Jump to content

Blacklisted - another Wanadoo customer


wineraks

Recommended Posts

Posted

I'm not a user of spamcop but my domain name & IP address is being used by a spammer as the "address from" in mails. I'm getting the usual bounced mails back to my catchall account which has now being going on for several months. This I can deal with.

What has now happened is that the IP address has been blacklisted by spamcop & I am having trouble sending genuine emails to folk who use spamcop.

I've reported this to my provider, & am waiting on their reply.

Can anyone suggest anything that I can do to sort this out.

Thanks

Mike

Posted
I'm not a user of spamcop but my domain name & IP address is being used by a spammer as the "address from" in mails. I'm getting the usual bounced mails back to my catchall account which has now being going on for several months. This I can deal with.

What has now happened is that the IP address has been blacklisted by spamcop & I am having trouble sending genuine emails to folk who use spamcop.

I've reported this to my provider, & am waiting on their reply.

Can anyone suggest anything that I can do to sort this out.

Please reveal the IP address you believe is listed so we can investigate. Your charge that a spammer is forging your IP address in spam is serious and we want toget the parser fixed if it is true. Usually turns out that your server IP address has a virus or related problem.

Posted

Hi Steven

The IP address is 193.252.22.157

If you could investigate that would be great. I've no truck with spamcop, you obviously do a decent job, I just want to find a workable solution

Cheers

Mike

Posted
The IP address is 193.252.22.157

If you could investigate that would be great. I've no truck with spamcop, you obviously do a decent job, I just want to find a workable solution

Thank you. That is a Wanadoo IP address. Ip you search for Wanadoo here, you will find lots of examples of their problems. Since it is not your IP address (unless you are Wanadoo support) there is not going to be much you can do. Many have tried to educate Wanadoo what they are doing to the internet community. They are doing the very same thing that is causing you to receive so many misdirected bounces to invalid addresses, some of them being spamtrap addresses.

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam about 90 times in the past week

It appears this listing is caused by misdirected bounces. We have a FAQ which covers this topic: Why auto-responses are bad (Misdirected bounces). Please read this FAQ and heed the advice contained in it.

THe examples of spam coming from that IP address recently...

Report History: 
--------------------------------------------------
Submitted: Wednesday, September 20, 2006 5:32:19 AM -0400: 
Undelivered Mail Returned to Sender 
1929736041 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929736040 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929736035 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929736034 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929736028 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 
1929736022 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 

--------------------------------------------------
Submitted: Wednesday, September 20, 2006 3:58:32 AM -0400: 
YOU HAVE WON!!CONTACT OUR CLAIMS OFFICER 
1929610637 ( 193.252.22.157 ) To: spamcop[at]imaphost.com 
1929610626 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929610623 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929610618 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929610616 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929610613 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 
1929610610 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 2:27:50 AM -0400: 
NOTIFICATION OF FINAL RESULTS / VERIFICATION FORM 
1929504352 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929504344 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929504337 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929504327 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929504319 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 
1929504300 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 

--------------------------------------------------
Submitted: Wednesday, September 20, 2006 1:18:20 AM -0400: 
REF No: UKNL-L/200-26937 
1929406464 ( 193.252.22.157 ) To: spamcop[at]imaphost.com 
1929406459 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929406455 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929406448 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929406440 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929406436 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 
1929406433 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 

--------------------------------------------------
Submitted: Wednesday, September 20, 2006 12:51:10 AM -0400: 
HOPE THIS DAY FINDS YOU WELL. 
1929380347 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929380344 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929380341 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929380340 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 
1929380335 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929380330 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 12:45:55 AM -0400: 
=?UTF-8?Q?Euromillion_Loteria_Espa=C3=B1ol_International?= 
1929367330 ( 193.252.22.157 ) To: mole[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 12:44:00 AM -0400: 
Contact: Mr.Van Clapton. 
1929370035 ( 193.252.22.157 ) To: mole[at]devnull.spamcop.net 

------------------------------------------------
Submitted: Tuesday, September 19, 2006 9:53:14 PM -0400: 
REPRESENTATIVE NEEDED 
1929438544 ( 193.252.22.157 ) To: spamcop[at]imaphost.com 
1929438542 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929438541 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929438537 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929438536 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929438534 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 
1929438529 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 

Report History: 

Don't Display UUBE

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 6:43:04 AM -0400: 
Undelivered Mail Returned to Sender 
1929804778 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

--------------------------------------------------
Submitted: Wednesday, September 20, 2006 5:32:19 AM -0400: 
Undelivered Mail Returned to Sender 
1929736041 ( 193.252.22.157 ) To: abuse[at]francetelecom.com 
1929736040 ( 193.252.22.157 ) To: abuse#fsmail.net[at]devnull.spamcop.net 
1929736035 ( 193.252.22.157 ) To: abuse[at]wanadoo.fr 
1929736034 ( 193.252.22.157 ) To: abuse[at]uk.wanadoo.com 
1929736028 ( 193.252.22.157 ) To: abuse#freeserve.com[at]devnull.spamcop.net 
1929736022 ( 193.252.22.157 ) To: postmaster#fsmail.net[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 5:23:09 AM -0400: 
Undelivered Mail Returned to Sender 
1929720085 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 5:10:18 AM -0400: 
Undelivered Mail Returned to Sender 
1929701943 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 5:01:11 AM -0400: 
Undelivered Mail Returned to Sender 
1929690951 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 4:57:46 AM -0400: 
Undelivered Mail Returned to Sender 
1929687866 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

--------------------------------------------------
Submitted: Wednesday, September 20, 2006 4:42:44 AM -0400: 
Undelivered Mail Returned to Sender 
1929669116 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

---------------------------------------------------
Submitted: Wednesday, September 20, 2006 4:40:44 AM -0400: 
Undelivered Mail Returned to Sender 
1929666272 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

--------------------------------------------------
Submitted: Wednesday, September 20, 2006 4:33:27 AM -0400: 
Undelivered Mail Returned to Sender 
1929656188 ( 193.252.22.157 ) ( UUBE ) To: uube[at]devnull.spamcop.net 

P.S. how do you shring the code box in this app?

Posted
Thank you. That is a Wanadoo IP address. Ip you search for Wanadoo here, you will find lots of examples of their problems. Since it is not your IP address (unless you are Wanadoo support) there is not going to be much you can do. Many have tried to educate Wanadoo what they are doing to the internet community. They are doing the very same thing that is causing you to receive so many misdirected bounces to invalid addresses, some of them being spamtrap addresses.

P.S. how do you shring the code box in this app?

? Sorry, you've lost me there with that last bit.

Cheers. From what you say it looks as though Wanadoo/Orange aren't going to be particularly helpful here, if indeed they respond to my complaint. Does this mean the only real solution is to change ISP?

Posted

Just to clarify to Mike. The IP address you gave belongs to wanadoo. I gather from Mike's first post that this is his IP address. If he shares the IP address with other people, it is the other people who are 'bouncing' emails to other people's catchalls. If he doesn't share it, then he is accepting email and sending bounces, not only to other people's catchalls, but to spam traps. In other words, return paths can be forged (or spoofed), but IP addresses cannot be.

The email address in the return path which brings bounces to Mike's catchall has nothing to do with the IP address being listed by spamcop. Return path addresses are easily forged - which is why sending bounces to the return path is bad.

IP addresses that indicate who /received/ the email and the IP address it was received from should not be able to be forged. Subsequent IP addresses in the headers can be forged - that's the reason for spamcop. The parser is an automated way of reading headers and deciding which header after the received header actually sent the email. However, IIUC, forging IP addresses in the headers don't actually /make/ the email go to those addresses or have anything to do with how the email got to one's inbox. They are like comment lines in code - they don't do anything. So when the parser gets to a header line that doesn't do anything, the header line before that is the one that sent the email. (strictly a layman's explanation!)

Miss Betsy

Posted

Miss Betsy

I'm afraid much of your "layman's" explanation has gone over my head, layman junior here I guess.

The mails we receive have been bounced back to fictional addresses with our domain suffix, which we accept through our catchall. I don't know where they have originated from & the full headers don't give me anything I can understand. The bounces appear to be due to them going to unknown addresses, adresses with spamguards that bounce, & sometimes automated responses when user is absent. I'm guessing that more mails actually get through to their destinations showing us as the originator, & these are the ones being reported to spamcop.

I am not aware of our IP address being shared, but that could be the case. I have had a reply from my ISP but not really addressing the issue.

Mike

Posted

Ok, lets start with:

Is that IP address shared?

A quick nslookup gives me 193.252.22.157 = smtp2.wanadoo.co.uk

This sounds like the name of a wanadoo mail server to me, I would say with 99% certainty that this is a shared mail server, probably used by thousands of wanadoo customers.

Now, to clarify some points. You receiving misdirected bounces because a spammer spoofed your IP address, and your IP address being listed, are two seperate issues, and are most likely not related.

The list posted by Steven shows some samples of traffic seen from the IP address of your shared mail server. This piece of information (originating IP address) is the ONLY piece of a message which is not easily forgable, and is therefor the only piece of information on which spamcop can reply. It is trivial for a spammer to forge the from address, the supposed name of the mail server, times, etc. Only the IP address is reliable, so we can be certain that these messages are coming from the mail server you use, though you most likely have nothing to do with them, since this server is used by many customers.

Spamcop works off a point system, so a shared server like yours would have to send a lot more spam than a server used by a small company to get itself listed, there is really no excuse for the level of poor management required to get a server listed. Again, this is nothing you have direct control over, the problem is Wanadoo, so don't construe this as me griping at you personally.

You'll notice that many of the messages that Steven listed for us have the subject "Undelivered Mail Returned To Sender". This means that when Wanadoo's server receive a message they can't deliver, whether it be because the user doesn't exist, has a full mailbox, whatever, the server is happily accepting the mail, and then trying to send a "Sorry we couldn't deliver your message" message to whoever the email says it is from.

Unfortunately, as has been pointed out, most of these message are spam that uses a forged "FROM:" address, which means the "Undeliverable" notification, goes to whoever happens to actually own the forged address.

This is unacceptable behavior for a mailserver, as it simply turns spam into more spam with each one of these post-facto bounces.

The proper behavior is for the receiving mail server to decide if it can deliver the message while it is talking to the sending server, and if it can't, rejecting the message outright during the transaction. This makes the sending server responsible for delivering the NDR (Non-Delivery Response) to its user, and prevents the generation of a message to an innocent 3rd party.

Unfortunately, many ISPs are still stuck in the early 90s when spam was not really a significant problem, and these post-facto bounces were acceptable.

Now interestingly, you receiving a number of misdirected bounces yourself gives you a perfect example of how this type of configuration can cause a problem. I had a spammer use one of my addresses for what must have been a massive spam run one day, as I received somewhere in the neighborhood of 1000 of these misdirected bounces in a 24 hour period.

Posted
The proper behavior is for the receiving mail server to decide if it can deliver the message while it is talking to the sending server, and if it can't, rejecting the message outright during the transaction. This makes the sending server responsible for delivering the NDR (Non-Delivery Response) to its user, and prevents the generation of a message to an innocent 3rd party.
Yes, but what address does the sending server use for delivering its NDR?
Posted

Thanks for that Telarin/Will. I see what you are getting at & understand a bit more as to how it works. We have, some time ago, had a couple of these massive bursts of misdirected bounces as you describe, each lasting about 12-24 hours, then finishing. Now, however, we are getting about 200 a day, every day, without any let-up.

My real problem is that the activity is causing our IP address (which from what you say is probably shared) to be blacklisted with spamcop. this ahving the effect that at least 2 of our contacts cannot now receive emails from us.

We use webfusion as a mailserver (I think that's their role), are they to blame here, or is it Orange/Wanadoo as our ISP?

I am really after a way of working around this & try & find a solution, before more contacts become non-contactable. I'm no IT expert, just trying to muddle through while I make a living from selling wine.

Posted
Yes, but what address does the sending server use for delivering its NDR?

The sending server does not use an address for delivery of the NDR. Since it is the originating users server, it would deliver it directly to their mailbox without sending an SMTP message.

On the other hand, if the sending server is a trojanned machine, which is the source of the vast majority of spam, it simply ignores the failure and moves on to the next victim, so no NDR is generated at all (since there is nowhere for it to go anyway).

We use webfusion as a mailserver (I think that's their role), are they to blame here, or is it Orange/Wanadoo as our ISP?

It depends, do you use webfusion for both your incoming AND outgoing mailserver? Many people use a host for their incoming only, but use their ISPs outgoing mailserver. This appears to be the case in your situation, as the IP that is listed is a Wanadoo address. You might want to ask webfusion if you can set your mail program to use them as your outgoing (sending) server as well, that way you would not be at the mercy of Wanadoo's poor mailserver configuration practices.

Posted
It depends, do you use webfusion for both your incoming AND outgoing mailserver? Many people use a host for their incoming only, but use their ISPs outgoing mailserver. This appears to be the case in your situation, as the IP that is listed is a Wanadoo address. You might want to ask webfusion if you can set your mail program to use them as your outgoing (sending) server as well, that way you would not be at the mercy of Wanadoo's poor mailserver configuration practices.

Webfusion are our incoming server, & as you guessed our ISP is our outgoing one. That sounds like a good idea to see if we can change to webfusion for outgoing mail. Fingers crossed we can. Thanks very much for that.

Mike

Posted
I'm not a user of spamcop but my domain name & IP address is being used by a spammer as the "address from" in mails.

Non-agreed to use of "your e-mail address" in this kind of e-mail is basically identified as "Forged From: / Reply-To addresses" The word "spoofing" has some basic technical definitions when talking about Internet traffic .... you have not made your case to show "spoofing" going on. No information you've yet supplied suggests that someone is hacking bits at the packet level to "spoof any IP address" ....

Item #1: this Topic was started in the "Reporting Help" Forum section. Now moverd to the Blocklist Help Forum.

Item #2: the Subject line has been changed, so as to not help in the spread of the mis-use of technical terms, thus confusing others coming in later ....

I'm getting the usual bounced mails back to my catchall account which has now being going on for several months. This I can deal with.

What has now happened is that the IP address has been blacklisted by spamcop & I am having trouble sending genuine emails to folk who use spamcop.

Your incomng spam is one subject matter area, the use of a catch-all account is another. A SpamCopDNSBL listing would be based on the spam/spew seen coming "from" an e-mail server, which is a subject all it's own.

If the IP address involved was "actually your IP address" .. then there just might be a connection between those three separate items. However, it appears that you are just a user of a large ISP's services, so you are not actually "in control" of any IP address involved.

I would suggest that if you want to get to the heart of the matter and understand what's actually happening, you're going to have to do some research, learn how e-mail works, learn how to read headers .... the SpamCop FAQ (links at the top of the page) is a start, the repeated stand-alone "Why am I Blocked?" entry tries to explain a lot, there is a Dictionary & Glossary provided for those techy words ... and of course, there's the numerous Topics / Discussions from folks that have been there before you ....

Posted
On the other hand, if the sending server is a trojanned machine, which is the source of the vast majority of spam, it simply ignores the failure and moves on to the next victim, so no NDR is generated at all (since there is nowhere for it to go anyway).

Thanks from me too for that helpful aside - I didn't know what happened in that common spam situation.

Posted

Believe me, I'm learning fast here.

I now know that the IP address I've quoted is Orange/Wanadoo's mail server, over which I obviously have no control. Our own IP address is 62.136.41.218, which it appears is also on some blacklists, I know not why yet.

I agree we have 2 issues here. My incoming returned mail I can filter out by losing my catchall address & that will be addressed shortly. I realise that has nothing to do with the spamcop listing.

I have tried to change my outgoing server to webfusion, only to find orange/wanadoo have Port 25 blocked. Now I'm stumped again & do not know if there is anything else I can do.

I don't know what I have to do to prove spoofing is going on here, & I'm not sure if I need to. I'm just reporting on what I see & what the effects are. I appreciate your time on this btw, thanks.

Mike

Posted

Port 25 blocking is not terribly uncommon and there are several things you can do about it:

Call the ISP and ask if you can be unblocked as you need to send through your hosts SMTP server for business reasons. I've found the vast majority of ISPs that block port 25 have no problem opening it up at customer request.

Talk to webfusion and see if you can use something other than port 25. As port 25 blocking has become more common, it has also become more common for hosts to make another port available for their customers that experience this problem from their ISP.

Posted

Port 25 blocking is not terribly uncommon and there are several things you can do about it:

Call the ISP and ask if you can be unblocked as you need to send through your hosts SMTP server for business reasons. I've found the vast majority of ISPs that block port 25 have no problem opening it up at customer request.

Talk to webfusion and see if you can use something other than port 25. As port 25 blocking has become more common, it has also become more common for hosts to make another port available for their customers that experience this problem from their ISP.

Thanks again. I've mailed my ISP to ask for the port to be unblocked, & will see what happens there.

Mike

Posted
Our own IP address is 62.136.41.218, which it appears is also on some blacklists, I know not why yet.
I think that's actually the IP of your own connection to the Internet (dialup, broadband, or whatever), which is controlled by "energis.com" which is in turn under Wanadoo. If you look up that IP at Robtex (formerly RBLS):

http://www.robtex.com/rbls/62.136.41.218.html

Your IP is listed on mutiple "dynamic" blocking services, because lots of spam comes from dynamic (dialup and individual broadband connections) IP space. It's not good to transmit email directly from your PC's Internet connection to the mail servers of your recipients. It's better to go through intermediary servers which are designed for that purpose and are not listed on blocklists.

My ISP blocks port 25 for good reasons...if my computer were to become infected, it could initiate SMTP sessions to innocent third parties all over the world and send them spam or worms. So, I either allow my ISP to relay my outbound email through their mail servers, or I use an alternate SMTP port on the web servers associated with my other addresses, but those web servers are configured in such a way as to limit the sharing of IPs that transmit email, resulting in no blocklisting.

The better course of action is to route your mail through Webfusion, although it would be a good idea to get the IPs of their transmitting servers and have us run them through our SpamCop tools to see how clean they are. As long as your PC hands off to another *outbound* mail server before trying to deliver the mail to the servers that receive the mail, it shouldn't matter that your IP is listed on the various "dynamic (dialup) space" blacklists. The reason for those lists is so that *receiving* servers can check to see if they are being offered mail directly from a dynamic IP, but if you route your mail through a clean intermediary outbound server, you should be OK.

DT

Posted

My real problem is that the activity is causing our IP address (which from what you say is probably shared) to be blacklisted with spamcop. this ahving the effect that at least 2 of our contacts cannot now receive emails from us.

You receiving misdirected bounces at a catch all is NOT related to your IP address being listed. If wanadoo used a catch-all, they would not have this problem. The listing is because the server you listed (193.252.22.157 and maybe others) is SENDING misdirected bounces just like them. Perhaps a large part of your problem receiving those bounces is related to Wanadoo as well.

We use webfusion as a mailserver (I think that's their role), are they to blame here, or is it Orange/Wanadoo as our ISP?

The IP address you supplied (I assume from the error message) is a Wanadoo address. They are allowing misdirected bounces to be sent from that server.

I am really after a way of working around this & try & find a solution, before more contacts become non-contactable. I'm no IT expert, just trying to muddle through while I make a living from selling wine.

A work around is to get the receiving party to whitelist your address. That is, you are asking them to accept your messages and maybe all the other junk coming from your mail server. It is their right to say no. Then your only workaround is to find another way to send your email.
Posted

You receiving misdirected bounces at a catch all is NOT related to your IP address being listed. If wanadoo used a catch-all, they would not have this problem. The listing is because the server you listed (193.252.22.157 and maybe others) is SENDING misdirected bounces just like them. Perhaps a large part of your problem receiving those bounces is related to Wanadoo as well.

The IP address you supplied (I assume from the error message) is a Wanadoo address. They are allowing misdirected bounces to be sent from that server.

A work around is to get the receiving party to whitelist your address. That is, you are asking them to accept your messages and maybe all the other junk coming from your mail server. It is their right to say no. Then your only workaround is to find another way to send your email.

I realise the first two points, no worries there (apart from the fact it is happening). I've tried the latter with one contact who says they cannot (or maybe will not) & another contact is trying to do just that, though whether they will when they realise what other junk they will get I don't know.

It appears as though my best bet is to get all mail out through a different server.

Posted
It appears as though my best bet is to get all mail out through a different server.
Yes, and to reiterate the point, you don't want it being transmitted directly from your PC to the receiving servers of your recipients. The reason to have your ISP make an exception to outbound SMTP blocking would be if your webhost offers you access to their SMTP services and they can't offer you an alternate port. In many cases, an alternate port, such as 9925, can be used.

DT

Posted

I am not certain if this is the correct forum to post in but my emails have been bouncing for a while now, ever since one of the ISP Wanadoo/Orange servers was added to the SpamCop blacklist. All my emails bounce straight back with the message:

"591 Your host [193.252.22.156] is blacklisted by bl.spamcop.net;

NOW PLEASE GO TO http://noc.zenon.net/rbl/ (in reply to RCPT TO command)"

I have checked at the webpage and the server is indeed blocked:

http://noc.zenon.net/pcgi/rbls-lookup.pl?IP=193.252.22.156

http://noc.zenon.net/pcgi/rbls-lookup.pl?IP=193.252.22.157

I also found an entry on the topic, titled 'Mail blocking blacklists', at this webpage if that is of any use:

http://technology.guardian.co.uk/weekly/st...1694488,00.html

I have emailed Orange/Wanadoo and Spamblock, without responce as yet, but just wanted to know if there was something else I should do to resolve this issue or someone I would need to contact? I really need to be able to send emails again as I rely on being able to stay in contact for my work.

Thank you.

Moderator Edit: merged this "new" post into an existing Topic/Discussion on the same subject, same IP address. PM not sent as the poster was "already here"

Posted
I am not certain if this is the correct forum to post in but my emails have been bouncing for a while now, ever since one of the ISP Wanadoo/Orange servers was added to the SpamCop blacklist. All my emails bounce straight back

The word "all" is a bit extreme technically. SpamCop.net cannot block "any" of your e-mail .. any 'blocking action' would be done at a receiving ISP that chose to use the SpamCopDNSBL data in a blocking fashion, which is not a 100% scenario. All e-mail to that ISP, OK, it gets blocked. E-mail sent somewhere else, it's hard to say what happens, but ....

"591 Your host [193.252.22.156] is blacklisted by bl.spamcop.net;

NOW PLEASE GO TO http://noc.zenon.net/rbl/ (in reply to RCPT TO command)"

I have checked at the webpage and the server is indeed blocked:

http://noc.zenon.net/pcgi/rbls-lookup.pl?IP=193.252.22.156

http://noc.zenon.net/pcgi/rbls-lookup.pl?IP=193.252.22.157

Seems odd to cite the SpamCopDNSBL but send folks to some other page to check status ..????

I also found an entry on the topic, titled 'Mail blocking blacklists', at this webpage if that is of any use:

http://technology.guardian.co.uk/weekly/st...1694488,00.html

The question is, have you read / looked at the SpamCop.net FAQ 'here' ?????

I have emailed Orange/Wanadoo and Spamblock, without responce as yet, but just wanted to know if there was something else I should do to resolve this issue or someone I would need to contact? I really need to be able to send emails again as I rely on being able to stay in contact for my work.

See the data in the Topic this post was merged into, the countless other discussions that have preceded this one, the SpamCop.net FAQ, on and on ....

Posted

The link you should have been provided with: http://www.spamcop.net/bl.shtml?193.252.22.156

193.252.22.156 listed in bl.spamcop.net (127.0.0.2)

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 23 hours.

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam about 200 times in the past week

It appears this listing is caused by misdirected bounces. We have a FAQ which covers this topic: Why auto-responses are bad (Misdirected bounces). Please read this FAQ and heed the advice contained in it.

Posted
The link you should have been provided with ...
Noting there is a link on the Zenon.Net/Зенон Н.С.П. reference but it is not exactly obvious.
... I really need to be able to send emails again as I rely on being able to stay in contact for my work.
We're not SpamCop staff so I hope you won't think it snide if I mention I personally keep this resource list to hand, for any emergency I may encounter - http://www.emailaddresses.com/email_web.htm Unfortunately a certain class of spammers likes using "free services" too - besides which it doesn't look very professional. As I say "For emergency."

A more satisfactory tack (considering urgency) - you may find that some or all of your key contacts can have you whitelisted at their end.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...