dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
44

koitsu
MVM
join:2002-07-16
Mountain View, CA
Humax BGW320-500

koitsu to bigchris

MVM

to bigchris

Re: [Spam] Comcast reporting spam from my IP

said by bigchris:

Comcast will not provide you the logs or evidence of why you were blocked. Having worked at hotmail you can understand why, it's not only an issue of storing private information but also a question of subscriber base size. It would simply be impossible to provide that evidence for the size of user-base.

Comcast treat spam over any port with equal distaste, despite what the abuse rep said. However, with port 25 being open with no AUTH requirement it's significantly easier for a spammer to utilize that port rather than 587 or 465. The reason is obvious and it's that they need to know a valid username and password which requires a lot more work on their end.

Finally, you are probably right in the cause of the block. i.e. you were reported as sending spam.

Just move to 587 with AUTH (or 465 AUTH and SSL if you can).
*nod* Thanks for the clarification. I've migrated to prt 587 (postfix + Cyrus SASL for SMTP AUTH). Port 465 is a pain due to extra reliance on stunnel, since postfix doesn't natively support port 465 any longer.

An interesting experiment -- and I am not condoning or advocating this in any way, as it's shady -- would be to send Comcast some mails with forged Received: headers to see if they rely solely on the report, or if they do go back through SMTP server logs to correlate the claims.

bigchris
Do Not Shoot The Messenger
Premium Member
join:2002-04-29
Leesburg, VA

bigchris

Premium Member

I'm not going to comment on what we would or wouldn't do, but I guess I'd question why you'd want to bother with it. You now have a working solution so why mess with it.

odog
Minister of internet doohickies
Premium Member
join:2001-08-05
Atlanta, GA

odog to koitsu

Premium Member

to koitsu
Check your IP here

www.senderbase.org

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

NormanS

MVM

said by odog:

Check your IP here

www.senderbase.org
To what end? He is sending from his IP address only to the Comcast SMTP message submission server. Comcast is only going to be concerned with whether he is an authenticated Comcast user, and acting within the limitations of the Comcast Terms of Use. Message submission servers shouldn't care about that Senderbase data.

odog
Minister of internet doohickies
Premium Member
join:2001-08-05
Atlanta, GA
Nokia BGW320-505

odog

Premium Member

said by NormanS:

said by odog:

Check your IP here

www.senderbase.org
To what end? He is sending from his IP address only to the Comcast SMTP message submission server. Comcast is only going to be concerned with whether he is an authenticated Comcast user, and acting within the limitations of the Comcast Terms of Use. Message submission servers shouldn't care about that Senderbase data.
senderbase also gives a "score" about how much spam has been received from the particular IP. It more importantly will list if he is one of the large blacklists for whatever reason.

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

1 recommendation

NormanS

MVM

said by odog:

senderbase also gives a "score" about how much spam has been received from the particular IP. It more importantly will list if he is one of the large blacklists for whatever reason.
What does his IP address have to do with anything?!?!? He is sending through 'smtp.comcast.net'. The only thing which a gateway mail server should concern itself with is the IP address of 'smtp.comcast.net'. The Comcast user's IP address is not a part of the equation.

Look; just because I am running an MTA, doesn't meant my ISP IP address is connecting to gateway mail servers when I send out email. Neither his Comcast connection, nor my AT&T connection are a part of the equation! When we send through our respective ISP SMTP message submission servers, our IP addresses should be treated no different than any other users IP address while going through those servers.