Mail not getting through. Possible blacklist?
9 posts
• Page 1 of 1
Mail not getting through. Possible blacklist?
by VdkaShaker » Sun Mar 04, 2007 10:12 pm
I've been notified by at least two different senders that mail is being rejected. I was able to change to a REAL email address and get messages immediately, but mail from at least one of the senders never makes it to spamgourmet.com (my counts don't change for the address). How can I send the info privately for you to investigate?
- VdkaShaker
- Posts: 8
- Joined: Thu Jul 20, 2006 6:16 pm
by josh » Tue Mar 06, 2007 2:13 pm
you can send me a private message on the board here. I only need to know the host(s) that the senders are trying to send from. If you don't know what it is, you could send me the complete headers from the message(s) that got through, and I should be able to figure it out.
- josh
- Posts: 1371
- Joined: Fri Aug 29, 2003 2:28 pm
by Paranoid2000 » Sun Apr 15, 2007 1:50 am
I'm seeing this as well and it is becoming a serious problem...
If SpamGourmet rejects an incoming email, it returns a message to the sender referring to http://www.spamgourmet.com/dynamic.html. This may be OK for technical users but small businesses (which are more likely to be using email servers lacking a "proper" reverse DNS) are likely to have difficulties with it (one did in my case, though I was able to provide detailed guidance based on a previous email they sent).
However when an email is sent by an automated system, this response does no good whatsoever and the Spamgourmet user is powerless to do anything to identify, let alone fix, the cause.
I have so far not received multiple password resets from eBay (they say they sent 3 which I didn't receive - a fourth from mx30.sjc.ebay.com (mxpool14.ebay.com [66.135.197.20]) got through so it seems likely that SG blocked the others) and registration/password resets from 2 forums (Hexus and XtremeSystems, mail servers unknown since I've not received any email from them).
Given the choice between reliability and speed, I would vote for reliability, hands down. I know I have posted about slow deliveries in the past, but I would far prefer that to the current uncertainty of not knowing if a missing email was due to SG.
As such, I would ask that the existing filtering be revised to minimise the chance of blocking legitimate senders. There are clearly several ways of doing this (IP/subnet blocklists based on past abuse, SpamHaus' PBL blocklist) but the existing method, for me, is harming SG's usability in a way that nothing else has.
The "dynamic.html" page could also be improved (for human senders) by placing the necessary "fix" at the top and leaving the explanation at the bottom, plus including a webform to allow a human sender to contact the SG user directly (for cases where they really don't know what to do - limiting it to existing SG aliases only and having a CAPTCHA should prevent spambot abuse).
If SpamGourmet rejects an incoming email, it returns a message to the sender referring to http://www.spamgourmet.com/dynamic.html. This may be OK for technical users but small businesses (which are more likely to be using email servers lacking a "proper" reverse DNS) are likely to have difficulties with it (one did in my case, though I was able to provide detailed guidance based on a previous email they sent).
However when an email is sent by an automated system, this response does no good whatsoever and the Spamgourmet user is powerless to do anything to identify, let alone fix, the cause.
I have so far not received multiple password resets from eBay (they say they sent 3 which I didn't receive - a fourth from mx30.sjc.ebay.com (mxpool14.ebay.com [66.135.197.20]) got through so it seems likely that SG blocked the others) and registration/password resets from 2 forums (Hexus and XtremeSystems, mail servers unknown since I've not received any email from them).
Given the choice between reliability and speed, I would vote for reliability, hands down. I know I have posted about slow deliveries in the past, but I would far prefer that to the current uncertainty of not knowing if a missing email was due to SG.
As such, I would ask that the existing filtering be revised to minimise the chance of blocking legitimate senders. There are clearly several ways of doing this (IP/subnet blocklists based on past abuse, SpamHaus' PBL blocklist) but the existing method, for me, is harming SG's usability in a way that nothing else has.
The "dynamic.html" page could also be improved (for human senders) by placing the necessary "fix" at the top and leaving the explanation at the bottom, plus including a webform to allow a human sender to contact the SG user directly (for cases where they really don't know what to do - limiting it to existing SG aliases only and having a CAPTCHA should prevent spambot abuse).
- Paranoid2000
- Posts: 71
- Joined: Wed Dec 15, 2004 10:48 am
by SysKoll » Sun Apr 15, 2007 5:39 pm
I just verified that we routinely receive and forward email from the ebay servers. I don't understand what the problem is in your case.
For example:
Apr 15 10:13:33 gourmet sendmail[13814]: l3FADWpe013814: from=<sm-member@ebay.de>, size=20539, class=0, nrcpts=1, msgid=<33295536.1176632012576.JavaMail.ebba@sjc2bat11>, proto=ESMTP, daemon=gourmet, relay=mxpool14.ebay.com [66.135.197.20]
As for hexus.net, they have two mail servers, mail-uk-0.lohost.com and mail-us-0.lohost.com. Neither of them shows up as a sender in the recent mail log (since Apr 8th). We don't filter them.
The same is true for xtremesystems.org: their mail servers 64.60.0.28 and
64.60.0.229 haven't send us anything in a while. We don't filter them either.
We'd be glad to help you debug that problem, but first we have to see it in our logs. Any idea?
For example:
Apr 15 10:13:33 gourmet sendmail[13814]: l3FADWpe013814: from=<sm-member@ebay.de>, size=20539, class=0, nrcpts=1, msgid=<33295536.1176632012576.JavaMail.ebba@sjc2bat11>, proto=ESMTP, daemon=gourmet, relay=mxpool14.ebay.com [66.135.197.20]
As for hexus.net, they have two mail servers, mail-uk-0.lohost.com and mail-us-0.lohost.com. Neither of them shows up as a sender in the recent mail log (since Apr 8th). We don't filter them.
The same is true for xtremesystems.org: their mail servers 64.60.0.28 and
64.60.0.229 haven't send us anything in a while. We don't filter them either.
We'd be glad to help you debug that problem, but first we have to see it in our logs. Any idea?
-- SysKoll
- SysKoll
- Posts: 893
- Joined: Thu Aug 28, 2003 9:24 pm
by josh » Mon Apr 16, 2007 1:47 pm
We've been progressively refining and easing back on the outer protection, and whitelisting upon request. It's a balance between staving off that attack (which seems to have subsided) and letting all the right stuff through. Hopefully it's better just now than it has been recently.
- josh
- Posts: 1371
- Joined: Fri Aug 29, 2003 2:28 pm
by Paranoid2000 » Tue Apr 17, 2007 10:20 am
If it isn't SG's blocklisting then neither do I - eBay used the correct address, the alias has counts remaining, mails from Customer Service (to that alias) were getting through assuring me that password updates had been sent. The only possibility I can see is either there being a block between SG and eBay that was lifted (allowing the last password email through) or the lost emails were coming from a different server that still has a block on it (or eBay's Customer Service talking out their backside, but I'd rather give them the benefit of the doubt for now). Is SG's filter allowing everything from the ebay.com domain?SysKoll wrote:I just verified that we routinely receive and forward email from the ebay servers. I don't understand what the problem is in your case.
I've tried another password reset (10:00 UTC, Tue 17 April) and had nothing through. Did anything appear on the logs?SysKoll wrote:As for hexus.net, they have two mail servers, mail-uk-0.lohost.com and mail-us-0.lohost.com. Neither of them shows up as a sender in the recent mail log (since Apr 8th). We don't filter them...We'd be glad to help you debug that problem, but first we have to see it in our logs. Any idea?
Update: received the Hexus email at 10:15 UTC - anything changed with SG's configuration?
XtremeSystems don't appear to have a mechanism for resending registration verifications - I'll need to contact the admins there for more info.SysKoll wrote:The same is true for xtremesystems.org: their mail servers 64.60.0.28 and
64.60.0.229 haven't send us anything in a while. We don't filter them either.
While I understand and support measures to filter out malicious traffic, anything needing manual whitelisting will be problematic for automated email systems (mailing lists, forum notifications, etc). Hopefully, if the abuse came from a specific address range, a more limited IP-based blocklist would serve as well.Josh wrote:We've been progressively refining and easing back on the outer protection, and whitelisting upon request. It's a balance between staving off that attack (which seems to have subsided) and letting all the right stuff through.
- Paranoid2000
- Posts: 71
- Joined: Wed Dec 15, 2004 10:48 am
by SysKoll » Wed Apr 18, 2007 7:47 pm
Update: received the Hexus email at 10:15 UTC - anything changed with SG's configuration
Not really, except filtering out yet more abusers. We didn't do any whitelisting of hexus-related addresses.
Can you please PM me the headers of that hexus email that finally came through, as well as your SG account name and forwarding address? I'm going to check the logs again...
-- SysKoll
- SysKoll
- Posts: 893
- Joined: Thu Aug 28, 2003 9:24 pm
Same problem with ebay
by gregers » Sat Nov 22, 2008 1:31 am
I seem to have the same problem. Just went through hell with ebay live chat to change the email without a confirmed account. Not easy explaining what spamgourmet.com is to a support-representative
Anyway, I don't get any emails sent from ebay, but the remaining number in spamgourmet decreases, and I'm able to send to the ebay alias from other emails.
Do you need any more info?
Regards,
Gregers
Anyway, I don't get any emails sent from ebay, but the remaining number in spamgourmet decreases, and I'm able to send to the ebay alias from other emails.
- Code: Select all
This is the header when I finally got them to change to my real email-address:
Received: by 10.181.224.9 with SMTP id b9cs223953bkr;
Fri, 21 Nov 2008 16:59:24 -0800 (PST)
Received: by 10.100.134.10 with SMTP id h10mr512966and.150.1227315563599;
Fri, 21 Nov 2008 16:59:23 -0800 (PST)
Return-Path: <registration@ebay.com>
Received: from mxpool01.ebay.com (mxpool21.ebay.com [66.135.197.27])
by mx.google.com with ESMTP id b7si3261651ana.31.2008.11.21.16.59.21;
Fri, 21 Nov 2008 16:59:22 -0800 (PST)
Received-SPF: pass (google.com: domain of registration@ebay.com designates 66.135.197.27 as permitted sender) client-ip=66.135.197.27;
DomainKey-Status: good (test mode)
Authentication-Results: mx.google.com; spf=pass (google.com: domain of registration@ebay.com designates 66.135.197.27 as permitted sender) smtp.mail=registration@ebay.com; domainkeys=pass (test mode) header.From=registration@ebay.com
Received: from sr-wscgi003 (sr-wscgi003.smf.ebay.com [10.10.63.103])
by mxpool01.ebay.com (8.13.8/8.13.8) with ESMTP id mAM0vxJZ020650
for <xxx@gmail.com>; Fri, 21 Nov 2008 17:59:21 -0700 (GMT)
DomainKey-Signature: a=rsa-sha1; s=dksm28; d=ebay.com; c=nofws; q=dns;
h=message-id:from:reply-to:to:subject:mime-version:
content-type:x-ebay-mailtracker:x-ebay-mailversiontracker;
b=P2Z2nR03OAsfqvURk4JOB4lMNHo4QsC1lMY5Cn288ZLOL79DJoARShzYtucCdmQ/t
CYNfslPRjGdluz0q1IAaQ==
Date: Fri, 21 Nov 2008 17:59:21 -0700 (GMT)
Message-ID: <607659064.1227315561440.JavaMail.SYSTEM@sr-wscgi003>
Do you need any more info?
Regards,
Gregers
- gregers
- Posts: 1
- Joined: Sat Nov 22, 2008 1:22 am
9 posts
• Page 1 of 1
Return to Support / Hilfe / ayuda / ondersteuning / ...
Who is online
Users browsing this forum: No registered users and 90 guests