Black Tiger Posted November 19, 2008 Share Posted November 19, 2008 I just got mail from the following domains a couple of minutes ago: businessCompleet (dot) nl e.vistaprint (dot) com sat-television (dot) com vbulletin (dot) org Mailwasher stated them (status row) as being blacklisted. When pointing with the mouse on them, the name RBL Spamcop came up. However, I checked the ip adresses of these domains with the checkblock option on the Spamcop site, the adresses are not listed (and they should not be listed). Is this a false positive of Mailwasher pro (never seen a false positive before) or does the list check not work 100% the same as Mailwasher? Unfortunately I already deleted the mails except the one from businesscompleet, but I can't find any strange things in the header, also checked ip adres and sender base. Anybody any clue why Mailwasher (5.3) reported them as being present on the Spamcop blacklist? Link to comment Share on other sites More sharing options...
Miss Betsy Posted November 19, 2008 Share Posted November 19, 2008 This is just a wild guess because I don't really know the technical details. The reason could be that the websites had just aged off the spamcop blocklist and that your Mailwasher was using a mirrored version that hadn't updated yet or some other version of not being updated - such as how often Mailwasher checks. I don't know how much you know about spamcop, but the blocklist is automatic - no spam reported and the IP address drops off the list. Miss Betsy Link to comment Share on other sites More sharing options...
Farelf Posted November 19, 2008 Share Posted November 19, 2008 ...Mailwasher stated them (status row) as being blacklisted. When pointing with the mouse on them, the name RBL Spamcop came up. ...My knowledge of Mailwasher is second-hand but, as you realize, MW talks about domains and SC talks about IP addresses. And the reason MW's phony bounce facility is utterly reviled in these precincts is because the From: or Reply to: addresses in spam are almost always forged so the distraught recipient of such bounces (if used for spam) is an innocent 3rd party. Putting it all together, I suspect MW is not telling you the IP addresses that the Block List feature is actually blocking on. So when you pull up the address of the forged domain, you are naturally getting no correspondence with the SCbl. Just a stab in the dark. If you get a free reporting account you can actually see the details of all this stuff. Not a bad way to learn how to read headers, which is the only way to be reasonably sure of the actual origins of the spam (they sometimes forge parts of the relays/hand-on section of the headers too but SC almost always detects that as well). Link to comment Share on other sites More sharing options...
Wazoo Posted November 19, 2008 Share Posted November 19, 2008 I just got mail from the following domains a couple of minutes ago: businessCompleet (dot) nl e.vistaprint (dot) com sat-television (dot) com vbulletin (dot) org Mailwasher stated them (status row) as being blacklisted. When pointing with the mouse on them, the name RBL Spamcop came up. That description seems to imply that something is wrong with MailWasher. The SpamCopDNSBL has nothing to do with Domain names. Perhaps you'd get something more definite by asking over on the MailWasher support venues? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.