Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Marotti.com, guilty until proven innocent

FortKnox (169099) writes | more than 11 years ago

User Journal 10

My server is getting the ass end of a spam cleanup. If you try to email me, roadrunner sees it comes from marotti.com and bounces it. I tried contacting roadrunner. I got ignored.

Anything like this happen to anyone else? I don't have ftp, nor telnet open, and relaying off. There is no way my server is being used by a spammer (but probably someone around my ip did, and I'm gettin screwed cause of it).My server is getting the ass end of a spam cleanup. If you try to email me, roadrunner sees it comes from marotti.com and bounces it. I tried contacting roadrunner. I got ignored.

Anything like this happen to anyone else? I don't have ftp, nor telnet open, and relaying off. There is no way my server is being used by a spammer (but probably someone around my ip did, and I'm gettin screwed cause of it).

Any ideas on what to do?

cancel ×

10 comments

Sorry! There are no comments related to the filter you selected.

I've Delt w/ RR Before (2, Interesting)

The Turd Report (527733) | more than 11 years ago | (#6017425)

They don't give a rats ass. What IP is being blocked? I can search all the public DNSbls and see if you are listed in some larger blocks. Some BLs will list /20 networks and larger, so you might be caught up in that. Or, RR has you listed as a dynamic IP pool. Your best bet is to get the people you are emailing on RR to bitch to them about not getting their legit mail. A paying customer might have more luck. Or, you can forward your mail via a smarthost/you ISP's MX.

Phone them (1)

aridhol (112307) | more than 11 years ago | (#6017435)

Stay on the line. Ask to escalate the call, until you talk to somebody who can help. Odds are, the first person you talk to will be trained to deflect your call.

If you can't get anything through the tech line, call management. If you can't get anything there, call legal. You are paying for a service, and they are denying it.

Re:Phone them (1)

aridhol (112307) | more than 11 years ago | (#6017464)

Sorry to reply to my own post.

Is RoadRunner supplying your connection? If not, then disregard my previous reply.

The art of TURBOing (1)

mekkab (133181) | more than 11 years ago | (#6018623)

Learn to turbo- [macwhiz.com]

call the VP (or president) of customer relations as the ultimate escalation.

Eh? (1)

bedessen (411686) | more than 11 years ago | (#6017632)

How is rr blocking incoming mail? Either they block port 25 inbound or they let it though, I don't see how they would be able to do anything more than that, and it sure looks to me like they're not blocking the port:
Validation results
Success

canonical address: <hostmaster@marotti.com>

MX records preference exchange IP address (if included)
5 marotti.com [65.29.213.72]
SMTP session

[Contacting marotti.com [65.29.213.72]...]
[Connected]
220 xerxes.marotti.com ESMTP Sendmail 8.11.3/8.11.3/SuSE Linux 8.11.1-0.5; Thu, 22 May 2003 12:19:06 -0400
EHLO Network-Tools.com
250-xerxes.marotti.com Hello [66.46.181.116], pleased to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SI ZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250 HELP
NOOP *** See <http://www.hexillion.com/MailAdmin/> for an explanation of this session
250 2.0.0 OK
NOOP *** HexValidEmail COM 1.2 <cb2dc578f9be810f7d54402a66c0b818418f456f>
250 2.0.0 OK
RSET
250 2.0.0 Reset state
VRFY hostmaster
252 2.5.2 Cannot VRFY user; try RCPT to attempt delivery (or try finger)
RSET
250 2.0.0 Reset state
EXPN hostmaster
502 5.7.0 Sorry, we do not allow this operation
RSET
250 2.0.0 Reset state
MAIL FROM:<admin@Network-Tools.com>
250 2.1.0 <admin@Network-Tools.com>... Sender ok
RCPT TO:<hostmaster@marotti.com>
250 2.1.5 <hostmaster@marotti.com>... Recipient ok
RSET
250 2.0.0 Reset state
QUIT
221 2.0.0 xerxes.marotti.com closing connection
[Connection closed]


Now, outgoing mail sent FROM your computer, that's a different issue. If you find recipients bouncing messages that you are sending (assuming you are sending directly and not using RR's smarthost), then you should expect to get bounced from sites that use use a DNSBL to block dialup/dynamically assigned IP ranges. As you can see here, you're on a couple of those. [openrbl.org] But that's normal, and most admins would say that mail should not be coming from such netblocks, that you should relay through you're ISP's smarthost instead. I find that the number of times this is an issue is few.

Re:Eh? (1)

bedessen (411686) | more than 11 years ago | (#6017712)

On further reflection I think I understand what you meant -- you relay through RR's smarthost and up until now it accepted mails with FROM: marotti.com fine, but now it won't? It that it? In that case you need to make sure you're authenticating with the server before sending, usually this is done with pop-before-send, or with SSL/TLS. If that still won't work then you can run a smtp server on your local machine and instead of relaying, just deliver directly. This will work most of the time, the problem is sites that block dynamic/cable modem IP ranges as I mentioned above. In these cases you'll need to relay. In a bind you could always set the From: to whatever appeases RR's server, and put your marotti.com address in the Reply-To.

What type of blocking? (1)

turg (19864) | more than 11 years ago | (#6017920)

marotti.com seems to be hosted in RoadRunner's own IP block, so I'm guessing it's not an IP-based blacklist (or they'd terminate the spammer rather than blocking). What exactly are you experiencing that makes you say that the mail is blocked?

Have you got residential or business service from RoadRunner? If residential, do they allow you to run servers? When I used RoadRunner, the user agreement prohibitted servers of any sort. If this is the case for you, it would explain why they are blocking your mail-server. You could solve this by either paying for RoadRunner business service, or getting the domain hosted elsewhere.

Possible header faking? (1)

sielwolf (246764) | more than 11 years ago | (#6018268)

It is quite possible that some spammer was faking your email as the sending address in his spam. Said spammer hits enough servers and RR goes after them, hitting you. This somewhat happened to me at school: a spammer would spam other school students using on campus student email.

Of course the school's blocking policy was more sophistocated than what RR seems to be doing to you.

The error message (1)

turg (19864) | more than 11 years ago | (#6018723)

Here's the error message I get when I try to send you mail:

(reason: 550 5.7.1 Mail Refused - 65.29.213 - See http://security.rr.com/mail_blocks.htm#security - 20030518)
So it's not based on FK's e-mail address, or port blocking as others have suggested. The explanation at that URL also rules out a DNSBL. It says that RR themselves have either found a security issue with the machine at that IP (open relay/proxy is given as an example) or are experiencing an ongoing attack from that machine.

My guess is still that, if you are hosting the marotti.com server off of RR's residential service, the "security" issue is that you are running a server at all.

Re:The error message (1)

turg (19864) | more than 11 years ago | (#6019212)

Also, what makes you think this has something to do with spam? Have they said something to that effect? (If it's just the front-line phone reps, I wouldn't put too much faith in their interpretation of the situation)
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>