Yes. Major email providers like gmail.com and Microsoft generally look at the number of authentications per hour for email sent from "foreign networks" so if you were relaying outbound mail via live.com or gmail.com or whatever, unless you were relaying hundreds to thousands of emails an hour, they wouldn't assume you were spamming.
But Comcast, well they try. They are definitely better than many other ISP's when it comes to email, but the reality is that ISP's first and foremost are connectivity companies and to them, email is a cost center. The main reason they even offer it is because of historical reasons, "back in the day" when ISP's were dialup, they regarded the [email protected] email address as a way of convincing customers to not shift to another dialup provider. Most young people getting online these days use a gmail or whatever email address and eschew the ISP email address, because they are accessing email via cell phones mostly. Some of them don't even have an Internet connection they tether to their phones on an unlimited data cell plan. And the free email providers use marketing data gathered from scanning emails that flow through their mailservers to generate revenue to pay for the servers, and the ISP's like comcast/Verizon/etc don't have enough customers to make that worthwhile. Ted -----Original Message----- From: PLUG <[email protected]> On Behalf Of [email protected] Sent: Sunday, February 11, 2024 8:22 PM To: 'Portland Linux/Unix Group' <[email protected]> Subject: Re: [PLUG] limited access to send emails based on suspicious activity Yep, Ted. Your translations are on the mark. It's working now, just a blip when it wasn't. It mostly works, except when it doesn't. I live on the Coast and have Spectrum as my ISP but I still use my comcast email thru Thunderbird. And so my Thunderbird is configured to contact the comcast server even when I am on the Internet via Spectrum. So it is most likely your first translation, I think? -Mark -----Original Message----- From: PLUG <[email protected]> On Behalf Of Ted Mittelstaedt Sent: Saturday, February 10, 2024 11:15 AM To: 'Portland Linux/Unix Group' <[email protected]>; [email protected] Subject: Re: [PLUG] limited access to send emails based on suspicious activity Mark, If you sent this message using [email protected] from your Thunderbird account then your T-bird is likely configured to login to Comcast and make an auth-SMTP connection to it. So in that case the error message would be coming from Comcast's mailserver, it is essentially saying "Hey man you aren't using an IP that Comcast handed out to one of it's customers, so your a cracker who stole one of our customer's email address credentials and are using it to relay spam through our mailserver. So go eff off" Now if you were sending using something like [email protected], then you would have been relaying mail through Spectrum's mailserver and the error message would be coming from Spectrum. In which case the translation of the error message is as follows: "Hey man you are attempting to send an email from a spectrum.net email address through a spectrum.net mailserver but unfortunately the administrators of the spectrum mailserver were too busy smoking dope to bother to put the list of spectrum IP addresses that they hand out to their customers into their own mailserver, so the mailserver thinks EVERYONE on the Internet - including it's own customers - are spammers. Here's a ChatGPT bot that you can play with to make yourself feel good while our admins smoke another bowl before getting around to fixing this" Hope that explains it. Ted -----Original Message----- From: PLUG <[email protected]> On Behalf Of [email protected] Sent: Monday, February 5, 2024 5:55 PM To: [email protected] Subject: [PLUG] limited access to send emails based on suspicious activity Does anyone know what this means? I am using Thunderbird on Ubuntu LTS. I got this message: <start> Sending of the message failed. An error occurred while sending mail. The server responded: impout008.msg.chrl.nc.charter.net cmsmtp <this was my IP address, the DHCP address assigned to me by Spectrum?) blocked. Please see <https://www.spectrum.net/support/internet/understanding-email-error-codes> https://www.spectrum.net/support/internet/understanding-email-error-codes for more information. AUP#Out-1020. <end> The referenced site describes AUP#Out-1020 as <start> This email account has limited access to send emails based on suspicious activity. Blocks will expire based on the nature of the activity. If you're a Spectrum customer, <https://www.spectrum.net/contact-us> contact us to remove the block. <end> What is that "suspicious activity"? Is there anything I can do to find out what it is? Do I need to be worried about this? The "contact us" is just the Spectrum chat, which is unhelpful. If I talk to an agent, she says that they cannot help me and that I must contact Spamhaus. Spamhaus tells me on their site that if I do not have my own mail server (I do not), my ISP (Spectrum) must provide a request to unblock. Spectrum says they cannot help and I must follow Spamhaus directions (which are to contact my ISP). It appears that I am stuck in circular logic here. What's curious here though is that the IP address listed in the error message is my personal DHCP address provided by Spectrum, not the IP address of the Spectrum server. That seems strange because I do not run a mail server. My email should appear to come from the IP address of the Spectrum mail server. I once had a Spectrum engineer tell me that "all residential IPs are dynamic which are automatically listed on some blacklists. It is completely normal and would only cause issues if you are trying to host your own mail server, not just sending email through IMAP and it would definitely not stop anything from being sent through webmail. This would impact all of our residential customers if it were the case." Spectrum tells me they cannot change my IP address. But it is DHCP? Why can't they just terminate my DHCP lease and renew it with a different address? If I locally kill my DHCP lease, and renew it, I just get the very same IP address again, not a new one. -Mark
