jccviking Posted November 4, 2023 Posted November 4, 2023 Hi All, I used spamcop many years ago but have forgotten all I once new. I just attempted to set up a Mailhost and I did receive the three "Account Configuration Emails". I followed the instructions using the "Paste entire intact email" method. Everything seemed to work with this part. The Mailhost name now says "antispamcloud.com" which is SpamExperts. But the Hosts/Domains dropdown has a gazillion List Items and I have no idea which one to choose. None of them match my MX records. I pinged "mx.spamexperts.com" (one of my MX records) and then picked the corresponding "Relaying IPsv4" option from the dropdown list. I also pinged for an IPV6 address but got a "could not find" message. Anyway, it should be clear that I really don't know what I'm doing here and would appreciate any help you can offer. Thanks in advance, JCC Quote
ninth Posted November 5, 2023 Posted November 5, 2023 9 hours ago, jccviking said: But the Hosts/Domains dropdown has a gazillion List Items and I have no idea which one to choose. Could you post this list while we wait for an expert to come along and explain what's changed? Quote
jccviking Posted November 5, 2023 Author Posted November 5, 2023 Thanks for the response ninth. I don't know what value this holds but, here's the list of Hosts/Domains spamcop offers for my email address: mx97.antispamcloud.com mx277.antispamcloud.com mx53.antispamcloud.com mx110.antispamcloud.com exchange.spipipe.com 2a00:b980:3:0:0:523a:35db mx4.antispamcloud.com mx303.antispamcloud.com mx281.antispamcloud.com mx108.antispamcloud.com ldex1-mail1.ufi.net.uk mx7.antispamcloud.com 2a00:b980:2:0:0:0:0:234 mx17.antispamcloud.com tcoxdoveback01.telecable.es mx76.antispamcloud.com mx100.antispamcloud.com ksp810-mta1.ufi.net.uk mtaroutes.com mx269.antispamcloud.com mx214.antispamcloud.com mx166.antispamcloud.com mx85.antispamcloud.com mx208.antispamcloud.com mx11.antispamcloud.com mx143.antispamcloud.com ksp810-mailbox1.ufi.net.uk uk.fi.net.uk mx126.antispamcloud.com delivery.mtaroutes.com 2a00:b981:2::4">2a00:b981:2::4 out4-200.antispamcloucom mx72.antispamcloud.com infosphere.spheron1.cuk ksp810-mail1.uk.fi.net.uk mx103.antispamcloud.com mx283.antispamcloud.com tcoxpostfixin01.telecable.es mx22.antispamcloud.com delivery.antispamcloud.com mx59.antispamcloud.com mx68.antispamcloud.com mx116.antispamcloud.com mx117.antispamcloud.com mx168.antispamcloud.com telecable.es 2a00:b980:2:3:0:0:523a:35db mx27.antispamcloud.com antispamcloud.com mx2.antispamcloud.com ccs14-mail1.uk.fi.net.uk mx10.antispamcloud.com ldex1-mail1-alt.uk.fi.net.uk mx218.antispamcloud.com mx20.freethought-internet.co.uk mx311.antispamcloud.com mx9.antispamcloud.com Thanks, JCC Quote
RobiBue Posted November 5, 2023 Posted November 5, 2023 (edited) ok, I'm no xprt on mailhosts since I don't use them anyway, but do you have one of those on your list that matches one in your Received: lines when you look at the raw email headers? go from the top down and use the email that you received from SC... that's at least what I would do ... edit: from top down meaning the Received: lines, not the list HTH Edited November 5, 2023 by RobiBue Quote
jccviking Posted November 5, 2023 Author Posted November 5, 2023 Hi RobiBue, Thanks for the suggestion. Full disclosure, I'm not really clear on what the Mailhost configuration does. The help blurb said is it's to "Minimize self-reporting accidents by identifying your e-mail host(s) to the Parser." In any case, per your suggestion, I examined the header from the SpamCop messages and did, indeed, find a match. In the capture below, the second "Received: from" block says "by mx277.antispamcloud.com" which was in the list. I selected it. However, I looked at the headers from all emails I've received from SpamCop thus far and the second "Received: from" is different on every one. But, the first "Received: from" block is the same on every one. Granted, the sampling is pretty small (five emails thus far). While "out8.antispamcloud.com" is NOT among the items in the Host/Domains: dropdown, the IP address IS among those in "Relaying IPsv4:" so I selected it. Again, I really don't know what I'm doing but, a little more documentation from SpamCop would certainly be helpful. JCC ************************************ Return-Path: <noreply@forum.spamcop.net> Received: from out8.antispamcloud.com (out8.antispamcloud.com [46.165.223.16]) by SM14.internetmailserver.net with SMTP (version=TLS\Tls12 cipher=Aes256 bits=256); Sun, 5 Nov 2023 12:15:13 -0800 Received: from ec2-3-89-228-223.compute-1.amazonaws.com ([3.89.228.223] helo=ip-172-31-12-230.ec2.internal) by mx277.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <noreply@forum.spamcop.net>) id 1qzjWT-00ClR1-9O for ****; Sun, 05 Nov 2023 21:15:10 +0100 Received: from localhost (localhost [127.0.0.1]) by ip-172-31-12-230.ec2.internal (Postfix) with ESMTP id DF7709ACC42 for <****>; Sun, 5 Nov 2023 19:55:36 +0000 (UTC) Quote
RobiBue Posted November 8, 2023 Posted November 8, 2023 I wish I could help you there, as I have really no idea how it works or is supposed to work (well, I do have an idea on the latter, but not specifics.) anyhoo, that said, I noticed in your list a plain antispamcloud.com (49.) which puts me to thinking if that's a catch-all of your possible MXs... just thinking out loud here... hoping that an expert in this matter could chime in soon... Quote
jccviking Posted November 8, 2023 Author Posted November 8, 2023 Thanks RobiBue, for your attentiveness. I guess, as you say, I just need to cool my heels until an expert chimes in. JCC Quote
ninth Posted November 8, 2023 Posted November 8, 2023 Nobody home but us chickens...you could try to register your email account to report individual spam or are there too many of the suckers? Quote
jccviking Posted November 8, 2023 Author Posted November 8, 2023 Hi ninth, I decided to discontinue my use of SpamExperts (lots of reasons) and switched my MX records back to hosting service. Same scenario though when I registered my regular host as a Mailhost: Lots of values in the "Hosts/Domains" and "Relaying IPsv4" dropdowns and no idea which one to pick. There are multiple accounts with my my own domain but, the all use the same host so, I don't think I need to add individual Mailhost records for them. I also have a Gmail account and an iCloud account. The Gmail account added ok (except for the usual "lots of values in the dropdowns") but I got errors when I pasted the "confirmation" emails for iCloud. On the error page, SpamCop presented a "now go here" URL but, it was a bad link. I get the sense SpamCop has been neglected for a while. Wonder why? Quote
RobiBue Posted November 9, 2023 Posted November 9, 2023 SpamCop has been around for decades (2½ IIRC) and at the beginning, along with n.a.n.a.e and the different abuse desks at the serious ISPs it was a delight when spammers would face either whacking with a clue-by-four or even charged criminally in court, but now providers don't take it seriously anymore, probably due to the lack of manpower and the increased automatization of their systems. besides, since CISCO took over, their main cyber product is talos which takes preference and SC is only a minor side-toy (at least that's the way I see it) that allows users to report spam (if it helps, good, if it doesn't, not much lost) to propagate abusing MXs into blocklists If someone with more knowledge behind the scenes would like to correct my stance I would greatly appreciate it if I'm wrong, but with an explanation Every now and then SC does get an "update" but a lot, as you say, has been neglected... Quote
jccviking Posted November 9, 2023 Author Posted November 9, 2023 Thanks for your astute insights RobiBue. Here's the full story as to why I returned to SpamCop after many years. A couple of weeks a go, my email started getting rejected by three different recipients. I chased my tail for a while because emails sent from one account were getting rejected and those sent from another (same domain) were not. Turns out, my hosting service uses two gateways to send my email and the selection is based on load. One of those gateways had been flagged as a bad guy so sometimes an email would get through and sometimes not (depending on which gateway sent it). But it would take two full days for me to receive the Undelivered Notice. It took me way too long to figure out what was wrong. My hosting company says their gateway was wrongly flagged and also said disparaging things about CloudMark (the company that did the flagging). During the conversation, they mentioned that SpamCop was one of the good guys. That's what prompted me to again start reporting spam to SpamCop. So, to quote the late great Paul Harvey: Now you know [insert pause] the rest of the story. Quote
ninth Posted November 12, 2023 Posted November 12, 2023 On 11/9/2023 at 7:54 AM, jccviking said: I get the sense SpamCop has been neglected for a while. Wonder why? The numbers don't lie: Spamcop Statistics Average spam: 1.2 per second, Max spam: 5.7 per second, Total reported (last 24 hours): 104502 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.