/snapback]

Once again, all the pointers have been overlooked ... SpamCop.net does not have the power to block your e-mail ..... there is the SpamCopDNSBL available for use, and what you are complaining about is that the recipient's ISP has apparently decided to use that BL data as a Blocking tool in an attempt to manage incoming e-mail to their servers ... The suggested way to use SpamCop.net's admittedly aggressive list is for Tagging, Filtering, or as part of a decision process ..... That's a far different picture than painted by your "SpamCop blocked me!" remarks, which you actually demonstrated in your "our email not getting through to a couple of people" statement ... It's those "couple of people" behind their ISP's e-mail server configuration that's really at issue (well, ignoring actual spam spew issue)

Link to comment
Share on other sites

We may just have to live with our email not getting through to a couple of people. It's unfortunate that spam Cop blocks legitimate businesses like ours in the interest of throwing a wider net to catch as much spam as possible.

Do you realize that if those clients of yours did not use the scbl, that they would receive a lot of spam in addition to your 'valuable' email? It is like using a ground package carrier that not only delivered your packages, but also several dirty, greasy packages crawling with bugs. If your customer refused the shipment, would you blame them?

I doubt we'll be able to move to another server though because SBC is one of our clients

sbc undoubtedly has 'spam free' servers for those who understand the problem. Other ISPs do. You just have to ask.

You are in an excellent position to contribute something positive to the spam solution by making a comment to sbc. If they are your client, then you may not be able to make a strong statement, but you should, at least, be able to mention it.

I would rather delate a few spams each day and know that I am getting all legitimate messages sent to me than chance not getting good messages in an attempt to block the bad.

Many businesses are deleting thousands - not a few - each day. Individuals who have not changed email addresses can receive hundreds. Searching for a legitimate email in all those spam emails is like finding a needle in a haystack. The big advantage to blocklists is that the sender knows that hir email did not go through and can choose another way to contact their correspondent - even another email service that is more careful about permitting spam to leave their system.

Miss Betsy

Link to comment
Share on other sites

SBC's outgoing mail server are notorious for sending delayed bounces and blowback as well as allowing spammers to send spam freely. If email is really so critical to your company, I would highly recommend that they invest in a static IP address, and a copy of Microsoft Exchange 2003 or the mail server software of their choice and run their own mail server. That way they aren't at the mercy of an irresponsible ISP, and do not have to share their mail server with other customers whose email practices they can't control.

Many will probably gripe at my support of a Microsoft product, however, exchange is easy to setup, easy to manage and configure correctly, supports DNSBLs for filtering spam from your incoming email, and support for it is readily available from literally thousands of sources.

Link to comment
Share on other sites

Thank you for this helpful thread. I too am an Architect that has SBC as our server. We are getting blocked left and right. I have complained to SBC weekly for months. They claim that there is nothing they can do. OR they point out that they have addressed the solution but that we must wait the 21 hours for it to drop off. An eternity. Clearly, they are not providing good customer service.

They did have me change the outgoing mail server to SMTP.sbcglobal.net but alas this morning that has been blocked too.

I somewhat take issue with the suggestion that we should just change our webhosting company. We are a small company (3 people!) and dealing with IT issues takes a great deal of time and effort. Making the change is not something for the light of heart.

You are correct in pointing out that SPAMCOP only provides a list and that the recipients choose to block my email. But that arguement is a little like saying "well, I just left the loaded gun on the table, I didn't pull the trigger, Don't blame me!" I have contacted everyone that I do business with who are blocking my email and suggest that they fight spam with something other than SPAMCOP.

Incidently, spam is not a problem for me, all junk mail is recognized by Mail 2.0.5 and throws it out. Never see it, never a problem.

Link to comment
Share on other sites

You are correct in pointing out that SPAMCOP only provides a list and that the recipients choose to block my email. But that arguement is a little like saying "well, I just left the loaded gun on the table, I didn't pull  the trigger, Don't blame me!"

39645[/snapback]

Directly from the What is the SpamCop Blocking List FAQ entry;

The SCBL is an aggressive spam-fighting tool. By using this list, you can block a lot of spam, but you also may block or filter wanted email. Because of this limitation, one should strongly consider using the SCBL as part of a scoring system and explicitly whitelist wanted email senders (e.g., mailing lists and other IPs from which you want to receive email).

With any spam filtering system, you should consider keeping suspected spam so that it can be retrieved. Doing so will prevent bounces from your system hitting innocent third parties.

I don't see the comparison quite as clearly as you do .... if the tools / gun are used inappropriately, yes, innocents can be harmed.

Link to comment
Share on other sites

Valid point. However, one of my blockers said that they "white listed" me yet I am still blocked. Don't get me wrong, ultimately it seems as though SBC is a poor manager but I think SPAMCOP is a poor tool to combat a problem.

Link to comment
Share on other sites

Valid point. However, one of my blockers said that they "white listed" me yet I am still blocked. Don't get me wrong, ultimately it seems as though SBC is a poor manager but I think SPAMCOP is a poor tool to combat a problem.

39648[/snapback]

Because SpamCop blocklist is aggressive, it does have to be used with care. However, using blocklists is the best way to control spam. Because SpamCop is aggressive, often server admins are advised of problems before they get on lists that are not so easy to get off.

It all comes down to the 'money' - as long as people are willing to 'spend' money to accept spam in order to get legitimate email, then nothing is going to happen. However, there are more and more people who do not want to 'spend' money on bandwidth and content filtering systems. They will use blocklists that reject at the server and let the *sender* worry about getting email sent.

It may be that it will become less expensive for you to choose a more reliable web host in the future. In the meantime, you are asking your clients to receive spam in order to receive your email. It might be worth your while to get an architect trade association to provide responsible, reliable web hosting for you and others in your situation. Unless SBC finds out that people are really willing to leave because of their unreliable service, they won't change much.

Doing business on the internet is like doing business offline. There are costs involved.

Miss Betsy

Link to comment
Share on other sites

Valid point. However, one of my blockers said that they "white listed" me yet I am still blocked.

The FAQ here contains a large amount of material dealing with filtering, configuration settings, white/black-listing, and yet, users of a SpamCop Filtered E-mail Account also have issues with the mechanics at times. Having no knowledge of your 'blocked user' .. the ISP or tools involved, it's pretty hard to say what has or has not happened. If you were white-listed in this users e-mail application, that would have no bearing on what the ISP was doing, for instance.

Don't get me wrong, ultimately it seems as though SBC is a poor manager but I think SPAMCOP is a poor tool to combat a problem.

39648[/snapback]

Trust me, the world awaits your "better" solution.

Link to comment
Share on other sites

Because SpamCop blocklist is aggressive, it does have to be used with care.  However, using blocklists is the best way to control spam.  Because SpamCop is aggressive, often server admins are advised of problems before they get on lists that are not so easy to get off.

39649[/snapback]

I would argue lately. SCBL hasn't been aggressive enough, I see a lot of easily recognizable spam making it past the filters which include other lists to tag the spam, including spam Assassin set below the recommended value of 5.

Link to comment
Share on other sites

Incidently, spam is not a problem for me, all junk mail is recognized by Mail 2.0.5 and throws it out. Never see it, never a problem.

39645[/snapback]

Well spam is a problem for millions of other people. It will not stop by using add-ons to your email that delete it or move it to another folder. The problem will stop when ISP's finally get a clue that no one wants it. Until the ISP's take responsibility for the problem they are turning a blind eye to because they have to keep the profits up we will have a problem. Billions of dollars are lost each year and $Diety only knows how much is being spent to block it when the problem can be stopped when the ISP's take an active part to stop what they currently allow. You are blocked and it is because of your ISP, get used to the idea because it will only get worse and not better. Spamcop has nothing to do with your problem. You have nothing to do _about_ your problem until _your_ ISP stop giving excuses and faces the fact that they must take action.

The pure and simple truth is rarely pure and never simple.

Link to comment
Share on other sites

You are correct Miss Betsy, it does all come down to money. It also comes down to what are the most effective tools to fight a problem. I am not asking my clients to accept spam, I am asking them to use tools that are fair and effective. I have the ultimate tool to fight spam. Disconnect my computer from the internet. Unfortunately, that is not the most effective tool. (althought I am selectively doing that, see below.)

As I mentioned, my Mail client intercepts spam on a computer level. I am sorry others do have a problem with spam. I also have never had a virus.

I have discussed this issue with my business partner. As per your suggestion we are going to investigate other webhosting solutions. In the interim, we have stop accepting email from all people who use SpamCop. In other words, when the Marvin Window Salesperson attempted to email me about their product yesterday I bounced their email back to them. (I am able to email some Marvin Employees but not others.) They eventually called me, I explained that we are blocking all Marvin email because we can not reply to them, they forwarded the information to their IT department. I also informed our clients who are using Spamcop that they need to use fax/phone to contact us because we are no longer accepting email from clients that we can not respond to. They have contacted their tech people and have been very supportive of our decision.

So far that has worked well. Also, changing to the SBCGlobal server has helped some.

I would like to compliment SpamCop on these forums. Providing feedback and access to a knowledge base in such an open manner should be commended.

Link to comment
Share on other sites

You are correct Miss Betsy, it does all come down to money. It also comes down to what are the most effective tools to fight a problem. I am not asking my clients to accept spam, I am asking them to use tools that are fair and effective. I have the ultimate tool to fight spam. Disconnect my computer from the internet. Unfortunately, that is not the most effective tool. (althought I am selectively doing that, see below.)

As I mentioned, my Mail client intercepts spam on a computer level.  I am sorry others do have a problem with spam. I also have never had a virus.

You are a reasonable person, obviously. When you say 'bounce back', I am assuming you are sending 5xx messages. If your mail client intercepts spam at the server and rejects it, then you are using a blocklist of some sort. Those legitimate people who send you mail know that you have rejected it. If your mail client is accepting the email and then sending an email saying it is non-deliverable, then that is why you are being listed on spamcop. you are effectively sending spam to the thousands of innocent people whose email addresses have been forged by the spammers. Any person who sent you legitimate email that was caught by your filter (and it must have some false positives if you never see spam) will never know why you have not received it if you are simply deleting what is tagged as spam.

What you are doing by refusing to accept email from people who use spamcop is essentially what people who use spamcop do. Asking the *sender* to use another means of contacting them. Only you are asking people to abandon a method which will stop spam reaching them (possibly all those NDR's? perhaps not yours, but someone else) .

Unfortunately, the IT department will probably not explain it to them and instead of being outraged that you are asking them to solve your IT problems for you, they will knuckle under, costing them money in using some other kind of filtering method. And it should be you, the *sender* who has to find a better way if the problem of spam is to be solved.

Miss Betsy

Link to comment
Share on other sites

You are a reasonable person, obviously. 

39678[/snapback]

Thank you. The spam enters my mailbox and is directed to the junk folder on my computer. It is not blocked on server level. It is then deleted after a proscribed period of time.

Mail actually has a "bounce" feature that simulates rejected email.

Changing to the sbc.global server has resulted in only one blocked email so far.

Again, thank you for your thoughts on the matter. I do not agree with everything that you and the others had to say, but I appreciate your perspective.

I think I need to get back to designing buildings now.....

Link to comment
Share on other sites

Valid point. However, one of my blockers said that they "white listed" me yet I am still blocked. Don't get me wrong, ultimately it seems as though SBC is a poor manager but I think SPAMCOP is a poor tool to combat a problem.

39648[/snapback]

SpamCop is a tool used by SpamCop members to *SORT* email

there is NO history of SpamCop ever blocking "SMTP.sbcglobal.net" or IP 207.115.63.46 ?

If a mail server is set-up correctly SpamCop will log the last definite IP chain usually the actual computer

Sending to that provider an abuse report. in your case an incompetent/ignorant one who just milks your bank account or credit card Ignoring the FACT they are very much part of a spam problem (just cannot be bothered)

SpamCop BlockList only list the last identifiable IP "chain" if it is sending spam releasing that IP when spam stops. Every report made an attempt is sent to that listed abuse desk unless they do not accept abuse reports

The reason YOU or YOUR PROVIDER are getting listed is because of ignoring abuse reports and not making efforts to repair your or your providers apparently broken system

There are also many many private blocklists that blame SpamCop to conceal the actual blocklist used!

MSN AOL and others just don't bother they just bitbin emails as if they never arrive, this you are happy with? I would guess that you are happy (I believe yourmail system does this also?)

SpamCop has tried to rectify your problem, by recording all of the spam sent, as well as notifying the abuse address that is listed about every report.

It would take more than one report to get listed and if listed it is extremely likely it deserves to be so

The best move you made so far has been coming here. Your next move is to solve your problem which will be to Educate your ISP and or yourself

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...