brianroth Posted August 28, 2006 Share Posted August 28, 2006 A friend suggested I ask here for help. I own a one-man business based in Oklahoma. Recently, I've had problems sending emails to a few of my corporate clients...the emails never arrived. This morning, I spoke with a friend in the IT department at one client's company and discovered I was being "filtered" via the anti-spam software on their email server. Upon further investigations (I Google searched for "blacklist), I encountered: http://www.mxtoolbox.com/blacklists.aspx From there, I entered the registered domain name for my website (which is brianroth dot com) via the "MX Lookup" at the mxtoolbox website, and it revealed that three sites (two apparently in China) which have me on a blacklist. I contacted the company which supplies my webserver space (godaddy.com) and they informed me they have no control over who blacklists me. One of the blacklisters: http://www.blars.org/errors/block.html wants $1000 payable in advance to de-list me. I cannot decipher the other two websites listed at mxtoolbox.com since I cannot read Chinese. I operate a simple business which caters to the professional recording and radio/TV businesses, and my website is merely a tool to generate business leads. I do NOT generate any email via that account...any email sent **TO** the email address listed on my website is forwarded to my ISP account at cox dot net. Any email that I create is sent **FROM** the cox dot net ISP account, which does not appear on the blacklist. Apparently, several of my clients' spam filters "blindly" look at every blacklist and then have blocked me via my "reply to" address, or perhaps my "sig line". I cannot afford to send a thousand dollars to every site which seem to have singled me out for "extortion". How can I remedy this problem? Thanks! Brian A. Roth Brian Roth Technical Services Oklahoma City, Oklahoma Link to comment Share on other sites More sharing options...
Wazoo Posted August 28, 2006 Share Posted August 28, 2006 Nothing to do with the SpamCop.net Parsing & Reporting system .. the SpamCopDNSBL is not part of the query. Moving this to the Lounge For starters. Details ... lots of mixing and matching going on ... Domain names, MX lookups, but .. the question of the IP address involved in the outgoing e-mail isn't answered. So, in this quick instance, I'm still wondering exactly what is being blocked by whom and for exactly what reason. Link to comment Share on other sites More sharing options...
brianroth Posted August 28, 2006 Author Share Posted August 28, 2006 Thank you for the prompt reply, Wazoo, and I apologize for posting into an incorrect forum. It appears that brianroth dot com is being blocked via my "reply to" or perhaps my "sig line" versus a specific IP address. brianroth dot com is "blacklisted" at three sites found at http://www.mxtoolbox.com/blacklists.aspx But, I am merely a small businessman and am NOT a genius when it comes to arcane matters such as this. The vast majority of my emails DO arrive at the intended destinations. It appears that the spam filters at a few destinations are blindly looking at "something" and then filtering my emails. Thanks again for any suggestions. Brian Link to comment Share on other sites More sharing options...
Wazoo Posted August 28, 2006 Share Posted August 28, 2006 Let's turn things around a bit ... wsc1.jomax.net reports the following MX records: Preference Host Name IP Address TTL 0 smtp.secureserver.net 64.202.166.12 3600 10 mailstore1.secureserver.net 64.202.166.11 3600 But these are your 'incoming' e-mail servers. Not yet defined is/are your "output" server IP address(es) Most BLs work on IP addresses. There are a few that try to deal with Domain names/web-sites. Any filtering on the From: line would be done by the end user in general. Checking 64.202.166.12 against 144 known blacklists... BLARSBL LISTED Return codes were: 127.1.0.32 http://www.blars.org/errors/block.html The reason for adding to BlarsBL is encoded in the two least significant bytes of the returned address: (Listed least significant bit first.) 32. attempted mail relay exploits Attempting to relay mail through my system or access a (nonexistant) formmail scri_pt will get the /24 associated as 32. and 64. respectivly. Administrators running publicly accessable DNSBL lists of exploitable systems may send me email asking your checker to be unlisted. But again, this may not matter to secureserver.net as it's an "incoming" server ... As stated, what is not yet known is how you e-mail "goes out" and from "where" ... Note that all the above was developed against the IP address of an MX server .. not your Domain name ... Link to comment Share on other sites More sharing options...
StevenUnderwood Posted August 28, 2006 Share Posted August 28, 2006 Brian: Please send an email to the address in my sig, with the words "SpamCop Forum Test" as the subject (so I don't report you as spam accidentally), and I can determine what the servers are that are sending your messages. You mention Cox and it is quite possible it is their servers that are on the BL. Link to comment Share on other sites More sharing options...
DavidT Posted August 28, 2006 Share Posted August 28, 2006 Brian, If you're sending the emails using your Cox connection, then it's very possible that the sporadic blocking is due to the periodic listing of the IP addresses of those Cox email servers on various blacklists, and that your recipients email boxes are hosted on servers that are rejecting mail based on that. To get around that, you might try sending mail using a webmail interface...perhaps your host, GoDaddy, provides you with webmail access to your "brian" address at your domain? Another solution is to have your clients "whitelist" the address from which you correspond with them. DT Link to comment Share on other sites More sharing options...
StevenUnderwood Posted August 28, 2006 Share Posted August 28, 2006 Brian, If you're sending the emails using your Cox connection, then it's very possible that the sporadic blocking is due to the periodic listing of the IP addresses of those Cox email servers on various blacklists, and that your recipients email boxes are hosted on servers that are rejecting mail based on that. To get around that, you might try sending mail using a webmail interface...perhaps your host, GoDaddy, provides you with webmail access to your "brian" address at your domain? Another solution is to have your clients "whitelist" the address from which you correspond with them. DT http://www.spamcop.net/sc?id=z1045589170z1...8a1e179932120bz This message did indeed come via your Cox servers. In this case, 70.168.83.79 would be the server most hosts would be checking against. Cox does have a number of different servers as seen at the bottom of: http://www.senderbase.org/?searchBy=ipaddr...ng=70.168.83.79 Your mail could be hitting any of those servers. Interestingly, this message, as received by spamcop email servers, seems to be missing the semi colon before the date on the first hand off, making the date unreadable as seen in other threads here. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.