Jump to content

I am listed for having many users


sherifd

Recommended Posts

Posted

My SMTP got listed for sending many emails? well I have so many email users, and 2 free signup domains.

We do not send spam, usually sometimes spamcop sends us spam reports and we do contact users to fix this, usually it is a virus on a PC on a LAN.

In the last 2 weeks I did not get any spam reports from spam cop and I got my SMTP listed, and the report says the system has been sending emails consitently since 27 days, well this is because it is an outgoing SMTP.

I hope it can be unlisted ASAP, for the 10 spams sent the last week, I hope I get reports about them, anyway 10 emails in a week for about 50,000 users means we do not send spam!!

Only buisness companies and travel agencies are losing thier emails and complaining either from our side or recipients side. <_<

Posted

Without an IP address to check against, we will not be able to provide much assistance. All of the following is speculation and general information. You can get more infomation by reading the pinned messages at the top of this forum, which are the current equivalent to a FAQ section.

The link you followed which showed "system has been sending emails consitently since 27 days" and "the 10 spams sent the last week" did not happen to mention spamtraps, did it? Also, that status page is no longer real-time thanks to the spammers using that information to their advantage.

Many of the recent listings without reports being sent have been due to messages being sent to the spamtrap addresses, either because of bouncing incoming virus messages to a forged sender address or a virus sending directly to the spamtraps.

There are 2 ways currently that reports do not get sent. The first is the spamtrap accounts and these trip the bl quicker than user reports. The second is the mole reporter account where only a summary of the spam reported is sent, though I do not know the mechanism for that summary to be sent (request, x reports, weekly, etc). It is unlikely but possible that only mole reporters have received/reported spam from your system.

Please supply an IP address or the error message your users are receiving when trying to send messages and we may be able to help more.

Posted

Sorry I forgot to post the address:

http://www.spamcop.net/bl.shtml?217.29.134.11

Here is the info from bl.shtml :

217.29.134.11 listed in bl.spamcop.net (127.0.0.2)

Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 27.7 days. It has been listed for less than 24 hours.

In the past week, this system has:

Been reported as a source of spam less than 10 times

Been witnessed sending mail about 30 times

A sample sent sometime during the 24 hours beginning Monday, March 29, 2004 2:00:00 AM +0200:

Received: from -.-.net (-.-.net [217.29.134.11])-

by -.-.com (-.-.-.-.-) with - id -

for <-[at]-.com>- Mon, 29 Mar 2004 - - (-)-

(- -.-[at]-.com)-

Subject: -

From: a... at ..t.com

A sample sent sometime during the 24 hours beginning Sunday, February 22, 2004 2:00:00 AM +0200:

Received: from -.-.net (217.29.134.11)

by -.-.-.- with - - Feb 2004 - -

Subject: vacancies issue -

From: ad.. at ..om.eg

Posted

I want to get a sample of the spam, and the IP address of the PC that is sending spam, so to disconnect that PC, it probably have a virus, we have many leased lines used by many users.

I do not know how to find which PC in which remote location is making that spam.

Also I did not get any warning msg about this spam activity.

1- Thanks for your help

2- How can I use RBL on my servers so as to protect my users from spam comming from the internet ?

3- I visited http://bl.csma.biz/cgi-bin/listing.cgi?ip=217.29.134.11 and removed my IP

4- I am using a nice anti spam filter that uses baysian spam, it can help protect against spam in addition to RBL, it's address is http://assp.sourcefourge.net

Posted
Also I did not get any warning msg about this spam activity.

According to the spamcop system, reports for that IP should go to:

Parsing input: 217.29.134.11

host 217.29.134.11 = ns1.menanet.net (cached)

Reporting addresses:

emohamed[at]menanet.net

bassel.safwat[at]menanet.net

That is unless the message went to a spamtrap or only mole reporters which as I mentioned above will not send reports.

Posted
Sorry I forgot to post the address:

http://www.spamcop.net/bl.shtml?217.29.134.11

Here is the info from bl.shtml :

217.29.134.11 listed in bl.spamcop.net (127.0.0.2)

Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 27.7 days. It has been listed for less than 24 hours.

In the past week, this system has:

Been reported as a source of spam less than 10 times

Been witnessed sending mail about 30 times

A sample sent sometime during the 24 hours beginning Monday, March 29, 2004 2:00:00 AM +0200:

Received: from -.-.net (-.-.net [217.29.134.11])-

by -.-.com (-.-.-.-.-) with - id -

for <-[at]-.com>- Mon, 29 Mar 2004 - - (-)-

(- -.-[at]-.com)-

Subject: -

From: a... at ..t.com

A sample sent sometime during the 24 hours beginning Sunday, February 22, 2004 2:00:00 AM +0200:

Received: from -.-.net (217.29.134.11)

  by -.-.-.- with - - Feb 2004 - -

Subject: vacancies issue -

From: ad.. at ..om.eg

I believe I just took care of this via email.

Posted

The problem is solved now thank you, and the customer sending spam was disabled for now.

I am now checking why I did not recieve spam reports,

abuse is working but at my domain, menanet.net,

other addresses are ok

I adjusted postmaster, and will adjust tamer gadalla as he left the company. Will see how to change this in RIPE.

Thanks for your co-operation,

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...