CurtPalme.com Home Theater Forum

[kal]

Register to remove this ad. It's free!

Well this sucks. Normally I wake up to around 100+ emails in my hotmail account from overnight as I get copies of all emails to sent anything @curtpalme.com. This morning I had 3. So I knew something was up....

It would seem that Hotmail (and possibly others) have blacklisted curtpalme.com. All mail sent from curtpalme.com is being rejected by Hotmail (and possibly others). Ack! This is not good.

Here's an example where the email HomeTheaterExperts@curtpalme.com is simply a forwarder to 3 or 4 different accounts including my kal_______@hotmail.com account:

[kal]

Register to remove this ad. It's free!

Well this sucks. Normally I wake up to around 100+ emails in my hotmail account from overnight as I get copies of all emails to sent anything @curtpalme.com. This morning I had 3. So I knew something was up....

It would seem that Hotmail (and possibly others) have blacklisted curtpalme.com. All mail sent from curtpalme.com is being rejected by Hotmail (and possibly others). Ack! This is not good.

Here's an example where the email HomeTheaterExperts@curtpalme.com is simply a forwarder to 3 or 4 different accounts including my kal_______@hotmail.com account:

[Kiev Savoie]

I knew something was going on! my hotmail account stopped accepting them about two weeks ago.

[kal]

No, this has only been going on for about 5 hours now.

Some more information. Looks like just about every automatic spam filter in the world's probably blocking us now.
Here are some examples:

http://cbl.abuseat.org

IP Address XXX.XXX.XX.X is currently listed in the CBL.
It was detected at 2009-07-29 10:00 GMT (+/- 30 minutes), approximately 5 hours, 30 minutes ago.
ATTENTION: At the time of detection, this IP was infected with, or NATting for a computer infected with a high volume spam sending trojan - it is participating or facilitating a botnet sending spam or spreading virus/spam trojans.

http://www.us.sorbs.net

Address and Port: XXX.XXX.XX.X
Record Created: Tue Jul 28 05:34:33 2009 GMT
Record Updated: Tue Jul 28 16:07:06 2009 GMT
Additional Information: Spam Sending Trojan or Proxy attempted to send mail from/to from=<playboy116@aol.com> to=<doyle@paticipating.domain> proto=smtp helo=<sded4.atcihosting.com>
Currently active and flagged to be published in DNS
If you wish to request a delisting please do so through the Support System.


Crap!

Kal

[kal]

No, this has only been going on for about 5 hours now.

Some more information. Looks like just about every automatic spam filter in the world's probably blocking us now.
Here are some examples:

http://cbl.abuseat.org

IP Address XXX.XXX.XX.X is currently listed in the CBL.
It was detected at 2009-07-29 10:00 GMT (+/- 30 minutes), approximately 5 hours, 30 minutes ago.
ATTENTION: At the time of detection, this IP was infected with, or NATting for a computer infected with a high volume spam sending trojan - it is participating or facilitating a botnet sending spam or spreading virus/spam trojans.

http://www.us.sorbs.net

Address and Port: XXX.XXX.XX.X
Record Created: Tue Jul 28 05:34:33 2009 GMT
Record Updated: Tue Jul 28 16:07:06 2009 GMT
Additional Information: Spam Sending Trojan or Proxy attempted to send mail from/to from=<playboy116@aol.com> to=<doyle@paticipating.domain> proto=smtp helo=<sded4.atcihosting.com>
Currently active and flagged to be published in DNS
If you wish to request a delisting please do so through the Support System.


Crap!

Kal

[AnalogRocks]

Ohh boy...how do we get around this one?

[AnalogRocks]

Ohh boy...how do we get around this one?

[Kiev Savoie]

so if it hasn't already, this trend will likely take hold on other email services as well?

[kal]

Yes.

I've opened a ticket with my hosting company. There's probably hole to plug or something and then (from what I understand) you automatically get removed from the blacklists within 24 hours.

So this means that most email from @curtpalme.com won't get to the recipient until it's fixed.

Kal

[kal]

Yes.

I've opened a ticket with my hosting company. There's probably hole to plug or something and then (from what I understand) you automatically get removed from the blacklists within 24 hours.

So this means that most email from @curtpalme.com won't get to the recipient until it's fixed.

Kal

[Curt Palme]

Looks like hotmail went on a rampage. I don't get Facebook updates to my hotmail account either, that happened about 2 weeks ago. I thought it was something that Facebook did, but I guess from what I'm reading here, hotmail is at fault.

[Curt Palme]

Looks like hotmail went on a rampage. I don't get Facebook updates to my hotmail account either, that happened about 2 weeks ago. I thought it was something that Facebook did, but I guess from what I'm reading here, hotmail is at fault.

[TheVerge]

make sure you have open relays turned off on your mail server... assuming it isn't hosted somewhere.

[lexx21]

Absolutely right Verge. If you guys are running on a Unix box, I can help with that if you like.

[k.berger]

Kal, do you use your hosting service SMTP server? Than it's their problem really... If that's the case, besides letting them know, and requesting fix (which you have done already), ask them to configure your own SMTP server, like mail.curtpalme.com. Make sure they set MX record correctly, a lot of services will NOT "deal" with Domain Records without MX record. Your SMTP server will have different, new IP address, so it will be clean.

Kris

[kal]

[kal]

[emdawgz1]

[kal]

For some of you tech gurus, our server IP is 206.225.23.5. Server is sded4.atcihosting.com.

Take a look at this security report on our server: http://www.senderbase.org/senderbase_queries/detailip?search_string=206.225.23.5

It links to some of the DNS-based block lists out there have blocked us and why:

http://spamcop.net/w3m?action=checkblock&ip=206.225.23.5
http://www.sorbs.net/lookup.shtml?206.225.23.5
http://cbl.abuseat.org/lookup.cgi?ip=206.225.23.5

Anyone have any hints as to what I can or should be doing or asking my host to do?
Remember that this is a managed service. I don't have root access, only control panel access to set up POP accounts or to set up email forwarders.

Thanks guys!

Kal

[kal]

For some of you tech gurus, our server IP is 206.225.23.5. Server is sded4.atcihosting.com.

Take a look at this security report on our server: http://www.senderbase.org/senderbase_queries/detailip?search_string=206.225.23.5

It links to some of the DNS-based block lists out there have blocked us and why:

http://spamcop.net/w3m?action=checkblock&ip=206.225.23.5
http://www.sorbs.net/lookup.shtml?206.225.23.5
http://cbl.abuseat.org/lookup.cgi?ip=206.225.23.5

Anyone have any hints as to what I can or should be doing or asking my host to do?
Remember that this is a managed service. I don't have root access, only control panel access to set up POP accounts or to set up email forwarders.

Thanks guys!

Kal

[k.berger]

Kal, IP 206.225.23.5 = sded4.atcihosting.com. Apparently you are using their (hosting company) SMTP server.
curtpalme.com has IP 206.225.23.181.
If you hosting company can set-up your own SMTP server, it will have this IP address.
You can check if you have MX record by going to your DNS record, wherever it is registered.

Kris

[kal]

Hi Kris,

Domains are registered at GoDaddy.com but they all use name servers of my host:

Nameservers: (Last Update 10/21/2007)
NS1.ATCIHOSTING.COM
NS2.ATCIHOSTING.COM

So I don't see how I can change the MX record. At least the GoDaddy control panel doesn't have any for it. There's the "Total DNS" entries which are blank because it says "Not hosted here" and the "TLD Specific" entries which say N/A.

Am I correct in understanding that the MX record must updated by the host then? I have no control over it?

Is there a way to check to see if it exists? (Some online tool?)

Kal

[kal]

Hi Kris,

Domains are registered at GoDaddy.com but they all use name servers of my host:

Nameservers: (Last Update 10/21/2007)
NS1.ATCIHOSTING.COM
NS2.ATCIHOSTING.COM

So I don't see how I can change the MX record. At least the GoDaddy control panel doesn't have any for it. There's the "Total DNS" entries which are blank because it says "Not hosted here" and the "TLD Specific" entries which say N/A.

Am I correct in understanding that the MX record must updated by the host then? I have no control over it?

Is there a way to check to see if it exists? (Some online tool?)

Kal

[draganm]

hey what does this have to do with CRT's?
It's ironic hotmail has blocked you guys since 99% of the phishing scams come from hotmail or yahoo mail.

[sdumas]

You have to go at mail-abuse.com and request a removal from their list.

http://www.mail-abuse.com/removereq.html

Hope this helps.

[sdumas]

Ohh - I forgot - it takes a few days...

That's the beautiful world of RBLs...

[kal]

[kal]

[k.berger]