Jump to content

blacklisted help!!!


cplogan
 Share

Recommended Posts

We moved to a new exchange server last week. We moved from exchange 2000 to exchange 2003. Our external ip address has stayed the same. # days ago we got blacklisted and I cannot figure out what keeps getting us put on there. I requested removal and we have went 24hours last without spam, but this morning we were back on there for the 3rd time this week. Any help would be appreciated here is one of the bounce emails i get.

on 11/9/2006 9:37 AM

There was a SMTP communication problem with the recipient's email server. Please contact your system administrator.

<tiffinmotorhomes.com #5.5.0 smtp;550 Requested action not taken: cannot accept mail for specified user from host: 66.21.94.98 RBL: bl.spamcop.net>

Link to comment
Share on other sites

Hi!

Query bl.spamcop.net - 66.21.94.98

(Help) (Trace IP) (Senderbase lookup)

66.21.94.98 listed in bl.spamcop.net (127.0.0.2)

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 20 hours.

Causes of listing

  • System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)
  • SpamCop users have reported system as a source of spam less than 10 times in the past week

Additional potential problems

(these factors do not directly result in spamcop listing)

  • System administrator has already delisted this system once

Because of the above problems, express-delisting is not available

Listing History

In the past 2.4 days, it has been listed 3 times for a total of 42 hours

SpamCop v 1.600 Copyright © 1998-2006, IronPort Systems, Inc. All rights reserved.

Parsing input: 66.21.94.98

host 66.21.94.98 = mail.tiffinmotorhomes.com (cached)

host 66.21.94.98 = mail.tiffinmotorhomes.com (cached)

Routing details for 66.21.94.98

[refresh/show] Cached whois for 66.21.94.98 : abuse[at]bellsouth.net

Using abuse net on abuse[at]bellsouth.net

abuse net bellsouth.net = abuse[at]bellsouth.net, thisisspam[at]bellsouth.net

Using best contacts abuse[at]bellsouth.net thisisspam[at]bellsouth.net

Statistics:

66.21.94.98 listed in bl.spamcop.net (127.0.0.2)

More Information..

66.21.94.98 not listed in dnsbl.njabl.org

66.21.94.98 not listed in dnsbl.njabl.org

66.21.94.98 not listed in cbl.abuseat.org

66.21.94.98 not listed in dnsbl.sorbs.net

66.21.94.98 not listed in relays.ordb.org.

Reporting addresses:

abuse[at]bellsouth.net

thisisspam[at]bellsouth.net

...Have you contacted the reporting addresses? They should be receiving e-mails about the reports from SpamCop users. As for the SpamTrap hits, information about those are available only from the SpamCop Deputies (deputies[at]admin.spamcop.net). You will have to satisfy the Deputies that you are the authorized administrator for 66.21.94.98 and even then they will only provide you very limited information.

...As for Exchange, please see SpamCop FAQ (link near top left of page) items labeled "But my Exchange 2000 server is secured against relaying!" and "Outlook & Exchange Solutions Center."

...Good luck!

Link to comment
Share on other sites

...Have you contacted the reporting addresses? They should be receiving e-mails about the reports from SpamCop users. As for the SpamTrap hits, information about those are available only from the SpamCop Deputies (deputies[at]admin.spamcop.net). You will have to satisfy the Deputies that you are the authorized administrator for 66.21.94.98 and even then they will only provide you very limited information.

...As for Exchange, please see SpamCop FAQ (link near top left of page) items labeled "But my Exchange 2000 server is secured against relaying!" and "Outlook & Exchange Solutions Center."

I am trying to ge tin touch with the it person at the place that is bouncing our mail. I would like to ge some info on the reports they are getting. I also have contacted the deputies at spamcop. I have finally managed to get off all of the blacklists but this one. Thanks for your help

Link to comment
Share on other sites

I'm sure someone or something is using your email server to send spam out. Check a local computer perhaps?

We got blacklisted by Spamcop too (by a scri_pt spammer).. anyway we waited 24 hours for the listing to expire because we had already fixed the problem up. Then I suppose someone who left their Spamcop reporting duties a little late decided to report one of the emails in, we got listed for the 2nd time in 48 hours.

Link to comment
Share on other sites

I am trying to ge tin touch with the it person at the place that is bouncing our mail. I would like to ge some info on the reports they are getting.

It is unlikely that they'll have the information you are seeking. The normal approach with blocklists is that they compare the source ip of each message against the blocklist and your ip is currently listed then they drop the message and it is rejected.

The most recent spam message reported is as follows:

Submitted: Thu, 09 Nov 2006 11:16:24 GMT:
lunchtime obduracy

Andrew

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...