Jump to content

Recommended Posts

Posted

Hi All,

I used spamcop many years ago but have forgotten all I once new.  I just attempted to set up a Mailhost and I did receive the three "Account Configuration Emails".  I followed the instructions using the "Paste entire intact email" method.  Everything seemed to work with this part. The Mailhost name now says "antispamcloud.com" which is SpamExperts.  But the Hosts/Domains dropdown has a gazillion List Items and I have no idea which one to choose.  None of them match my MX records.  I pinged "mx.spamexperts.com" (one of my MX records) and then picked the corresponding "Relaying IPsv4" option from the dropdown list.  I also pinged for an IPV6 address but got a "could not find" message.

Anyway, it should be clear that I really don't know what I'm doing here and would appreciate any help you can offer.

Thanks in advance,

JCC

 

Posted
9 hours ago, jccviking said:

But the Hosts/Domains dropdown has a gazillion List Items and I have no idea which one to choose.

Could you post this list while we wait for an expert to come along and explain what's changed?

Posted

Thanks for the response ninth.

I don't know what value this holds but, here's the list of  Hosts/Domains spamcop offers for my email address:

  1. mx97.antispamcloud.com
  2. mx277.antispamcloud.com
  3. mx53.antispamcloud.com
  4. mx110.antispamcloud.com
  5. exchange.spipipe.com
  6. 2a00:b980:3:0:0:523a:35db
  7. mx4.antispamcloud.com
  8. mx303.antispamcloud.com
  9. mx281.antispamcloud.com
  10. mx108.antispamcloud.com
  11. ldex1-mail1.ufi.net.uk
  12. mx7.antispamcloud.com
  13. 2a00:b980:2:0:0:0:0:234
  14. mx17.antispamcloud.com
  15. tcoxdoveback01.telecable.es
  16. mx76.antispamcloud.com
  17. mx100.antispamcloud.com
  18. ksp810-mta1.ufi.net.uk
  19. mtaroutes.com
  20. mx269.antispamcloud.com
  21. mx214.antispamcloud.com
  22. mx166.antispamcloud.com
  23. mx85.antispamcloud.com
  24. mx208.antispamcloud.com
  25. mx11.antispamcloud.com
  26. mx143.antispamcloud.com
  27. ksp810-mailbox1.ufi.net.uk
  28. uk.fi.net.uk
  29. mx126.antispamcloud.com
  30. delivery.mtaroutes.com
  31. 2a00:b981:2::4">2a00:b981:2::4
  32. out4-200.antispamcloucom
  33. mx72.antispamcloud.com
  34. infosphere.spheron1.cuk
  35. ksp810-mail1.uk.fi.net.uk
  36. mx103.antispamcloud.com
  37. mx283.antispamcloud.com
  38. tcoxpostfixin01.telecable.es
  39. mx22.antispamcloud.com
  40. delivery.antispamcloud.com
  41. mx59.antispamcloud.com
  42. mx68.antispamcloud.com
  43. mx116.antispamcloud.com
  44. mx117.antispamcloud.com
  45. mx168.antispamcloud.com
  46. telecable.es
  47. 2a00:b980:2:3:0:0:523a:35db
  48. mx27.antispamcloud.com
  49. antispamcloud.com
  50. mx2.antispamcloud.com
  51. ccs14-mail1.uk.fi.net.uk
  52. mx10.antispamcloud.com
  53. ldex1-mail1-alt.uk.fi.net.uk
  54. mx218.antispamcloud.com
  55. mx20.freethought-internet.co.uk
  56. mx311.antispamcloud.com
  57. mx9.antispamcloud.com

Thanks,

JCC

 

Posted (edited)

ok, I'm no xprt on mailhosts since I don't use them anyway, but do you have one of those on your list that matches one in your Received: lines when you look at the raw email headers? go from the top down and use the email that you received from SC... that's at least what I would do ...
edit: from top down meaning the Received: lines, not the list ;)

HTH

Edited by RobiBue
Posted

Hi RobiBue,

Thanks for the suggestion.

Full disclosure, I'm not really clear on what the Mailhost configuration does.  The help blurb said is it's to "Minimize self-reporting accidents by identifying your e-mail host(s) to the Parser."

In any case, per your suggestion, I examined the header from the SpamCop messages and did, indeed, find a match.  In the capture below, the second "Received: from" block says "by mx277.antispamcloud.com" which was in the list.  I selected it.

However, I looked at the headers from all emails I've received from SpamCop thus far and the second "Received: from" is different on every one.  But, the first "Received: from" block is the same on every one.  Granted, the sampling is pretty small (five emails thus far).  While "out8.antispamcloud.com" is NOT among the items in the Host/Domains: dropdown, the IP address IS among those in "Relaying IPsv4:" so I selected it.

Again, I really don't know what I'm doing but, a little more documentation from SpamCop would certainly be helpful.

JCC

************************************

Return-Path: <noreply@forum.spamcop.net>
Received: from out8.antispamcloud.com (out8.antispamcloud.com [46.165.223.16]) by SM14.internetmailserver.net with SMTP
    (version=TLS\Tls12
    cipher=Aes256 bits=256);
   Sun, 5 Nov 2023 12:15:13 -0800
Received: from ec2-3-89-228-223.compute-1.amazonaws.com ([3.89.228.223] helo=ip-172-31-12-230.ec2.internal)
    by mx277.antispamcloud.com with esmtp (Exim 4.92)
    (envelope-from <noreply@forum.spamcop.net>)
    id 1qzjWT-00ClR1-9O
    for ****; Sun, 05 Nov 2023 21:15:10 +0100
Received: from localhost (localhost [127.0.0.1])
    by ip-172-31-12-230.ec2.internal (Postfix) with ESMTP id DF7709ACC42
    for <****>; Sun,  5 Nov 2023 19:55:36 +0000 (UTC)
 

 

Posted

I wish I could help you there, as I have really no idea how it works or is supposed to work (well, I do have an idea on the latter, but not specifics.)

anyhoo, that said, I noticed in your list a plain antispamcloud.com (49.) which puts me to thinking if that's a catch-all of your possible MXs... just thinking out loud here... hoping that an expert in this matter could chime in soon...

Posted

Hi ninth,

I decided to discontinue my use of SpamExperts (lots of reasons) and switched my MX records back to hosting service.  Same scenario though when I registered my regular host as a Mailhost:  Lots of values in the "Hosts/Domains" and "Relaying IPsv4" dropdowns and no idea which one to pick.

There are multiple accounts with my my own domain but, the all use the same host so, I don't think I need to add individual Mailhost records for them.

I also have a Gmail account and an iCloud account.  The Gmail account added ok (except for the usual "lots of values in the dropdowns") but I got errors when I pasted the "confirmation" emails for iCloud.  On the error page, SpamCop presented a "now go here" URL but, it was a bad link.

I get the sense SpamCop has been neglected for a while.  Wonder why?

Posted

SpamCop has been around for decades (2½ IIRC) and at the beginning, along with n.a.n.a.e and the different abuse desks at the serious ISPs it was a delight when spammers would face either whacking with a clue-by-four or even charged criminally in court, but now providers don't take it seriously anymore, probably due to the lack of manpower and the increased automatization of their systems. besides, since CISCO took over, their main cyber product is talos which takes preference and SC is only a minor side-toy (at least that's the way I see it) that allows users to report spam (if it helps, good, if it doesn't, not much lost) to propagate abusing MXs into blocklists
If someone with more knowledge behind the scenes would like to correct my stance I would greatly appreciate it if I'm wrong, but with an explanation ;)

Every now and then SC does get an "update"  but a lot, as you say, has been neglected...

Posted

Thanks for your astute insights RobiBue.

Here's the full story as to why I returned to SpamCop after many years.  A couple of weeks a go, my email started getting rejected by three different recipients.  I chased my tail for a while because emails sent from one account were getting rejected and those sent from another (same domain) were not.  Turns out, my hosting service uses two gateways to send my email and the selection is based on load.  One of those gateways had been flagged as a bad guy so sometimes an email would get through and sometimes not (depending on which gateway sent it).  But it would take two full days for me to receive the Undelivered Notice.  It took me way too long to figure out what was wrong.

My hosting company says their gateway was wrongly flagged and also said disparaging things about CloudMark (the company that did the flagging).  During the conversation, they mentioned that SpamCop was one of the good guys.  That's what prompted me to again start reporting spam to SpamCop.

So, to quote the late great Paul Harvey: Now you know [insert pause] the rest of the story.

Posted
On 11/9/2023 at 7:54 AM, jccviking said:

I get the sense SpamCop has been neglected for a while.  Wonder why?

The numbers don't lie:

Spamcop Statistics
Average spam: 1.2 per second, Max spam: 5.7 per second, Total reported (last 24 hours): 104502

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...