Please Scroll Down to See Forums Below
napsgear
genezapharmateuticals
domestic-supply
puritysourcelabs
UGL OZ
UGFREAK
napsgeargenezapharmateuticals domestic-supplypuritysourcelabsUGL OZUGFREAK

Getting owned by spamhaus...

M

mountain muscle

New member
Anyone know how the hell to fix this?

Spamhaus is flagging the ip's for any email sent on the company emails.

I get a 553 "

IP Address Lookup


67.1**.75.***is not listed in the SBL

67.1**.75.*** is listed in the PBL, in the following records:

PBL114748

67.1**.75.*** is not listed in the XBL





If the IP you are checking is not in our database, but you are receiving bounce messages saying it is, then it is probable the IP has been removed from our database but DNS servers around the internet have not yet updated. In this case, wait 1-2 hours and the blocking should clear by itself.

This lookup tool is for manual (non-automated) lookups only. Any perceived use of automated tools to access this system will result in firewalling or other countermeasures.

And now Outlook is going all JH1 <read retarded> on me and smtp relays are not working for any accounts.



On another note, how the hell did I become an IT guy? I have been hitting the computer with a pipe wrench and that doesn't seem to help.
 
jh1 said:
Thanks for the JH1 = retarded comments.

1) You prolly should edit your IP out of the post, I would.
2) You should be using Comcast's SMTP servers to resolve this problem.


http://www.comcast.net/help/faq/index.jsp?faq=Email117481
or
[email protected]


Spamhaus has the IP range you are in on a block list because the range is for end users, and they beleive you should use a validated SMTP server provided by your ISP. As above.
Click to expand...


Ok JH, thanks for responding. Our mail server is hosted through godaddy, comcast is my provider. The company emails are the problem. I don't know if having two smtp relays in outlook is the problem or what because I know shit all about this stuff.
 
mountain muscle said:
Ok JH, thanks for responding. Our mail server is hosted through godaddy, comcast is my provider. The company emails are the problem. I don't know if having two smtp relays in outlook is the problem or what because I know shit all about this stuff.
Click to expand...



How many computers are we talking about?

Having two SMTP relays in outlook?

Do you know how to do a screen shot?

Take a screen shot of your outlook setting and PM me with it.
 
PBL is the Policy Block List -- Comcast has TOLD Spamhaus "this is an end-user IP address" and as such your company email has no business coming from that (end-user) IP address.

Hey, it sucked when I couldn't run my email off my home Linux box, but your beef isn't with Spamhaus; it's with Comcast. You want to run a business, it's time to pony up for a commercial account or at least smarthost (set your mailer to relay through) at a machine that is recognized as a real mail server.

Copying to the computer board.
 
digger said:
PBL is the Policy Block List -- Comcast has TOLD Spamhaus "this is an end-user IP address" and as such your company email has no business coming from that (end-user) IP address.

Hey, it sucked when I couldn't run my email off my home Linux box, but your beef isn't with Spamhaus; it's with Comcast. You want to run a business, it's time to pony up for a commercial account or at least smarthost (set your mailer to relay through) at a machine that is recognized as a real mail server.

Copying to the computer board.
Click to expand...


LOL @ Your company email has no businesss coming form that end user IP address.

Show me that RFC. Okay, yeah thanks, doesn't exist.


MM - if you have a Static IP you can request that Spamhaus take your individual IP off the PBL, and they will. But, if you computer or that IP is ever used to propagate SPAM they will reblock you and probably never take you off after that.
 
digger said:
PBL is the Policy Block List -- Comcast has TOLD Spamhaus "this is an end-user IP address" and as such your company email has no business coming from that (end-user) IP address.

Hey, it sucked when I couldn't run my email off my home Linux box, but your beef isn't with Spamhaus; it's with Comcast. You want to run a business, it's time to pony up for a commercial account or at least smarthost (set your mailer to relay through) at a machine that is recognized as a real mail server.

Copying to the computer board.
Click to expand...


Thanks Digger, I thought that relaying through godaddy servers would be considered a "Real mail server". I am still learning how this all works.
 
jh1 said:
LOL @ Your company email has no businesss coming form that end user IP address.

Show me that RFC. Okay, yeah thanks, doesn't exist.


MM - if you have a Static IP you can request that Spamhaus take your individual IP off the PBL, and they will. But, if you computer or that IP is ever used to propagate SPAM they will reblock you and probably never take you off after that.
Click to expand...


Thanks, JH. I'll request and see what happens. The example I sent you is from one ip only, this is happening from 3 different ip's.
 
Phaded said:
what is spamkings?
Click to expand...

An O'Reilly (nerd central!) book about the history of spam on the net.

The word for today is Policy, JH1. The odds are 90%+ that stuff that comes to you direct from a cable modem is PC-virus driven crap. Spamhaus told folks that if they are hosting zombie Windows PCs they can mitigate the harm by telling Spamhaus what IP ranges they own that should NOT be sending mail, rather than having Spamhaus guess -- and Comcast took them up on that as a matter of company policy.

No skin off my nose as long as they don't block port 587 between me and my server... or port 22. (Yeah, I know... "When they came for the bot herders, I wasn't a bot herder....") It still sucks, but Windows blows, and something had to be done.

MM, nagging Spamhaus isn't going to do you any good. You need to get your mail routed consistently through a machine somewhere that has a static address. It shouldn't cost you an arm and a leg to do that, either. If it stops being fun to try, offer to buy someone on Craigslist a pizza and a brew.
 
digger said:
An O'Reilly (nerd central!) book about the history of spam on the net.

The word for today is Policy, JH1. The odds are 90%+ that stuff that comes to you direct from a cable modem is PC-virus driven crap. Spamhaus told folks that if they are hosting zombie Windows PCs they can mitigate the harm by telling Spamhaus what IP ranges they own that should NOT be sending mail, rather than having Spamhaus guess -- and Comcast took them up on that as a matter of company policy.

No skin off my nose as long as they don't block port 587 between me and my server... or port 22. (Yeah, I know... "When they came for the bot herders, I wasn't a bot herder....") It still sucks, but Windows blows, and something had to be done.

MM, nagging Spamhaus isn't going to do you any good. You need to get your mail routed consistently through a machine somewhere that has a static address. It shouldn't cost you an arm and a leg to do that, either. If it stops being fun to try, offer to buy someone on Craigslist a pizza and a brew.
Click to expand...


Neither Spamhaus or Comcast set the POLICY of other ISPs and private SMTP server admins around the world. Those private entities decide for themselves wether or not to accept traffic from SMTP servers listed on the PBL from spamhaus.

There is no internet wide policy that prohibts me from sending out my email from my own private SMTP servers wether I have a DHCP address, a end user connection - or a DS3. Even my addresses on a DS3 could be on a block list of Spamhaus's.

Who are you to say he has 'NO BUSINESS' sending out email directly from that address simply because it's a end user subscription line? WTF? You don't own the Internet.


And LOL @ Windows Blows....

No. End users that don't know how to protect and patch their machines are what 'BLOWS' about the scenario. Guarateed that if they were all running Ubuntu - due to the sheer volume of machines, and the fact that end users are not equiped to protect them - there would be just as many Ubuntu bots as there are Windows Bots. I know it's convienent & fun to blame Microsoft, but it's total nonsense.
 
jh1 said:
Neither Spamhaus or Comcast set the POLICY of other ISPs and private SMTP server admins around the world. Those private entities decide for themselves wether or not to accept traffic from SMTP servers listed on the PBL from spamhaus.
Click to expand...
Exactly. You going to go to them one by one and tell them "Hey, you ought to make an extra-special exception for my buddy"?

I respect people who take principled stands, honest... I also get ticked with dreamers and idealists who think that the world should cater to them, like the EFF saying we should all just opt-out of spam.

If MM wants to get his company's email to someone who has chosen to use Spamhaus, he has a problem. Let's give him the short answer to that, okay?
There is no internet wide policy that prohibts me from sending out my email from my own private SMTP servers wether I have a DHCP address, a end user connection - or a DS3.
Click to expand...
That's true. "I can summon demons from the vasty deep," too. If you lie down with dogs (cable modem consumers) your mail is generally going to be treated as though it has fleas.

People have ignored the first half of Postel's Law ("Be conservative in what you send") for so long that it's naive to invoke the second part ("Be liberal in what you accept").
Even my addresses on a DS3 could be on a block list of Spamhaus's.
Click to expand...
Well, maybe, especially if you buy it from someone who is too arrogant (or out of touch) to bother telling Spamhaus explicitly whether it's static or dynamic, and super-especially if they have a clueless rDNS naming scheme. Spamhaus offered to use the PBL so big networks would have a way to avoid the uncertainty and guesswork; that's a good thing.

Who are you to say he has 'NO BUSINESS' sending out email directly from that address simply because it's a end user subscription line? WTF? You don't own the Internet.
Click to expand...
I'll be the first to say that's a good thing, too. So? You don't own Comcast. You also don't own the site that has chosen to use Spamhaus to keep from drowning under bot-spam. You going to build them a mailserver than can stand up under the load of processing all the spam being generated by every owned machine on Comcast? and eat the cost of building it?
And LOL @ Windows Blows....
Click to expand...
:whatever: I first heard the argument that "Macs are just unpopular" from the not-terribly-bright daughter of a local PC shop, and I was not impressed by it then or now. The back of my envelope says that if Mac owned 90% of the market, the infection rate would be roughly one-sixth of what it currently is, enough for herd immunity to really kick in. Macs and Linux are harder targets as well as smaller ones.

None of this is relevant to Mountain Muscle's immediate problem, you know?
 
I appreciate the help guys.

Sounds like basically the problem is with Comcast.

The emails from our manufacturing plant in N.D. are delivered just fine, but the isp there is not comcast.

If I call comcast and get a static ip will that work as long it the ip is not flagged by spamhaus?

What I don't understand is why there is a problem if the smtp relay is set through godaddy servers?
 
mountain muscle said:
What I don't understand is why there is a problem if the smtp relay is set through godaddy servers?
Click to expand...

My guess is "it isn't."

You need to revisit the individual PCs and recheck their SMTP settings.
 
I know JH mentioned this earlier, but I just found this.

If I change my smtp settings to comcast for the company accounts maybe that will resolve this. Knowing comcast, the bastards will probably try to charge me for doing so though.

Slowly figuring this out, I am on the IT short bus still.



Ref: PBL114748

is listed on the Policy Block List (PBL)


--------------------------------------------------------------------------------

Outbound Email Policy of Comcast for this IP range:

Email sent by Comcast subscribers using a mail program such as Outlook Express are required to send the email through Comcast. To insure your mail program is properly configured, please visit http://www.comcast.net/help/faq/index.jsp?faq=Email117481. If you are a Comcast Commercial Services customer and need support, please contact [email protected]
 
now i know why our it guy is grouchy all the time--besides people like me asking him to recover a document i lost 4 years ago
 
I used to have a similar problem because our mail server was on a DSL line. Earthstink used to flag us. A T-1 fixed that with the quickness.
 
Dial_tone said:
I used to have a similar problem because our mail server was on a DSL line. Earthstink used to flag us. A T-1 fixed that with the quickness.
Click to expand...

There he is.

A t-1 at 3 locations is just silly when 2 of them are basically home lines.

will a static ip fix the problem?
 
mountain muscle said:
There he is.

A t-1 at 3 locations is just silly when 2 of them are basically home lines.

will a static ip fix the problem?
Click to expand...
It will but what you really need is control over the reverse dns. In our case:

forward dns was 67.82.182.185 (not our real IP) resolved to mail.mycompany.com

but reverse dns resolved to blah.home.dsl.blah.sbc.com instead of mail.mycompany.com. Thats a big problem because it means your mail is not really who it says it is.
 
Dial_tone said:
It will but what you really need is control over the reverse dns. In our case:

forward dns was 67.82.182.185 (not our real IP) resolved to mail.mycompany.com

but reverse dns resolved to blah.home.dsl.blah.sbc.com instead of mail.mycompany.com. Thats a big problem because it means your mail is not really who it says it is.
Click to expand...

I know I need to get rdns set up. Hopefully they won't charge me extra.

Thank you DT for your help.
 
mountain muscle said:
I know I need to get rdns set up. Hopefully they won't charge me extra.

Thank you DT for your help.
Click to expand...


Reverse DNS isn't going to solve your specific problem - you are on the PBL that's what your issue is.

you have to use smtp.comcast.com as your SMTP relay to fix this.
 
jh1 said:
Reverse DNS isn't going to solve your specific problem - you are on the PBL that's what your issue is.

you have to use smtp.comcast.com as your SMTP relay to fix this.
Click to expand...

tried that brother, and it didn't work.
 
You could just contact them and explain your problem. I've had to get us off an RBL twice and they were very receptive. They know spammers don't bother to try getting off.
 
Dial_tone said:
You could just contact them and explain your problem. I've had to get us off an RBL twice and they were very receptive. They know spammers don't bother to try getting off.
Click to expand...

I am going to call them in the morning.

Are you talking comcast or spamhaus?
 
mountain muscle said:
I am going to call them in the morning.

Are you talking comcast or spamhaus?
Click to expand...
Spamhaus; just send an email with all the details.
 
You must log in or register to reply here.

Similar threads

M
Getting owned by spamhaus...
Replies
5
Views
577
digger
digger
V
Ok guys, fess up, which one of you owns this blog post?
Replies
40
Views
6K
EnderJE
EnderJE
George Spellwin
Is there a HACKER amongst us? NO! Please read!
Replies
53
Views
6K
Y_lifter
Y_lifter
George Spellwin
Making lots of fast cash online - I'm going to tell you how. Please read.
Replies
15
Views
4K
Agathe
A
George Spellwin
Making lots of fast cash online - I'm going to tell you how. Please read.
Replies
10
Views
8K
zak111
Z
Top Bottom