Re: OT: The list posting issues

The link posted in a previous email does provide the information on why the IP address was listed, and how to get it delisted.

The IP address in question attempted to deliver email to spamtraps, also known as honeypots. They link to the Wikipedia article, but basically honeypots are systems, email addresses, whatever set up to deliberately catch the kind of brute-force spam attack employed by some spammers. If a mail server attempts to deliver email to these addresses, they get blacklisted.

The service provides a date and time stamp for the mail server admins to investigate the sender. In this case, there were two attempts to deliver at 20:57 CET on Feb 22. If the mail server stops trying to deliver email to the spamtraps, then the mail server will automatically be removed from the blacklist on Feb 29 at 22:00 CET.

The mail server admins need to check the server logs, find out who was sending messages to the spamtraps, and see if there are indeed spammers operating from that server. If I was running the server, I would do a grep on the appropriate log file using the date and time. The 5xx error codes should be fairly easy to see, assuming that the mail server is properly configured (e.g., using NTP to standardize date / time, logging appropriate information, etc.).

If the server admins are either unwilling or unable to follow through with those actions, then there is a problem with the server administration that should be addressed. I will admit that the $116 charge for express delisting strikes me as a bit of a money grab, but it takes time and effort to run these services. Spam is a huge problem - bigger than most people realize. There may be a language issue here, since the the only languages for the UCEProtect pages appear to be DE and EN. Still, the concepts listed should be familiar to anyone responsible for running a mail server on the Internet.

I am not connected with UCEProtect or with the administrators of this list. As someone who has been responsible for running mail servers, I was intrigued by the idea of a blacklist service that didn't provide information on getting an IP address removed from the list. While they appear to be on the strict side of things, they do provide sufficient information to investigate further.


On 23/02/2012 11:31 PM, Andrey Repin wrote:
Greetings, Michael Ross!

It would appear this has happened to your email address. As I understand it
your email address has been harvested and used to send spam to the mailing
This has nothing to do with email ADDRESS, for last time.
It's my provider's mail server IP that got blocked.
And UCEProtect do not offer any tools to find a reason for such block,
therefore, even when my provider is certainly eager to cut spammers away from
the service, there's nothing they can do about it without information.

If you investigate the UCEProtect website they explain how you can combat
the harvesting and use of your email address.
1. Does not apply. This situation have nothing to do with my address.
2. Everything they explain boils down to "whatever, just deal with it".

No one can do this for you, you have to undertake the solution on your own.
Yeah. One solution I see right now is to stop posting into list, as it
becoming increasingly troublesome. (Though i'm not posting that much anyway.)

Are you aware of a an anti-spam method that would work better than
UCEProtect isn't the "method". Method is DNSBL/RBL, and that's what UCEProtect
offer as a service. And they are not the only one company offering that
service in the internet. I'm quite sure of that.

Andrey Repin (anrdaemon freemail ru) 24.02.2012,<08:55>

Sorry for my terrible english...

dia-list mailing list
dia-list gnome org
FAQ at
Main page at

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]