E-Mail Help

Forum Moderators: phranque

Message Too Old, No Replies

E-Mail Help

Spam lists and how they work

r3ved

6:15 pm on Jun 12, 2003 (gmt 0)

I run my own server and mail server. We have it setup not to accept relay without authentication and as far as I can tell well secured. We do not engage in spamming practices, however we do have an auto reply when someone asks for more information about our site.
The problem is about every 2 months our IP gets added to the spam ban lists. I am starting to wonder if we are being hacked, or if a competitor is adding us to be malicious. It causes a real problem as people will simply stop getting our e-mail. So far I have just been changing the mail server IP every couple of months, but I need a long term solution. If anyone can tell me

1.) How an IP gets added to a spam list.
2.) A good way to find out you have been added (my current method is very slow).
3.) How to get removed or prevent this.

-Thanks

Maxformed

6:45 pm on Jun 12, 2003 (gmt 0)

Going through a similar problem, though we do not have our own server. Our IP block owner had gotten listed for the first two-three portions (i.e., 000.00 or 000.00.000) because of hosting a spammer.

Check [relays.osirusoft.com...] to see if you're listed. You can request a retest, and you'll know who listed you (or your IP block) and why. There's good info there to help you contact people, but it's difficult at best to get whitelisted.

First thing is to check why you are on a blacklist. Then follow all rules by the listers for removal.

It is an ongoing problem.

Romeo

7:46 pm on Jun 12, 2003 (gmt 0)

The following script (by Edward S. Marshall, rblcheck.sourceforge.net) does a quick lookup on some wellknown RBL blacklists:
rblcheck -t -s relays.ordb.org -s relays.osirusoft.com -s dnsbl.njabl.org -s dnsbl.sorbs.net <your-mailserver's-ip-address>

Regards,
R.

bird

8:13 pm on Jun 12, 2003 (gmt 0)

1.) How an IP gets added to a spam list.

Depends on the list. Most will only list you if the maintainers have seen spam actually coming from your box. Since you're talking about getting added every two months or so, I'd suspect that you mean dsbl.org. This is an automatic system that will list you if it receives particularly prepared test messages that have been forwarded to you. It's also one of the few lists where you'll be able to get delisted again on such short order.

2.) A good way to find out you have been added (my current method is very slow).

[dnsstuff.com...]
Try the "Spam database lookup" top center of the page.

3.) How to get removed or prevent this.

Never assume that your system is safe. If you do get added to blocklists repeatedly, then that means that your box forwards spam, plain and simple.
Fix that, and you'll be fine... ;)

mole

10:07 pm on Jun 12, 2003 (gmt 0)

Don't forget that it may not be the mail server that's being exploited by spammers. You need to check that the web server hasn't got any holes like formail.pl which they could get through.

r3ved

12:24 am on Jun 13, 2003 (gmt 0)

Bird, that link was great. I found the problem, someone with an ip XXX.XXX.XX1.XXX is causing a couple of blocks on my ip XXX.XXX.XX2.XXX. Sort of annoying that my IP gets nailed by someone one a different C block. Oh well I sent my emails and now I will have to wait.

Thanks to everyone for the help.

bird

7:05 am on Jun 13, 2003 (gmt 0)

someone with an ip XXX.XXX.XX1.XXX is causing a couple of blocks on my ip XXX.XXX.XX2.XXX.

Sounds like you're using a colocation service which isn't weeding out spammers quickly enough. For you, this means that they are unable to give you the service you need and pay for. You might consider switching to a more reliable company.

E-Mail Help

Spam lists and how they work

r3ved

Maxformed

Romeo

bird

mole

r3ved

bird

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week