Marotti.com, guilty until proven innocent - Slashdot

Follow Slashdot blog updates by subscribing to our blog RSS feed

×

Journal FortKnox's Journal: Marotti.com, guilty until proven innocent 10

Journal by FortKnox on Thursday May 22, 2003 @02:46PM

My server is getting the ass end of a spam cleanup. If you try to email me, roadrunner sees it comes from marotti.com and bounces it. I tried contacting roadrunner. I got ignored.

Anything like this happen to anyone else? I don't have ftp, nor telnet open, and relaying off. There is no way my server is being used by a spammer (but probably someone around my ip did, and I'm gettin screwed cause of it).

Any ideas on what to do?

This discussion has been archived. No new comments can be posted.

Marotti.com, guilty until proven innocent

Load All Comments

Search 10 Comments Log In/Create an Account

Comments Filter:

I've Delt w/ RR Before (Score:3, Interesting)

by The Turd Report ( 527733 ) writes: <the_turd_report@hotmail.com> on Thursday May 22, 2003 @02:59PM (#6017425) Homepage Journal

They don't give a rats ass. What IP is being blocked? I can search all the public DNSbls and see if you are listed in some larger blocks. Some BLs will list /20 networks and larger, so you might be caught up in that. Or, RR has you listed as a dynamic IP pool. Your best bet is to get the people you are emailing on RR to bitch to them about not getting their legit mail. A paying customer might have more luck. Or, you can forward your mail via a smarthost/you ISP's MX.

Share
twitter facebook
Phone them (Score:2)

by aridhol ( 112307 ) writes:

Stay on the line. Ask to escalate the call, until you talk to somebody who can help. Odds are, the first person you talk to will be trained to deflect your call.
If you can't get anything through the tech line, call management. If you can't get anything there, call legal. You are paying for a service, and they are denying it.
- Re:Phone them (Score:2)
  
  by aridhol ( 112307 ) writes:
  
  Sorry to reply to my own post.
  Is RoadRunner supplying your connection? If not, then disregard my previous reply.
- The art of TURBOing (Score:2)
  
  by mekkab ( 133181 ) writes:
  
  Learn to turbo- [macwhiz.com]
  
  call the VP (or president) of customer relations as the ultimate escalation.
Eh? (Score:2)

by bedessen ( 411686 ) writes:

How is rr blocking incoming mail? Either they block port 25 inbound or they let it though, I don't see how they would be able to do anything more than that, and it sure looks to me like they're not blocking the port:

Validation results Success canonical address: <hostmaster@marotti.com> MX records preference exchange IP address (if included) 5 marotti.com [65.29.213.72] SMTP session [Contacting marotti.com [65.29.213.72]...] [Connected] 220 xerxes.marotti.com ESMTP Sendmail 8.11.3/8.11.3/SuSE Linux 8.11.1
- Re:Eh? (Score:2)
  
  by bedessen ( 411686 ) writes:
  
  On further reflection I think I understand what you meant -- you relay through RR's smarthost and up until now it accepted mails with FROM: marotti.com fine, but now it won't? It that it? In that case you need to make sure you're authenticating with the server before sending, usually this is done with pop-before-send, or with SSL/TLS. If that still won't work then you can run a smtp server on your local machine and instead of relaying, just deliver directly. This will work most of the time, the problem
What type of blocking? (Score:2)

by turg ( 19864 ) * writes:

marotti.com seems to be hosted in RoadRunner's own IP block, so I'm guessing it's not an IP-based blacklist (or they'd terminate the spammer rather than blocking). What exactly are you experiencing that makes you say that the mail is blocked?
Have you got residential or business service from RoadRunner? If residential, do they allow you to run servers? When I used RoadRunner, the user agreement prohibitted servers of any sort. If this is the case for you, it would explain why they are blocking your mail-serv
Possible header faking? (Score:2)

by sielwolf ( 246764 ) writes:

It is quite possible that some spammer was faking your email as the sending address in his spam. Said spammer hits enough servers and RR goes after them, hitting you. This somewhat happened to me at school: a spammer would spam other school students using on campus student email.

Of course the school's blocking policy was more sophistocated than what RR seems to be doing to you.
The error message (Score:2)

by turg ( 19864 ) * writes:

Here's the error message I get when I try to send you mail:

(reason: 550 5.7.1 Mail Refused - 65.29.213 - See http://security.rr.com/mail_blocks.htm#security - 20030518)

So it's not based on FK's e-mail address, or port blocking as others have suggested. The explanation at that URL also rules out a DNSBL. It says that RR themselves have either found a security issue with the machine at that IP (open relay/proxy is given as an example) or are experiencing an ongoing attack from that machine.
My guess is still
- Re:The error message (Score:2)
  
  by turg ( 19864 ) * writes:
  
  Also, what makes you think this has something to do with spam? Have they said something to that effect? (If it's just the front-line phone reps, I wouldn't put too much faith in their interpretation of the situation)

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

To the systems programmer, users and applications serve only to provide a test load.