Jump to content

No longer blackisted, but still can't send emails


Recommended Posts

Posted

Dear spam gurus,

I am at my tethers end because my business is heavily suffering from two aspects of spam. The incoming spam I suffer is a problem for another forum, it is the blacklisting of my outgoing email that is running my business into the ground as none of my suppliers (email and web hosting provider, ISP and domain host) seem to be doing enough to get this problem resolved and I rely heavily on email to communicate and collaborate with my partners and customers on projects my company carries out.

When sending email to my biggest supplier, Dell, I get the following message/error (receive very similar bounces from other large companies that I send email to that use SPAMCOP or SENDERBASE for spam blocking) --PLEASE NOTE SENSITIVE INFORMATION IS REPLACED WITH "REMOVED":

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

REMOVED[at]Dell.com

SMTP error from remote mail server after initial connection:

host smtp.ins.dell.com [143.166.83.183]: 554-ausc60pc103.us.dell.com

554 Connections from this sending hostname platinum.webfusion.co.uk, IP address of:

212.67.202.156 are being rejected due to low SenderBase Reputation score (below -2). Your SenderBase organization:

2213792. See http://www.senderbase.org/ for more information.

------ This is a copy of the message, including all the headers. ------

Return-path: <REMOVED[at]clearskycomputing.com>

Received: from spc2-hers2-5-0-cust227.asfd.broadband.ntl.com ([82.0.46.228] helo=leedell)

by platinum.webfusion.co.uk with esmtpa (Exim 4.54)

id 1FERPh-0007Yo-O4

for REMOVED[at]Dell.com; Wed, 01 Mar 2006 13:30:45 +0000

From: "REMOVED" <REMOVED[at]clearskycomputing.com>

To: <REMOVED[at]Dell.com>

Subject: if you get this, just ignore

Date: Wed, 1 Mar 2006 13:30:44 -0000

Message-ID: <001b01c63d34$58fa4bf0$6600a8c0[at]leedell>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_001C_01C63D34.58FA4BF0"

X-Mailer: Microsoft Office Outlook 11

Thread-Index: AcY9NFezJPGN+Q1OTcahezj8yMPyJQ==

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180

This is a multi-part message in MIME format.

------=_NextPart_000_001C_01C63D34.58FA4BF0

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit

BODY OF EMAIL WAS HERE BUT HAS BEEN REMOVED

------=_NextPart_000_001C_01C63D34.58FA4BF0

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"> <META content=3D"MSHTML 6.00.2900.2722" name=3DGENERATOR></HEAD> <BODY> <DIV><SPAN class=3D031452813-01032006><FONT face=3D"Lucida Console" = color=3D#000080=20 size=3D2>Hi Ross,</FONT></SPAN></DIV> <DIV><SPAN class=3D031452813-01032006><FONT face=3D"Lucida Console" = color=3D#000080=20 size=3D2>if you do get this email please just ignore. Just = seeing if I'm=20 bouncing off Dell's email systems</FONT></SPAN></DIV> <DIV><FONT face=3D"Lucida Console" color=3D#000080 = size=3D2></FONT> </DIV> <DIV align=3Dleft><FONT face=3D"Lucida Console" color=3D#000080=20 size=3D2></FONT> </DIV> <DIV align=3Dleft><FONT face=3D"Lucida Console" color=3D#000080 = size=3D2>Best=20 regards,</FONT></DIV> <DIV align=3Dleft><FONT face=3D"Lucida Console" color=3D#000080=20 size=3D2></FONT> </DIV> <DIV align=3Dleft><FONT face=3D"Lucida Console" color=3D#000080 = size=3D2>Lee=20 Steadman</FONT></DIV> <DIV align=3Dleft><FONT face=3D"Lucida Console" color=3D#000080 = size=3D2>Clear Sky=20 Computing Ltd</FONT></DIV> <DIV align=3Dleft><FONT face=3D"Lucida Console" color=3D#000080 = size=3D2><SPAN=20 class=3D375385514-23012006><STRONG>NEW WEB SITE WITH NEW SERVICES=20 AND PRICING, TO FIND OUT MORE VISIT:</STRONG></SPAN></FONT></DIV>

<DIV align=3Dleft><FONT size=3D2><FONT face=3D"Lucida Console"><FONT=20 color=3D#000080><SPAN class=3D375385514-23012006><A=20 href=3D"http://www.clearskycomputing.com/"><STRONG>http://www.clearskycom=

puting.com</STRONG></A></SPAN></FONT></FONT></FONT></DIV>

<DIV align=3Dleft><FONT size=3D2><FONT face=3D"Lucida Console"><FONT=20 color=3D#000080><SPAN=20 class=3D375385514-23012006></SPAN></FONT></FONT></FONT> </DIV>

<DIV> </DIV></BODY></HTML>

------=_NextPart_000_001C_01C63D34.58FA4BF0--

and here's another bounce from an associate:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

REMOVED[at]xko.co.uk

SMTP error from remote mail server after MAIL FROM:<REMOVED[at]clearskycomputing.com>:

host mx0.xko.net.uk [194.128.197.132]: 553 5.3.0 Rejected - see http://www.spamcop.net/bl.shtml

------ This is a copy of the message, including all the headers. ------

Return-path: <REMOVED[at]clearskycomputing.com>

Received: from spc2-hers2-5-0-cust227.asfd.broadband.ntl.com ([82.0.46.228] helo=leedell)

by platinum.webfusion.co.uk with esmtpa (Exim 4.54)

id 1FERXH-0001PO-EI

for REMOVED[at]xko.co.uk; Wed, 01 Mar 2006 13:38:35 +0000

From: "REMOVED" <REMOVED[at]clearskycomputing.com>

To: "REMOVED" <REMOVED[at]xko.co.uk>

Subject: ignore - bounce test

Date: Wed, 1 Mar 2006 13:38:31 -0000

Message-ID: <002001c63d35$70f14960$6600a8c0[at]leedell>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0021_01C63D35.70F14960"

X-Mailer: Microsoft Office Outlook 11

Thread-Index: AcY9NW4j14NrTzTDQoOv4wC6KlBqAw==

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180

This is a multi-part message in MIME format.

------=_NextPart_000_0021_01C63D35.70F14960

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit

ignore - bounce test

------=_NextPart_000_0021_01C63D35.70F14960

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"> <META content=3D"MSHTML 6.00.2900.2722" name=3DGENERATOR></HEAD> <BODY> <DIV><SPAN class=3D843063813-01032006><FONT face=3D"Lucida Console" = color=3D#000080=20 size=3D2>ignore - bounce test</FONT></SPAN></DIV></BODY></HTML>

------=_NextPart_000_0021_01C63D35.70F14960--

I've gone through thoroughly SPAMCOP and senderbase Web site FAQ's and followed procedure for blacklist dispute. I have got nothing back from anyone yet. Meanwhile my business projects are grinding to a hault causing serious loss of income. This is so detrimental to my business if I don't get sorted within the next few days I will be forced to take some kind of action like transfer my email and business collaboration and CRM systems over to new email/domain/IP which could cost so much and cause such disruption it could likely sink my business.

If any can help with this potentially 'business destroying' situation you could be our sole saviour and we would be for ever greatful

Posted

212.67.202.156 is spammy. It has sent spam to spamtraps, and has had messages reported by receivers. It looks like those reports would have gone to abuse[at]webfusion.co.uk. I would start by talking to them and finding out why you never saw these reports.

http://www.spamcop.net/w3m?action=checkblo...=212.67.202.156

The entire 212.67.202.* block looks pretty bad, I see at least 20 different hosts listed on the SCBL. I would suggest that if email is that important to your company, you either find an email provider that takes care of their spam problems and can provide you reliable email service, or get a non-shared mail server.

194.128.197.132 does not appear to be currently listed on the SCBL

http://www.spamcop.net/w3m?action=checkblo...194.128.197.132

and I don't see any abuse reports on the google groups

http://groups.google.com/groups?scoring=d&...2+group:*abuse*

Perhaps a paid member could pull a listing history on that IP and see if there are any reports recently. It could be that xko.co.uk is misreporting their rejection reason, which is a lot more common than one might expect.

Posted
I would suggest that if email is that important to your company, you either find an email provider that takes care of their spam problems and can provide you reliable email service, or get a non-shared mail server.

I heartily concur. Take your business elsewhere. PlusNet is a very good UK host.

Perhaps a paid member could pull a listing history on that IP and see if there are any reports recently. It could be that xko.co.uk is misreporting their rejection reason, which is a lot more common than one might expect.

40825[/snapback]

I have done, and there is none, Senderbase shows no activity at all.

Posted
------ This is a copy of the message, including all the headers. ------

Received: from spc2-hers2-5-0-cust227.asfd.broadband.ntl.com ([82.0.46.228] helo=leedell)

by platinum.webfusion.co.uk with esmtpa (Exim 4.54)

id 1FERXH-0001PO-EI

for REMOVED[at]xko.co.uk; Wed, 01 Mar 2006 13:38:35 +0000

40824[/snapback]

This is strange to me. Are you sure this is the only received line?

If it is the mail was sent from spc2-hers2-5-0-cust227.asfd.broadband.ntl.com ([82.0.46.228] helo=leedell)

this is a dynamic IP that should not be running a mail server if they want their mail delivered. Most admins will not accept mail from a dynamic IP and it is listed in a few dynamic lists.

next the Helo is bogus as it should be s FQDN.

Also if we check sightings for the same 'helo' in other spam runs we find

http://groups.google.com/group/news.admin....rt=0&scoring=d&

What software was used to send this test?

I might be wrong but I don't think we have enough information here.

Posted

Report History for 212.67.202.156 follows:

Submitted: Thursday 2006/02/23 11:40:58 -0500: 
x
1669047315 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Sunday 2006/02/12 10:09:18 -0500:
Mail delivery failed: returning message to sender
1655954980 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Saturday 2006/02/11 12:58:10 -0500:
Mail delivery failed: returning message to sender
1655293907 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Wednesday 2006/02/08 06:47:48 -0500:
Mail delivery failed: returning message to sender
1652087031 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2006/02/07 22:20:50 -0500:
Mail delivery failed: returning message to sender
1651239151 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2006/02/07 18:36:32 -0500:
Mail delivery failed: returning message to sender
1651082673 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2006/02/07 10:59:07 -0500:
Mail delivery failed: returning message to sender
1650703232 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Thursday 2006/01/26 12:19:43 -0500:
February Offers
1636485468 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1636485442 ( http:// www.yuzumedia.com/blast/box.php?funcml=u... ) To: abuse[at]gxn.net
1636485429 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Thursday 2006/01/05 14:53:11 -0500:
Mail delivery failed: returning message to sender
1610835581 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Thursday 2006/01/05 12:50:42 -0500:
**VL-JUNK** Web Site - 'Contact Enquiry' Form
1610695448 ( http:// www.pharm-all.com ) To: mole[at]devnull.spamcop.net
1610695440 ( 212.67.202.156 ) To: mole[at]devnull.spamcop.net

--------------------------------------------------------------------------------

Submitted: Thursday 2006/01/05 12:50:08 -0500:
**VL-JUNK** Web Site - 'Contact Enquiry' Form
1610694874 ( http:// www.pharm-all.com ) To: mole[at]devnull.spamcop.net
1610694866 ( 212.67.202.156 ) To: mole[at]devnull.spamcop.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2006/01/03 02:51:44 -0500:
Mail delivery failed: returning message to sender
1607527603 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Monday 2005/12/26 05:31:18 -0500:
Mail delivery failed: returning message to sender
1598831115 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1598831094 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Monday 2005/12/26 03:31:05 -0500:
Mail delivery failed: returning message to sender
1598643007 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1598643001 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Sunday 2005/12/25 11:54:22 -0500:
Mail delivery failed: returning message to sender
1598027261 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1598027260 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/20 08:01:30 -0500:
Request: from Company: OEMSoftwareBlowout8329[at]thamesair.com
1592821309 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/20 06:04:19 -0500:
Request: from Company: NewSoftwareCheap8951[at]natolamps.com
1592720606 ( http:// microsoftwvworksf4lp2938k4l6txxa2ffskxff... ) To: cnc-abuse[at]abuse.sprint.net
1592720605 ( http:// extremediscountcomodcyt0chbduxk661boo1bo... ) To: cnc-abuse[at]abuse.sprint.net
1592720601 ( http:// microsoftwvworksf4lp2938k4l6txxa2ffskxff... ) To: postmaster[at]china-netcom.com
1592720600 ( http:// extremediscountcomodcyt0chbduxk661boo1bo... ) To: postmaster[at]china-netcom.com
1592720596 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1592720595 ( http:// www.ronfell.com ) To: abuse[at]gxn.net
1592720594 ( http:// www.natolamps.com/contact ) To: abuse[at]gxn.net
1592720592 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Sunday 2005/12/18 08:28:27 -0500:
Mail delivery failed: returning message to sender
1590594674 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Wednesday 2005/12/14 04:14:12 -0500:
Mail delivery failed: returning message to sender
1585890240 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/13 15:01:36 -0500:
Web Site Property Enquiry
1585297055 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/13 03:10:00 -0500:
Web Site Property Enquiry
1584660424 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/13 01:35:12 -0500:
Message from contact page of website
1584579657 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/13 01:33:32 -0500:
Message from contact page of website
1584576208 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Monday 2005/12/12 18:15:09 -0500:
Request: from Company: BreakingIssueNews366[at]thamesair.com
1584615088 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1584615077 ( http:// www.thamesair.com/contact ) To: abuse[at]gxn.net
1584615073 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Monday 2005/12/12 17:30:28 -0500:
Web Site Property Enquiry
1584190506 ( 212.67.202.156 ) To: mole[at]devnull.spamcop.net

--------------------------------------------------------------------------------

Submitted: Monday 2005/12/12 17:03:34 -0500:
Alpha request from church web site
1584209775 ( 212.67.202.156 ) To: spamcop[at]imaphost.com
1584209743 ( 212.67.202.156 ) To: abuse[at]gxn.net

--------------------------------------------------------------------------------

Submitted: Tuesday 2005/12/06 12:33:16 -0500:
YUZU Chrismas card e-mail offer
1577318598 ( http:// www.yuzumedia.com/blast/box.php?funcml=u... ) To: mole[at]devnull.spamcop.net
1577318597 ( 212.67.202.156 ) To: mole[at]devnull.spamcop.net

--------------------------------------------------------------------------------

Submitted: Saturday 2005/12/03 12:29:13 -0500:
Mail delivery failed: returning message to sender
1574015001 ( 212.67.202.156 ) To: abuse[at]gxn.net[/CODEBOX]

Posted

I am stunned by the rapid professional repsonse from you all. I'm not even a customer.

Well I feel like I have enough information to make some serious decisions to get out of this frustrating situation.

Many many thanks for this useful help

Posted

Turns out that there are several other people that have complained about being black listed to WebFusion (my web and email host) and they say they can't do anything about it. I have already started to plan migrating off of their (black listed) systems to someone who I considered before, www.zen.co.uk

Thanks again to everyone for all the help

Posted

Yeah, unfortunately the blacklisted ISP who "can't" (translation: Its too much trouble to actually provide the services that our customers pay for) do anything about being blacklisted is becoming more and more common.

Fortunately, there are still a lot of hosts out there that do maintain their systems as they should, and if they encounter a blacklist or other problem, they take the necessary actions to fix it.

A google search of the abuse groups for any ISP you are thinking about using is usually a good place to start, as is a senderbase lookup of their mail servers. That will tell you a lot about whether they just let their mail servers run and spew who knows what, or whether they actually hold their customers to the TOS.

Posted
I am stunned by the rapid professional repsonse from you all. I'm not even a customer.

40852[/snapback]

...Thank you for the kind words. The fact that you are not a customer and found help here is one of the advantages of a "peer" forum like this one -- we don't care that you're not a customer of SpamCop (many of us are not, either, although we do make use of some of its services ... for free!) but we do care that you had a question about how the SpamCop blacklist is used.
Well I feel like I have enough information to make some serious decisions to get out of this frustrating situation.

Many many thanks for this useful help

40852[/snapback]

...Good luck!
Posted
I have already started to plan migrating off of their (black listed) systems to someone who I considered before, www.zen.co.uk

Thanks again to everyone for all the help

40853[/snapback]

You're welcome. However, please be sure to question their competence regarding http://groups.google.com/group/uk.telecom....67658772b2a741a and possibly other incidents before you sign on the dotted line.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...