Jump to content

This is not my IP, My Domain must be blocked


Recommended Posts

I send out a lot of emails, and had a lot of trouble with them being blocked by spam cop.

I was told by you that my email server had me on a shared IP and it was one of the other mailers.

They (my email server) changed me to my own IP. I keep getting errors like this:

(reason: 550 5.7.1 <lagle[at]nacs.net>... Mail Probable spam - blocked. <art[at]gamble-america.com> For help Go To: http://spamcop.net/w3m?action=checkblock&ip=209.216.203.28)

The problem is that 209.216.203.28 is my OLD ip, I now have a different one.

Here is what I heard back from my email provider

Art,

I do not have a solid answer for you just yet. We have determined that those Spamcop messages you got are not from us, they are coming from the people's servers you are sending to. The big question is why Spamcop thinks gamble-america.com is 209.216.203.28 instead of its new IP, 209.216.205.82. I would like to talk to our head administrator here about this, but he isn't in until Monday. Sorry for the delay, but we are really scratching our heads on this one. I will send you another message on Monday after I talk with Brandon. You might also try asking Spamcop why they are incorrectly registering gamble-america.com as 209.216.203.28. Anyways, I will send you another mail on Monday with the progress

This is really hurting my business. Can you tell me what I have to do. My IP address is now 209.216.205.82. There should be no problem with that.

It must be my domain Gamble-America.com that is giving the problem. There has NEVER been a complaint about me. Everybody on my email list has ASKED to get my specials.

Thanks,

Art Nittskoff

Gamble America

440 498-2100

Link to comment
Share on other sites

Parsing input: 209.216.203.28

host 209.216.203.28 = virt8r.secure-wi.com (cached)

Reporting addresses:

abuse[at]adnc.com

Parsing input: 209.216.205.82

host 209.216.205.82 (getting name) = gamble-america.com.

Reporting addresses:

abuse[at]adnc.com

First item up for discussion might be one of a thing called DNS propogation? .. You've not mentioned the timeframe involved.

Link to comment
Share on other sites

Art,

Thanks for writing.

Are you sure that your (or someone else's) email isn't still going out through 209.216.203.28 (now named virt8r.secure-wi.com but still running a Sendmail 8.11.6/8.11.6 mailserver)?

This link shows the following in part:

Query bl.spamcop.net - 209.216.203.28

209.216.203.28 is virt8r.secure-wi.com

209.216.203.28 not listed in bl.spamcop.net

Since SpamCop started counting, this system has been reported less than 10 times by less than 10 users. It has been sending mail consistently for at least 153.9 days. In the past 12.1 days, it has been listed 3 times for a total of 4.5 days

In the past week, this system has:

Been reported as a source of spam less than 10 times

Been witnessed sending mail about 40 times

A sample sent sometime during the 24 hours beginning Wednesday 2004/04/07 20:00:00 -0400:

Received:

Subject: outsource your software development work - india - hr

From: ka.. at ..x.com

A sample sent sometime during the 24 hours beginning Wednesday 2004/03/31 19:00:00 -0500:

Received: from - (- -.-.com) (209.216.203.28)

  by -.-.net with - - Apr 2004 - -

Subject: outsource your software development work - india - hr

From: ka.. at ..t.com

A sample sent sometime during the 24 hours beginning Saturday 2004/03/27 19:00:00 -0500:

Received: from  -.-.com (-.-.com [209.216.203.28]) by -.-.-.com (-.-) with - id -203-28- Sun, 28 Mar 2004 - -

Subject: market watch alert -

From: [ non-parseable address suppressed ]

Similarly, this link shows the following in part:

Query bl.spamcop.net - 209.216.205.82

209.216.205.82 is gamble-america.com

209.216.205.82 not listed in bl.spamcop.net

SpamCop has no record of this system

It appears that 209.216.203.28 was not exclusively yours - it was used by all of the customers assigned to Secure - WI's virtual host "8r".

It also appears that abuse[at]gamble-america.com would bounce and that gamble-america.com has no listed phone number, both violations of RFCs with listings pending here.

Link to comment
Share on other sites

All of this is speculation without seeing the headers of the message as it reached the server that issued the block. That information may be included in the bounce. Otherwise, I could setup a test account you could send email to so I could post what the headers look like.

1. For outgoing messages, do you use your own mail server or are you using your ISP's server? I can see your incoming MX are:

gamble-america.com MX preference = 10, mail exchanger = www.gamble-america.com

gamble-america.com nameserver = ns2.hostdns4u.com

gamble-america.com nameserver = ns1.hostdns4u.com

www.gamble-america.com internet address = 209.216.205.82

ns2.hostdns4u.com internet address = 209.126.236.2

ns1.hostdns4u.com internet address = 209.126.235.2

2. If you send your email through your ISP's host or your mail server is using their server to get to the internet, their IP will still be the connecting server. Your server should be connecting directly to the MX server of the recipient.

Link to comment
Share on other sites

[snip]

The big question is why Spamcop thinks gamble-america.com is 209.216.203.28 instead of its new IP, 209.216.205.82.[snip]

SpamCop thinks gamble-america.com is at 209.216.205.82 See

http://www.spamcop.net/sc?track=gamble-america.com and http://www.spamcop.net/w3m?action=checkblock&ip=209.216.205.82 says that the IP is not listed and there is no record of it ever being listed.

Link to comment
Share on other sites

Thanks everone for the replies. I must admit, I really don't understand most of what has been told to me.

Let me start with what I do. I own a travel agency, I send out my last minute specials.

Here is what i do. I have a large (a little over 1,000) people on my email list. I use Outlook Express.

I have these people broken down into 2 groups. When i send an email, I send it to myself, and then list one of the groups as a blind carbon copy.

When i get the email sent to myself, i forward it to the other group.

The company that hots my website is Web Intellects somewhere in California. I am in Ohio.

I really do not understand how email works, I know I send it, hopefully people get it.

Web Intellect has set me up with my own IP (because of all the problems I encountered.) The problem now is that I am still getting some mail blocked, but SUPPOSEDLY, it is not coming from my IP.

I will send a copy of my mail to any address you tell me to. Just let me know.

Also, please let me know how to list my phone number. Every thing I do is above board and I never send spam. Here is all my information.

Art Nittskoff

President of

Gamble America

33536 Aurora Rd

Cleveland, Ohio 44139

440 498-2100 or 800 677-DICE (3423)

Thanks again to everone that took the time to reply!

Thanks,

Art Nittskoff

Gamble America

Art[at]Gamble-America.com

440 498-2100

800 677-DICE (3423)

Link to comment
Share on other sites

It sounds as if you are very conscientious about your mailings. But not knowing much about email, maybe you are doing something you shouldn't and wouldn't if you knew. Have you read the pinned FAQ on "Best Mailing Practices?"

http://forum.spamcop.net/forums/index.php?showtopic=779

Even if it doesn't apply to this problem, if you haven't read these links, you might find some interesting items there.

Hope you get the problems worked out.

Miss Betsy

Link to comment
Share on other sites

Please send a test email to spamtest<at>poboxes.com and I will paste the headers here with any explaination I can come up with. PLease put your handle here (artgamble711) in the subjet so I don't repot it mistakenly.

You could also tell us what the setting in your Outlook Express for SMTP server is.

When you send an email your local machine looks to the server (A) it is configured to use to send that message, usually a mail server for your company or the mail server for your ISP. That server (A) usually checks that you ar authorized to send messges through it, then checks the email addresses for the repicients. For each email address, that server looks to the internet and asks which machine accepts mail for that address and then connects to that server (B) and sends the message. That server (B) holds the message to be picked up by the recipient. Sometimes there are multiple servers between (A) and (B) but they all do the same thing.

Before seeing your headers, I am guessing you are still using your ISP's SMTP server which is on the bl, probably not due to your message but because they have not stopped other spammers from usng the server. We will know more with the headers.

Link to comment
Share on other sites

Thanks everone for the replies. I must admit, I really don't understand most of what has been told to me.

Let me start with what I do. I own a travel agency, I send out my last minute specials.

[snip]

Maybe you should read the articles at MAPS Basic Mailing List Management Guidelines for Preventing Abuse and cluelessmailers.org Best Practices to ensure that you are not spamming some of the recipients on your mailing lists.

Link to comment
Share on other sites

Maybe you should read the articles at MAPS Basic Mailing List Management Guidelines for Preventing Abuse and cluelessmailers.org Best Practices to ensure that you are not spamming some of the recipients on your mailing lists.

Just so there's no confusion, both of these items are addressed in Miss Betsy's pointer to the Pinned item at http://forum.spamcop.net/forums/index.php?showtopic=779

Link to comment
Share on other sites

And I have received it.

If OE on your machine is set to use 209.216.205.82 as it's SMTP server as you mention, it does not appear to be working properly. This message went from your machine on ameritech.net to 209.216.203.28 which is what the original error message stated.

They (my email server) changed me to my own IP.

The listing below shows they did not do what they said they would. You are still sharing a mail server with others who are sending spam with subjects like:

Subject: outsource your software development work - india - hr

Subject: market watch alert -

Unless you a) get them to remove their spammers, B) move your email to another server which does not have spammers, or c) move to a different email provider, you will continue to have problems.

You can present the headers below (munged with x for your address and y and z for my addresses) as evidence to your email provider.

Content-Type:  multipart/alternative; boundary="----=_NextPart_000_007D_01C41F21.706ADD50" 
Date:  Sat, 10 Apr 2004 17:29:54 -0400 [17:29:54 EDT] 
Delivered-To:  z
From:  Art Nittskoff &lt;x&gt; 
MIME-Version:  1.0 
Message-ID:  &lt;008001c41f42$f83b8790$fdd72743[at]art&gt; 
Received:  (qmail 28387 invoked from network); 10 Apr 2004 21:30:15 -0000 
Received:  from unknown (192.168.1.101) 
     by blade6.cesmail.net with QMQP;
     10 Apr 2004 21:30:15 -0000 
Received:  from apollo.netforward.com (HELO a5.netforward.com) (69.56.175.229) 
     by mailgate.cesmail.net with SMTP;
     10 Apr 2004 21:30:15 -0000 
Received:  from virt8r.secure-wi.com (virt8r.secure-wi.com [209.216.203.28]) 
     by a5.netforward.com (8.12.9/8.12.9) with ESMTP id i3ALUFOQ031058 for &lt;y&gt;;
     Sat, 10 Apr 2004 16:30:15 -0500 
Received:  from art (adsl-68-76-120-21.dsl.bcvloh.ameritech.net [68.76.120.21]) (authenticated (0 bits)) 
     by virt8r.secure-wi.com (8.11.6/8.11.6) with ESMTP id i3ALU4316210 for &lt;y&gt;;
     Sat, 10 Apr 2004 14:30:04 -0700
Return-Path:  &lt;x&gt; 
Subject:  artgamble711 (test email) 
To:  y 
X-MSMail-Priority:  Normal 
X-Mailer:  Microsoft Outlook Express 6.00.2800.1158 
X-MimeOLE:  Produced By Microsoft MimeOLE V6.00.2800.1165 
X-Priority:  3 
X-spam-Checker-Version:  SpamAssassin 2.63 (2004-01-11) on blade6 
X-spam-Level:  * 
X-spam-Status:  hits=1.7 tests=CLICK_BELOW,HTML_COMMENT_SAVED_URL, HTML_FONTCOLOR_RED,HTML_FONTCOLOR_UNKNOWN,
     HTML_FONT_BIG,HTML_LINK_CLICK_HERE,HTML_MESSAGE,HTML_TAG_EXISTS_TBODY, LINES_OF_YELLING,
     LINES_OF_YELLING_2,OFFERS_ETC,SAVE_UP_TO version=2.63 
X-SpamCop-Checked:  192.168.1.101 69.56.175.229 209.216.203.28 68.76.120.21  

P.S. This IP is currently NOT on the BL.

Link to comment
Share on other sites

68.76.120.21 is a dynamic IP, many hosts/ISP's will not receive mail from a dynamic IP. Why don't you use the ameritech's email servers?

Dynamic IP's are not trusted by most.

Yes your IP is blocked in:

NJABL Not Just Another Blacklist.: dnsbl.njabl.org -> 127.0.0.3

swbell.net PPPoX DSL Pools -- 1071415970 (Sun Dec 14 16:32:50 2003)

NJABLDYNA NJABL list of dynamic ip spaces: dynablock.njabl.org -> 127.0.0.3

Dynamic/Residential IP range listed by NJABL dynablock - http://njabl.org/dynablock.html

BLARSBL Blars Block List: block.blars.org -> 127.1.0.1

ameritech.net. Dial-Up/Cable/DSL/Home IP Range - Use your providers SMTP Gateway or whitelist your server at: http://moensted.dk/spam/no-more-funn/?addr=68.76.120.21 \

Victoria Chan\

<vkchan[at]kendryl.net> / http://ws.arin.net/cgi-bin/whois.pl?queryinput=N%

UUINTRUDERS local bl at Uppsala University: intruders.docs.uu.se -> 127.0.0.2

And any other prive servers that block dynamic ranges.

Link to comment
Share on other sites

68.76.120.21 is a dynamic IP, many hosts/ISP's will not receive mail from a dynamic IP. Why don't you use the ameritech's email servers?

He is, and that's the IP that has issues (though not listed at SpamCop just now) ...

I'm beginning to wonder if the talk at the start of this thread was some kind of confusion between the poster and the "support" dudes at the ISP ...

Received:  from virt8r.secure-wi.com (virt8r.secure-wi.com [209.216.203.28])

e-mail to Steven shows the same address complained about in the beginning is still being used for outgoing e-mail.

The big question is why Spamcop thinks gamble-america.com is 209.216.203.28 instead of its new IP, 209.216.205.82.

alleged quote from techy at ISP

now questioning the "was" (referencing the e-mail server) and "is" (perhaps the web-site [never actually stated that a web-site was in the conversation, other than the mentioning of the Domain name a number of times])

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...