PDA

View Full Version : "Dead Already ... ?" CIS Classic Mail ... Not Geraniums


heinz57g
July 25th, 2006, 12:00 PM
yes, i have checked the CIS CLASSIC forum first, nothing there. so the question goes here: has anybody still using
CIS CLASSIC mail experienced extreme delays, last three/four days? outgoing mail that takes 10+ hours, some that
doesnt make it at all, and worse, no error reports coming back? totally independent to where the mail is being sent
to, including test mssg back into the very own CIS account?

or am i again the only one? then the second question: why me? (ususally jeff has a fitting answer to that one ...)

greetings - heinz -

PS: just noticed the delays are both outgoing and incoming! even worse, as this points to some misfunction within
CIS servers or similar.

Jeff
July 25th, 2006, 01:40 PM
No problems of any kind here, Heinz. I use both incoming and outgoing about once a day. Sounds like you have 'out of country' node trouble. I've already told you that such will get worse. Find an alternative while you still can. mail2web.com would be good to have available to check and send from your CIS mailbox.

- Jeff

Gary Maltzen
July 25th, 2006, 03:35 PM
extreme delays, last three/four days? outgoing mail that takes 10+ hours, some that doesnt make it at all, and worse, no error reports coming back? Headers would help diagnose where the slowdown occurs.
When there is a virus attack in progress incoming mail delivery can be slowed down by the virus-scanning queue.
AFAIK there is no outgoing (from CIS) virus scanning -- at least for mail sent by an HMI client (CS4, etc).
PS: just noticed the delays are both outgoing and incoming! even worse, as this points to some misfunction within CIS servers or similar.Are you certain it isn't connected to the servers at the other end given the rolling power outages this past weekend in California? My (San Jose) server was down for about 16 hours.
In particular I note the number of people that thought there was a problem at the Compuserve end when Microsoft updated their dial-up networking software.

heinz57g
July 25th, 2006, 04:42 PM
''out of country nodes'' cannot be, jeff, because for the testing (you know me when i get nervous)
i used greece, hungary, germany and even the US, alternativly.

incoming mail (and still missing mails) came from the US, UK, and the far east, most of the WWW.

outgoing, i tested CIS-CIS, CIS-YAHOO, CIS-WWW, CIS-GMX, all at least 3ea, with the same result:
only ten percent within 3 minutes, another 20 percent within 10 hours, the rest not at all. AND NO
ERROR REPORTS. and totally mixed between the systems.

specially if CIS to CIS (bcc:ed to myself) does not work, it (to me) can only be internal, no?

for sending i used Tapcis / Eprompter / Mail2Web, again alternativly, and with no clear difference.

stilll baffled ... heinz

Gary Maltzen
July 25th, 2006, 07:57 PM
specially if CIS to CIS (bcc:ed to myself) does not work, it (to me) can only be internal, no?Since you didn't specify what you mean by CIS-CIS nor what mail client you used nor what mail server you used...
Incidentally - I checked with the Classic postmaster and (1) there is no outbound AV scanning, only inbound scanning and (2) the servers appear to be operating normally.

I have a client who recently moved his company off a Yahoo mail server because of the inordinate delays to incoming mail.

heinz57g
July 25th, 2006, 08:50 PM
CIS to CIS, my own to my own, bcc:ed or direkt. those mssgs used to show up within 30 seconds.
on web2mail it would be the COPY YOURSELF function turned on, when using tapcis just a mail to
your own addrs. login is then thru standard CIS dialup nodes.

clients, if any but TAPCIS, i had mentioned in the mail above. there are no others.

incoming mail is, by the way, now getting back to normal, but outgoing still very very bad, max normal is 10%.

and, remember, i have been doing well over 500mails/month over the past 10 years, constantly,
so i think i know what i am doing, and when things go wrong outside my influence. or so i want
to believe at least.

greetings - heinz -

Gary Maltzen
July 25th, 2006, 08:53 PM
CIS to CIS, my own to my ownWas that using the CS4 program?

heinz57g
July 25th, 2006, 09:15 PM
no gary, TAPCIS! and for testing, also EPrompter and MAIL2WEB - all with same results.

greetings - heinz -

Gary Maltzen
July 26th, 2006, 02:03 AM
Unfortunately I don't know whether TAPCIS uses POP3 or HMI to access e-mail.
(Do you have to specify a non-Compuserve SMTP server?)

I have no clue about EPrompter.

MAIL2WEB is the critical test - if you can't get it there then you either don't have an account or are not using the right (POP3 mail-only, 8-24 letters AND digits ONLY) password.

You may have difficulty using MAIL2WEB to send mail AS you TO you. Compuserve may view mail from the outside with both sender and recipient Compuserve addresses as suspect.

heinz57g
July 26th, 2006, 03:06 AM
gary, but sorry: this forum is called The TAPCIS FORUM, and i am writing under the column TAPCIS SUPPORT,
so i thought at least these points were clear.

MASIL2WEB, i have had an account there for years, using them daily on several mailboxes. they all work, even
my CIS account lets me see my mails. as i said, incoming is (almost) back to normal.

outgoing, either from TAPCIS or MAIL2WEB, still fails in 90%.

greetings - heinz -

Gary Maltzen
July 26th, 2006, 04:01 AM
this forum is called The TAPCIS FORUM, and i am writing under the column TAPCIS SUPPORTSo, since I have a lot of experience with e-mail but not with TAPCIS, I shouldn't offer any more help...
(Besides which I will be on vacation for the next 2 weeks)
MASIL2WEB, i have had an account there for years, using them daily on several mailboxes.You probably do NOT have an "account" at http://mail2web.com/ as their service is free and does not require registration.
Your "accounts" are most likely at the ISPs providing mail service for you.
The ONLY thing MAIL2WEB provides is a free WEB interface to standard (POP3, IMAP) e-mail servers.
(Their http://mail2wap.com/ site provides a free WAP interface to standard e-mail servers.)

heinz57g
July 26th, 2006, 05:22 AM
gary, i was not saying yr help is not (more than) appreciated, i just meant that using the TAPCIS forum those
technical details would have meant they are clear already. or so i thought.

even with the free service at mail2web you can have an account (so they call it) by setting up all your boxes
under one login page and using www.mail2web.com/yourname as a login. this does require a (simple) registration,
but makes things much much easier, as everything but the passwords are already stored there and usable immdtly.

from the timing of yr mssgs i presume you are based in europe? or write at strange AM hours out of the USA?
anyhow, wish you the best of holidays, and keep clear of computers. something i always promise myself, even for
long weekends, and never manage to keep ...

greetings - heinz -

Lindsey
July 27th, 2006, 12:42 AM
Unfortunately I don't know whether TAPCIS uses POP3 or HMI to access e-mail.
Neither. It uses CompuServe's proprietary interfaces, either ASCII or HMI. Think of it as a very distant cousin to CSx. :p

Like you, I had wondered if sending mail from one e-mail address to that same e-mail address might not be problematic; that's certainly something you see with spam. <sigh>

--Lindsey

heinz57g
July 27th, 2006, 09:47 AM
lindsey, the sending a BCC: mssg to yrself was for years a standard and often recommend way
of using TAPCIS at mutiple locations, but keeping records at one main one anyhow. if i would
count, i am sure i have several 10000 of them.

admittedly, when spam was no issue at all: the once a month ''improve your sexlife at age 95''
was a welcome comic relief.

with MAIL2WEB, like with many other mail programs, one even has a special tick-field for sending
mssgs to oneselfs.

and it works, there is no problem there.

the problem i have has anyhow nothing to do with this, because it was only used to doublecheck
after i found out that normal mssgs did often not go out (still dont, by the way).

greetings - heinz -

Lindsey
July 28th, 2006, 11:52 PM
It's just that that is one thing that some spam-control programs use to identify spam. Not necessarily the sole criterion, but one of the factors that raises the suspicion level.

That it wasn't a problem in the distant past, before spam got to be such an intractable problem, doesn't necessarily mean anything.

--Lindsey

heinz57g
August 4th, 2006, 09:34 AM
and still isnt. it works fine now again.

i even think that mail from CIS to CIS does not go thru any much filtering anywhere. from the plain looks
of it, it is almost instant: if i write from myself to myself or anybody also on CIS (classic), and have
the computers side by side, i can hardly press the SEND button and its already on the other side.

anyhow, update on the main issue: after about ten days, things seem back to normal. outgoing works
fine again, incoming too but one quirck i have not seen before: CIS seems to block entire servers,
entire domains, from sending to CIS. and the bad thing is, there is no error mssg going to the sender.

friends of mine in china and taiwan, as well as south-africa cannot write to me. the mails seems to go
out fine, and that was it.

anybody ever seen this, or noticed it recently?

greetings - heinz -

earler
August 4th, 2006, 04:30 PM
I've had problems corresponding with someone with a CompuServe address. The mail is rejected and I get a message telling me so. The rejected mail is coming from wanadoo.fr, one of the largest isp's in europe, by the way, and the largest in france by far.

-er

heinz57g
August 5th, 2006, 04:48 AM
earler, yr mssg refers for outgoing mssgs, from CIS to wanadoo, right? it does happen, about once
per month, that one of the many CIS servers gets put on blacklists, usually for about one day, but
resolving itself reasonably (?) fast.

the good thing here is that you do get an error mssg! just resending the mail usually helps, too.
there are so many SMTP servers, that your chances on a second try are good.

but was talking about INCOMING mssgs, where it seems to me that CIS locks out entire domains
and their servers, and there, neither the sender nor the recipient, gets any error mssg. and that is
more than annoying.

greetings - heinz -

earler
August 5th, 2006, 10:48 AM
No, I meant messages from the wanadoo smtp server to CompuServe. For some reason unbeknownst to me CompuServe seems to be blocking all messages sent from wanadoo, which is as if an isp were blocking messages from verizon.

-er

heinz57g
August 5th, 2006, 06:51 PM
perfect, earler, then you are right along the line i was decribing too: certain providers being blocked
by CIS for incoming (-->> CIS) mssgs. and it is not from some or some specific email addresses from
those provider, but all! meaning in your case, nobody from wanadoo.fr, or in my case, nobody from
seed.net.tw, can send mssgs to anybody on CIS.

greetings - heinz -

heinz57g
September 19th, 2006, 06:25 PM
earler, sorry i have to raise this once more, but has your situation changed?

mine has certainly worsened: there are more and more providers that seem to be blocked by CIS, from china, taiwan, philippines
and since two weeks turkey and singapore too. no mail from those sytems, any adress, reach any CIS addrs at all, they just vanish.

this has nothing to do with the mail prog one uses: senderxxx@providerzzz.com.cn -->> 100xxx.1xxx@compuserve.com does plainly
not arrive. always, everytime, fully reproducable.

greetings - heinz -

heinz57g
September 22nd, 2006, 07:35 AM
hey, what is going on here? i thought there would be a lot of CIS user here still,
since all of us were once upon a time. and me and earler cant be the only ones
experiencing this, as more and more IPS and providers are locked out of sending to CIS.

checking the internet for ''cannot send to compuserve'' or even more dedicted ''550 5.7.1 IP
address denied-4'' gets hundreds of hits, all blaming CIS.

and nobody here has even experienced this, or heard about it?

greetings - heinz -

Peter Creasey
September 22nd, 2006, 09:55 AM
nobody here has even experienced this, or heard about it?


Heinz, I still use CIS email extensively and continue to find it quite satisfactory. Plus, I haven't seen any discussions about widespread problems on the CIS Classic email Board.

Report back if you get more info!

heinz57g
September 22nd, 2006, 11:18 AM
peter, just google for those two comments i made above, and you will get, depending how close you limit your search,
hundreds of remarks. i myself today alone came across two more providers that seem to be totally locked out sending mail to
CIS, and the one earler mentioned (wanadoo) is by far the largest one in france, with million of members.

for those who will / cannot google, below just one of the many comments. somehow it felt good to know i was not dreaming.

complaints are slow to come in, because in many, if not the most cases, nobody ever sees an error mssg. so one just
tends to think the recipient is just to lazy to answer ...

greetings - heinz -

< comment slightly shortened to leave out non-relevant points >

... that recently started having this problem. Every time we email anyone @compuserve.com we get this NDR withing seconds of sending the message:

-----------------------
Your message did not reach some or all of the intended recipients.

Subject:
Sent: 4/26/2005 8:32 AM

The following recipient(s) could not be reached:

postmaster@compuserve.com on 4/26/2005 8:33 AM
You do not have permission to send to this recipient. For assistance, contact your system administrator.
<mail.OurDomainName.com #5.7.1 smtp;550 5.7.1 IP address denied-4>
-------------------------

We also have some issues emailing AOL (owner of compuserve), but the NDR doesn't get returned immediately with AOL like it does with Compuserve. AOL's take a few days of trying to send before getting returned.

If you do a Google search for "5.7.1 IP address denied" the ONLY results you will get are about Compuserve! So, what I need is either someone who knows why Compuserve is blocking us from emailing them OR a good contact for Compuserve so we can find out why were being blocked.

I have attempted to call their regular Tech Support line and talked to someone who told me I couldn't speak to tech support unless I was a member and that I should have the member who can't receive email from us call in. Well, ANYONE who is a member won't be able to receive email from us, but the tech didn't care ...

************************************************

The following recipient(s) could not be reached:

'sandra_lee@compuserve.com' on 08-02-05 3:58 PM

You do not have permission to send to this recipient. For assistance, contact your system administrator.

<mail.domain.com #5.7.1 smtp;550 5.7.1 IP address denied-4>

************************************************

Hi. This is the qmail-send program at vfemail.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<*******@compuserve.com>:
Connected to 149.174.40.55 but sender was rejected.
Remote host said: 550 5.7.1 IP address denied-4

I get the same response with any compuserve address I try.

Gary Maltzen
September 22nd, 2006, 12:37 PM
Google says:Your search - "550 5.7.1 address denied-4" - did not match any documents.Did you check senderbase.org to see if your server was on any blacklists?
Did you check Google (mail-abuse) news groups to see if there were recent spam reports from your server?

FYI: "address denied-4" means that the mail was rejected based on (4 octets) of IP address.
The IP address denial list is generated by AOL based on AOL user reports of spam received and is updated frequently.I get the same response with any compuserve address I tryCIS is rejecting the host sending the e-mail; what difference would it make to whom?

Note: when I try to look up "mail.ourdomain.com" I getHost mail.ourdomain.com not found: 3(NXDOMAIN)I can only offer real help when you provide the real information. Or was your goal just to vent?

P.S: wanadoo has historically had a significant problem with compromised user hosts that are used to spam. Results 1 - 10 of about 189,000 for wanadoo.fr group:*abuse*Sep 22nd:from apoitiers-155-1-91-172.w81-49.abo.wanadoo.fr ([81.49.62.172 ...
from arennes-251-1-132-207.w86-210.abo.wanadoo.fr ([86.210.11.207 ...
from cavco.com (LAubervilliers-151-12-97-83.w193-252.abo.wanadoo.fr [193.252.200.83 ...
from ast-lambert-153-1-81-38.w83-204.abo.wanadoo.fr ([83.204.216.38 ...

Gary Maltzen
September 22nd, 2006, 12:55 PM
Googling: cannot send to compuserve...

1) If you follow the vfemail.net link you will find it was resolved in 2 hours by the ISP
2) The bulk of the messages seem to be about issues with use of the SMTP server by members, not about delivery from offsite servers.

heinz57g
September 23rd, 2006, 09:28 PM
gary, the quotes above were clips from the internet, just samples, not mine! so i have no idea
if anybody was 'just trying to vent', but with the number of similar entries there, i doubt it.

fact is, and that is my own experience, that a large number of our customers and friends
CANNOT send mail to ANY compuserve addrs since weeks, and that number is increasing daily.

and how ever legitimate the reason for blacklists are, to include x.x million of wanadoo members,
entire countries like taiwan and the philippines from regular mail traffic, is just not correct.
there must be other ways: how do other providers do it?

and i am not talking of MY server, or MY provider, so i cannot offer details there.
many people using email do not even know what a server is. all i am talking about that i get presently
some 10-15 complaints per week, thru alternative channels, that people cannot reach me on CIS.
and i know, not even 10% of the people that this happens to know about it and react. most of them
just think i forgot to answer.

greetings - heinz -

Gary Maltzen
September 23rd, 2006, 11:56 PM
The blacklists do not include "millions of wanadoo members", only IP blocks allocated to (frequently compromised) residential/dynamic systems and the IP addresses of servers which have specifically been sending spam to AOL members.

It is an unfortunate fact of life that so few (spammers) can make life so miserable for so many (members) -- but the ONLY way to get an ISP (wanadoo, etc.) to fix their problem is to affect their bottom line. Rejecting e-mail from an ISPs legitimate server is a quick way to get the ISPs attention.

It's a shame that senders see this as an AOL/Compuserve problem. It's sort of like blaming the driver who went through on the green light for blocking the intersection when rammed by somebody who drove through a red light.

It never ceases to amaze me that you continue to be a Compuserve member when you are so clearly dissatisfied with their service.

Note that I consider the Compuserve Classic mail staff with whom I have contact to be both courteous and conscientious in their attempt to provide the best possible service to the membership.

earler
September 24th, 2006, 05:58 AM
I can attest to the blocking of mail from wanadoo addresses. It is as if someone blocked all mail from verizon or comcast. CompuServe itself does a very poor job of blocking spam in general. I receive tons of egregious spam in my CompuServe mailboxes every day. I don't have this problem with other services I use, like attglobal or gmail, nor any of my french mailboxes. In fact, wanadoo does a good job in filtering out spam in incoming messages.

-er

Peter Creasey
September 24th, 2006, 10:21 AM
Note that I consider the Compuserve Classic mail staff with whom I have contact to be both courteous and conscientious in their attempt to provide the best possible service to the membership.

Gary, Thanks once again for your ongoing support of CIS Classic email.

sidney
September 24th, 2006, 05:23 PM
and how ever legitimate the reason for blacklists are, to include x.x million of wanadoo members, entire countries like taiwan and the philippines from regular mail traffic, is just not correct. there must be other ways: how do other providers do it?

My ISP provides more flexibility than most by allowing customers to enable or disable ip address blocklists on an individual basis, so someone who gets mail from wanadoo customers could disable the, for example, spamcop blocklist filter which usually has many wanadoo mail servers on it.

As for why wanadoo continues to get itself blocked on such lists, there is a somewhat long discussion about it (http://forum.cesmail.net/forums/lofiversion/index.php/t7131.html) on a spamcop help forum. I'll summarize the main point here, as that thread wanders a bit:

Spam usually contains a fake From address header, usually selected from the spammers mailing list. That makes it difficult to filter based on From address, as you could easily do if you got lots of spam from the same address, and it makes bounces someone else's problem, as the spammer never sees them.

Because the From address has nothing to do with where the spam really came from, an ISP is irresponsible if they bounce undeliverable mail back to the address in the From header. The only correct ways to handle mail to an invalid email address these days are 1) to have the receiving mail server determine the validity of the address and not accept mail to an invalid address; or 2) (not as good) drop undeliverable mail without bouncing it if it has already been accepted by the mail server and then determined to be undeliverable.

Wanadoo is stuck in the 90's in how they process email. Their servers accept mail and then bounce undeliverable ones (e.g., all that spam sent to arbitrary user names at some domain that doesn't have a catchall address) to the From address of the mail.

Another piece of the puzzle is that spam blocklists make use of spamtrap email addresses. These are email addresses that are never used for anything, so any mail sent to them must be spam.

The result is that when a spammer picks a From address at random from their list and it is a spamtrap address, and sends the spam to an invalid address in a domain served by wanadoo, the wanadoo mail server sends the bounce message to the spamtrap address.

When a wanadoo mail server sends enough mail to spamtrap addresses, for example those operated by SpamCop, they eventually get themselves listed on the blocklist for sending a lot of spam. In the case of SpamCop, their point system is relative to the overall volume of mail from the mail server, so to get on the blocklist a wanadoo server has to be be sending a huge number of mails to the spamtrap addresses.

Anyone who has their own domain and a catchall mailbox on it is familiar with the annoying phenomenon of getting bounce messages from spam sent with their domain in the From address. There is no excuse for an ISP to configure their mail servers in such a way as to proliferate that annoyance. The result of wanadoo's lack of care for such things is that their customers have a difficult time sending email to many places, including AOL and CompuServe, and including many other places that use the SpamCop blocklists among others for spam filtering.

-- sidney

Lindsey
September 24th, 2006, 06:06 PM
Great summary, Sidney -- thanks so much for clarifying the issues so well!

--Lindsey

Dan in Saint Louis
September 24th, 2006, 09:28 PM
Because the From address has nothing to do with where the spam really came from, an ISP is irresponsible if they bounce undeliverable mail back to the address in the From header. -- sidney
Might this be related to the reason I keep getting messages from "scomp@aol.net" with headers like this, that have no sign of either my domain name or IPAddress in them? (Perfora.net is indeed the host of my email, but nothing else there appears to be related to me in any way.)

- - - - -
Return-Path: <>
Received: from rly-yg02.mx.aol.com (rly-yg02.mail.aol.com [172.18.180.80]) by air-yg01.mail.aol.com (v112_r1.4) with ESMTP id MAILINYG13-273451463b117b; Fri, 22 Sep 2006 18:29:21 -0400
Received: from mout-bounce.perfora.net (mout-bounce.perfora.net [217.160.230.50]) by rly-yg02.mx.aol.com (v112_r1.4) with ESMTP id MAILRELAYINYG27-273451463b117b; Fri, 22 Sep 2006 18:29:05 -0400
Received: from mout by moutus0.kundenserver.de id 0MKzcw-1GQtV71fac-00006c;
Fri, 22 Sep 2006 18:28:05 -0400
Date: Fri, 22 Sep 2006 18:28:05 -0400
From: Mail Delivery System <mailer-daemon@perfora.net> (mailer-daemon@perfora.net)
To: <Undisclosed Recipients>
Subject: Warning: message delayed 25 hours
Message-Id: <0MKzcw-1GQtV71fac-00006c@moutus0.kundenserver.de> (0MKzcw-1GQtV71fac-00006c@moutus0.kundenserver.de)
X-Original-Id: 0MKv22-1GQVfa08ik-0004O5
X-AOL-IP: 217.160.230.50
X-Mailer: Unknown (No Version)
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit

- - - - -

sidney
September 25th, 2006, 02:30 AM
Might this be related to the reason I keep getting messages from "scomp@aol.net" with headers like this, that have no sign of either my domain name or IPAddress in them? (Perfora.net is indeed the host of my email, but nothing else there appears to be related to me in any way.)

kundenserver.de appears to be the same people as perfora.net. This bounce message is from the same kind of thing, a forged From address if you didn't send it, but it is in a gray area that is trickier for an ISP to deal with.

If mail flat out can't be delivered, then an ISP should detect that and reject the message, which would cause it to bounce back to the machine that is really trying to send the message. Doing that ensures that if you send legitimate mail to a bad address or a full mailbox you will get a bounce back to let you know that the mail did not get through, but you don't get spam bounceback.

If the mail server cannot detect that the mail can't be delivered until it has been accepted from the original sender, then the only options are to bounce back to the From address or to drop it. Before the days of spam, it was always considered better to bounce it, with the rationale that you should make the best effort to let the sender know that the mail did not get through. Now there is too much spam with forged From headers to make that practical.

However, there is another possible scenario. A mail server could accept the mail from the sender, then get a "temporary fail" when trying the next step in delivery. A standard response to that situation has been to bounce back a message saying that the mail has been delayed, then keep retrying every so many hours, finally making it a hard fail after a certain number of failed attempts.

That's what you are seeing from the mail sent through the perfora.net server. Those temporary fail situations are uncommon enough that some ISPs do not configure their servers to drop the bounceback response that they generate even if they are clueful enough to not bounce hard failures back to a From address.

If you ever get the full original email as part of such a message, perhaps when the email hits its final temporary fail, I would be interested in seeing the headers of that original message, which will provide some clue as to how this actually happened.

Gary Maltzen
September 25th, 2006, 01:24 PM
I checked with the postmaster...
I don't have any of the wanadoo.fr IPs from their MX records blocked. I had several that were in their 24bit subnet though. I cleared them so we can see what happens. It will take a couple hours to get pushed out to all the plant.

earler
September 25th, 2006, 04:11 PM
Not to doubt that wanadoo (now renamed orange, by the way, though the email addresses remain wanadoo) is remiss in how it handles outgoing spam, but CompuServe is poor in its handling of incoming spam. In any case, no other major isp blocks wanadoo, only CompuServe (and perhaps aol).

-er

Dan in Saint Louis
September 25th, 2006, 04:31 PM
If you ever get the full original email as part of such a message, perhaps when the email hits its final temporary fail, I would be interested in seeing the headers of that original message, which will provide some clue as to how this actually happened.

I'll try forwarding a couple to your email address, I think Thunderbird displays all the headers in that mode. I'm sure I do not understand everything you told me, but maybe it will sink in gradually.

So far today (current local time is 15:40) I have received 19 of these from AOL.

Thanks!

Gary Maltzen
September 29th, 2006, 01:11 PM
Given the discussion about wanadoo, I presume somebody from this forum forwarded to me the following 554 Service unavailable; Client host [86.198.104.33] blocked using bl.spamcop.net; Blocked - see http://www.spamcop.net/bl.shtml?86.198.104.33 Interestingly enough that was sent to me using the blocked host Received: from source ([86.198.104.33]) by exprod5mx162.postini.com ([64.18.4.10]) with SMTP; Fri, 29 Sep 2006 06:52:32 PDTand I note that the message was directly sent from a wanadoo broadband client, not through an official wanadoo server~> host 86.198.104.33
33.104.198.86.in-addr.arpa domain name pointer ALagny-151-1-86-33.w86-198.abo.wanadoo.fr.

sidney
September 30th, 2006, 02:12 AM
I'll try forwarding a couple to your email address

It took me a while to get the time to look through them. They mostly look like ordinary spam sent from forged addresses to bogus addresses that were bounced after being accepted by the mail server, which means the receiving mail server is not configured as it ideally should be. To be honest, though, I wasn't able to figure out how some of the mails ended up bouncing to you ... I have to assume that there is some information that got lost in the translation somewhere between the spam's arrival at the receiving server and when it got to you and was forwarded to me.

-- sidney

Dan in Saint Louis
September 30th, 2006, 11:21 AM
To be honest, though, I wasn't able to figure out how some of the mails ended up bouncing to you ...
Phew! It wasn't just me. I have asked both AOL and Perfora (1and1.com) why I get over 100 of those each week, and they can't (won't) tell me either.

If you think it would help I could dig the original message from the inbox file, but I presume that since the headers you need are the ones quoted in the message body (not the ones for the bounce message itself) they would be the same.

Otherwise I'm about to look for the address of the Chief Honcho at AOL and send him some personal snail mail.

Gary Maltzen
October 1st, 2006, 01:25 PM
I have asked both AOL and Perfora (1and1.com) why I get over 100 of those each week, and they can't (won't) tell me either.Mail from AOL's scomp address means that a member reported a message from you as spam. I suspect that AOL may be having a problem with forged sender addresses.

If you forward a couple of these to me I will see that the AOL mail NOC knows about the issue. If possible I would like to see even the headers from AOL sending you the notice as that should allow them to track the message back to the original incoming item.

Dan in Saint Louis
October 1st, 2006, 03:42 PM
Mail from AOL's scomp address means that a member reported a message from you as spam. I suspect that AOL may be having a problem with forged sender addresses.
I suspect that is the case, but they do not reveal from what address the mail claims to have come. I have been unable to find any of my domain names or IP addresses any where in the bounce, so do they expect the domain owners to fix it? I think the real cause is that they stupidly rely on the names and ignore the numbers. Four are on their way to way as we speak.

Gary Maltzen
October 1st, 2006, 09:05 PM
Four are on their way to way as we speak.And is my head spinning from trying to sort out who sent what where...

I note that perfora.net and 1and1.com have the same registrant.

The ringling.org/enterpriseassoc.com mail appears to have been originally sent by 71.101.118.121 (verizon customer, tampa FL) -- but it appears that sender may access to credentials which they can use to send through smtp.perfora.net, just as you did.

Unfortunately I only have the last 55 of our AOL-scomp messages, all of which are after I registered a feedback address with AOL - so I can't tell how AOL determines the address to use when one isn't registered.

sidney
October 2nd, 2006, 09:19 AM
Phew! It wasn't just me. I have asked both AOL and Perfora (1and1.com) why I get over 100 of those each week, and they can't (won't) tell me either

I took a closer look at the four mails you sent me and I think I see a pattern there.

All of them consists of a bounce message to an address in a domain whose MX server is in perfora.net and which is configured to forward to an aol.com address. In other words, the bounce message goes to a perfora.net mail server and from there is sent to an aol.com mail address. That bounce message when received by the AOL mail server is rejected because of a blacklist, but AOL sends the reject message to your stlcc.info address.

The fourth message you sent me had a forged aol.com From address and was sent to an address handled by perfora.net. In that case perfora.net bounced it back to the aol.com address, so that is a different way of getting to the same result -- a perfora.net mail server sending a bounce message to an aol.com address.

Anway, it appears that when the AOL mail server sees a bounce message from the perfora.net mail server to any AOL address, it flags it as a spam and sends the TOS violation message to your stlcc.info address. It's as if somehow AOL has selected your address, which does have email handled by perfora.net, as being the one to send all perfora.net related blacklist messages.

Dan in Saint Louis
October 2nd, 2006, 09:46 AM
It's as if somehow AOL has selected your address, which does have email handled by perfora.net, as being the one to send all perfora.net related blacklist messages.
Gee, and all I ever did to them was say "Friends don't let friends do AOL".

sidney
October 3rd, 2006, 08:58 PM
Gary,

Is there a way to find out if some domain name is being blocked by AOL's mail servers? I know an acquaintence with the waccobb.net and waccobb.com domains who claims that mail from waccobb.net to AOL customers is being blocked. I don't know this person well enough to be asking for any favors on their behalf, but if it is easy to find out if their domain is on a blocklist, they would appreciate finding that out. They use sonic.net for their outgoing mail, and their mail servers are not specifically blocked. There is nothing about their domains listed on senderbase.org, surbl.org, nor on any of the 700 lists checked by http://www.moensted.dk/spam/

-- sidney

Gary Maltzen
October 3rd, 2006, 10:53 PM
Is there a way to find out if some domain name is being blocked by AOL's mail servers?I will check with a contact.

waccobb.{net,com} should register a TOS address with AOL; then they would know if AOL members are marking mail from them as spam. Our auction site gets an occasional SCOMP because someone who listed an item then reported the listing-expired notification as spam.

Gary Maltzen
October 4th, 2006, 03:04 PM
My contact reports that there don't appear to be any sonic.net mail servers on the AOL black-list.
As you can see mail from the waccobb.net *domain* is not blocked by AOL.
Return-Path: <bogosity@waccobb.net>
Received: from rly-mc06.mail.aol.com (rly-mc06.mail.aol.com [172.20.118.148]) by air-mc01.mail.aol.com (v112_r1.5) with ESMTP id MAILINMC13-6e245240359358; Wed, 04 Oct 2006 14:54:23 -0400
Received: from sccmmhc91.asp.att.net (sccmmhc91.asp.att.net [204.127.203.211]) by rly-mc06.mail.aol.com (v112_r1.5) with ESMTP id MAILRELAYINMC68-6e245240359358; Wed, 04 Oct 2006 14:54:17 -0400\
********
Message-ID: <45240359.1040609@waccobb.net> Date: Wed, 04 Oct 2006 13:54:17 -0500
From: Blocking Test <bogosity@waccobb.net>
User-Agent: Thunderbird 1.5.0.4 (X11/20060516) MIME-Version: 1.0
To: ********@aim.com
Subject: Test for Sydney
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-AOL-IP: 204.127.203.211
X-Mailer: Unknown (No Version)Could waccobb.net be adding some suffix/URL to the bottom of the message that has been associated with spam?

Dan in Saint Louis
October 8th, 2006, 09:03 PM
Anway, it appears that when the AOL mail server sees a bounce message from the perfora.net mail server to any AOL address, it flags it as a spam and sends the TOS violation message to your stlcc.info address. It's as if somehow AOL has selected your address, which does have email handled by perfora.net, as being the one to send all perfora.net related blacklist messages.
Exactly! And I think I have finally tracked down a good starting point.

AOL uses a "Feedback Loop" to allegedly counter spam. They list two of MY email addresses as the correct contacts for bounces associated with the perfora.net bounce server at 217.160.230.50, so I have been getting THEIR bounce reports!

The directions are at http://postmaster.aol.com/fbl/fblinfo.html. So visit that page, near the bottom find the paragraph Removing or changing a feedback loop, and click on the link "contact us (http://postmaster.aol.com/contact)".

That takes you to a page http://postmaster.aol.com/contact with a bold-faced phone number at the top. Call that number and the friendly support folk say they can't do anything about Feedback Loops! It's a loop, all right! (Endless loop: see "Loop, endless." Loop, endless: see "Endless loop.")

Is it any wonder that AOL is in trouble?

I have telephoned AOL at the number provided and, only after I showed them that their number was on the top of the "contact" page, they promised to kick the trouble ticket up to someone with the authority to deal with it.

Thanks, Gary and Sidney, for showing me the right track down which to charge.