starslab Posted November 30, 2006 Share Posted November 30, 2006 Hello, I'm currently evaluating a new MSP, and was quite concerned when an email we sent yesterday bounced.... At the time, http://www.spamcop.net/w3m?action=checkblo...;ip=64.38.46.42 stated the IP was blacklisted, and that In the past 77.7 days, it has been listed 5 times for a total of 3.2 days So I sent an email to the MSP, who says the page indicates there is no problem. This really should be fixed. The page should state that there is no problem right now, and should also include the blocking statistic so it can be seen that there was a problem, even if there isn't one now. Can someone provide me a history of that address and why it has been blocked? I'd like to help my MSP understand why he's being blocked, and see if he fixes it. If not, i'm off to search for a new MSP. - Andrew Link to comment Share on other sites More sharing options...
StevenUnderwood Posted November 30, 2006 Share Posted November 30, 2006 Can someone provide me a history of that address and why it has been blocked? I'd like to help my MSP understand why he's being blocked, and see if he fixes it. If not, i'm off to search for a new MSP. Only a deputy can provide that kind of history, and likely only to an administrator of that IP address. What likely happened is that the address came off the list by the time the support people looked at it. What should be fixed is that they keep getting listed. That is not a good start to your relationship. Information I can pass along, which is available to paid reporters are some of the reports sent to that ISP about that IP address in the last 30 days. With this few reports, those listings are likely due to emails hitting spamtrap addresses. The reason stated on the page you saw is just as important as how many times being listed. Report History: -------------------------------------------------------------------------------- Submitted: Wednesday, November 29, 2006 2:58:28 AM -0500: Important Holiday Message 2040275787 ( 64.38.46.42 ) To: spamcop[at]imaphost.com 2040275786 ( [url="http://www.sensibleholidays.com/uns.php"]http://www.sensibleholidays.com/uns.php[/url] ) To: abuse[at]powersurge.net 2040275785 ( 64.38.46.42 ) To: abuse[at]powersurge.net -------------------------------------------------------------------------------- Submitted: Monday, November 27, 2006 8:30:30 AM -0500: Holiday Schedule News 2037418023 ( 64.38.46.42 ) To: spamcop[at]imaphost.com 2037417994 ( 64.38.46.42 ) To: abuse[at]powersurge.net -------------------------------------------------------------------------------- Submitted: Monday, November 27, 2006 8:18:05 AM -0500: Holiday Schedule News 2037415234 ( 64.38.46.42 ) To: spamcop[at]imaphost.com 2037415207 ( 64.38.46.42 ) To: abuse[at]powersurge.net -------------------------------------------------------------------------------- Submitted: Sunday, November 26, 2006 3:32:13 PM -0500: Semester Scheduling 2036332775 ( [url="http://www.wholesaleseason.com/uns.php"]http://www.wholesaleseason.com/uns.php[/url] ) To: abuse[at]powersurge.net 2036332754 ( 64.38.46.42 ) To: abuse[at]powersurge.net -------------------------------------------------------------------------------- Submitted: Monday, November 06, 2006 6:24:46 AM -0500: Fall Semester Notice 2003990630 ( 64.38.46.42 ) To: abuse[at]powersurge.net -------------------------------------------------------------------------------- Submitted: Saturday, November 04, 2006 9:24:31 PM -0500: Ipod VS Zune 2001665081 ( 64.38.46.42 ) To: spamcop[at]imaphost.com 2001665074 ( [url="http://www.aonservers.com/forum/viewtopic.php?t"]http://www.aonservers.com/forum/viewtopic.php?t[/url]... ) To: abuse[at]powersurge.net 2001665060 ( 64.38.46.42 ) To: abuse[at]powersurge.net Another of their mail servers is currently on sorbs.net blocklist for an open proxy: Address and Port: 64.38.45.210:1080 Record Created: Sun Nov 19 01:00:11 2006 GMT Record Updated: Sun Nov 19 01:00:39 2006 GMT Additional Information: [submitted via corpit.ru] Confirmed open SOCKS v5 proxy: Sun Nov 19 11:00:11 2006 Currently active and flagged to be published in DNS And this server is currently pushing 3408% the volume of email than it normally does: http://www.senderbase.org/search?searchBy=...ring=64.38.56.2 None are currently listed on SpamCop however. If you are still getting a bounce, then it is likely the receiver's error message is incorrect. Link to comment Share on other sites More sharing options...
starslab Posted November 30, 2006 Author Share Posted November 30, 2006 Where is this spamcop[at]imaphost.com and abuse[at]powersurge.net coming from? WHOIS information for that IP reveals abuse[at]fastservers.net dig -x 64.38.46.42 reveals "galaxy.myserverhosts.com" whois myserverhosts.com returns admin[at]myserverhosts.com Reverse DNS suggests the second machine you mention does indeed belong to the same service provider. Between this and that open proxy (Why the hell is there an open SOCKS5 proxy on that machine?), I think I'm looking for a new hosting provider. Thanks for the help. Link to comment Share on other sites More sharing options...
turetzsr Posted November 30, 2006 Share Posted November 30, 2006 Hi, Andrew! Where is this spamcop[at]imaphost.com and abuse[at]powersurge.net coming from? <snip> ...For abuse[at]powersurge.net, navigate to the link you provided in your original post here, then click on the link labeled "Trace IP." spamcop[at]imaphost.com is a third-party interested in the reports (see http://forum.spamcop.net/forums/index.php?...tySourceReport). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.