Hi, I was curious and wanted to see what the confirmation message looks like
that is supposed to be sent in response to abuse report replies to ensure that
it's a human and not just a bot. So I sent myself a message from containing an
email address in a domain of mine and "LARTed" it.
That domain had two contacts listed at abuse.net, and the report went to both of
them -- one is on a shell account and the other (abuse@domain) is forwarded to
my POP3 mailbox at home.
When I received the report at my shell account, I composed a reply and sent it
back; the address was <report number>@reports.spamcop.net. However, this bounced
with the following message:
[EMAIL PROTECTED]:
SMTP error from remote mailer after RCPT TO:
<[EMAIL PROTECTED]>:
host julianhaight.com [207.12.88.58]:
550 5.7.1 <[EMAIL PROTECTED]>... Relaying denied. IP name look
failed [xx.xx.xx.xx]
Hm, strange, I thought. OK, my web hoster (who also provides the shell account)
doesn't do reverse DNS, for reasons apparently known only to themselves. So
while the sending hostname maps to an IP address, you can't get back the
hostname from the IP address. Still, such clueless configuration should not be
reason to reject a report, in my opinion.
But I also got the report at home, so I tried replying to that. This time, the
error message was:
<[EMAIL PROTECTED]>:
207.12.88.58 does not like recipient.
Remote host said: 550 5.7.1 <[EMAIL PROTECTED]>... Relaying denied
Giving up on 207.12.88.58.
What the heck? 207.12.88.58 is, apparently, julianhaight.com. And
julianhaight.com is the mail exchanger for reports.spamcop.net:
$ host reports.spamcop.net
reports.spamcop.net mail is handled (pri=10) by julianhaight.com
So julianhaight.com is not being asked to relay the message (at least, not from
my point of view) -- it's the mail exchanger and should simply accept it.
Then I tried telnetting to julianhaight.com's SMTP port to see the reponse for
myself. The conversation went like this:
220 sam.julianhaight.com ESMTP Sendmail 8.10.0/8.10.0; Sat, 5 May 2001 01:13:56
-0400
EHLO world
250-sam.julianhaight.com Hello xxxxxxxxx.xxxx.xxxxxxx.xxxxxx.xx [xxx.xx.xx.xxx],
pleased to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250 HELP
MAIL FROM:<[EMAIL PROTECTED]>
250 2.1.0 <[EMAIL PROTECTED]>... Sender ok
RCPT TO:<[EMAIL PROTECTED]>
550 5.7.1 <[EMAIL PROTECTED]>... Relaying denied
RSET
250 2.0.0 Reset state
QUIT
221 2.0.0 sam.julianhaight.com closing connection
Hm, still relaying denied. I thought this might be due to the fact that I sent
this straight from a dialup, so I tried it from another machine (this time even
giving the name of the machine in the EHLO):
$ telnet julianhaight.com 25
Trying 207.12.88.58...
Connected to julianhaight.com.
Escape character is '^]'.
220 sam.julianhaight.com ESMTP Sendmail 8.10.0/8.10.0; Sat, 5 May 2001 01:14:51
-0400
EHLO xxxxxxxx.xxxxxxx.xx.xx
250-sam.julianhaight.com Hello xxxxxxxx.xxxxxxx.xx.xx [xxx.xx.xx.xxx], pleased
to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250 HELP
MAIL FROM:<[EMAIL PROTECTED]>
250 2.1.0 <[EMAIL PROTECTED]>... Sender ok
RCPT TO:<[EMAIL PROTECTED]>
550 5.7.1 <[EMAIL PROTECTED]>... Relaying denied
RSET
250 2.0.0 Reset state
QUIT
221 2.0.0 sam.julianhaight.com closing connection
Connection closed by foreign host.
Still the same thing!
Now if someone impersonates my domain and I get a SpamCop report, how am I
supposed to respond to it if all my attempts at replying bounce with "Relaying
denied"?
Cheers,
Philip
_______________________________________________
SpamCop-List mailing list
[EMAIL PROTECTED]
http://news.spamcop.net/mailman/listinfo/spamcop-list
