Email sender getting spam message

Page may contain affiliate links. Please see terms for details.

Druk

Gone but not forgotten - RIP
Joined
May 28, 2004
Messages
5,300
Location
Not far from Edinburgh.
Car
2011 S212 E350CDi. 1981 R107 300TurboDiesel.
So this is a genealogist that I regularly communicate with in Germany. Last night she tried to send me a mail with a couple of small attachments and it came back at her that my email was a spam address. We've exchanged mails for the past four months without trouble and she sent me the refusal notice which came through and to which I successfully replied.

Any ideas why my addy should suddenly flag as a spam address? :dk:
 
So this is a genealogist that I regularly communicate with in Germany.

Ah, that old chestnut...

Her name doesn't start with Herrin by any chance does it :D.
 
@btinternet.com

aka Yahoo mail.

OK that's no problem, a lot of folks using shonky services such as 123-reg keep getting blacklisted. No blacklistings on btinternet.com at the moment

I do think that some antispam systems in germany are a bit over sensitive so a keyword in your email may have triggered something?
 
Are you sure of the facts? I have never seen an email rejection that says the person your sending to is a spam email. Most likely her email is getting rejected as being a possible spam. Have a look at the email headers as it may give a clue as to whats going on.

Feel free to PM me the headers for a quick look (more addresses for my spam list hehe)
 
Thanks. I've since had plain emails from her. The problem was when she tried to send me something with an attachment, then it kicked back to her with the 'can't deliver' message.

She then sent me this: "To: woerteragentur <[email protected]>
Subject: Re: Mail delivery failed: returning message to sender"

The docs in question have now been posted snail-mail but since there are hopefully a lot more to come it is a bit annoying. I suspect, as has been suggested, that the fault may lie at her end.
 
I find that as my work email address contains the word "associates", that some over-enthusiastic spam filters, etc block me.

Also had a problem a few years back when trying to send water sampling results by email because one of the items tested for was ****nic.
 
Thanks. I've since had plain emails from her. The problem was when she tried to send me something with an attachment, then it kicked back to her with the 'can't deliver' message.

She then sent me this: "To: woerteragentur <[email protected]>
Subject: Re: Mail delivery failed: returning message to sender"
A motorcycle club I'm involved with uses 1and1 as a hosting company, and for some reason or another their system intermittently identifies certain BT server IP addresses as being blacklisted (they're not) with the result that attempts to send to an email to BT Internet addresses sometimes, but not always, bounce back to the sender.

I just did a "whois" on the domain woerteragentur.com and it's hosted by guess who? That's right, 1and1.
 
A motorcycle club I'm involved with uses 1and1 as a hosting company, and for some reason or another their system intermittently identifies certain BT server IP addresses as being blacklisted (they're not) with the result that attempts to send to an email to BT Internet addresses sometimes, but not always, bounce back to the sender.

I just did a "whois" on the domain woerteragentur.com and it's hosted by guess who? That's right, 1and1.

Not sure how that works, there is no smtp mechanism to validate send to: domains. 1and1 will do a dns lookup for the MX record which will return a fqdn and then the dns lookup results in the destination IP.

Its the receiving server that has checks in place. 1and1 will make the connection to the server, the receiving server will then do a few checks, reverse dns to see if the claimed IP of the sender is valid and resolves, it may then check with DNS blocking servers to see if 1and1 IP is listed as a possible spam server / open relay, then they may check the SPF records to see if the IP address has a valid reverse dns and check if that dns host is listed as given authority to send emails from that IP.

If you read the RFC with regards to SMTP you will not find any references to the sending server having any decision as to whether it will deliver email.

I am prepared to be corrected.
 
A motorcycle club I'm involved with uses 1and1 as a hosting company, and for some reason or another their system intermittently identifies certain BT server IP addresses as being blacklisted (they're not) with the result that attempts to send to an email to BT Internet addresses sometimes, but not always, bounce back to the sender.

I just did a "whois" on the domain woerteragentur.com and it's hosted by guess who? That's right, 1and1.

I'll send that to Germany Phil. Seems a likely candidate pending Mark's input below.

Not sure how that works, there is no smtp mechanism to validate send to: domains. 1and1 will do a dns lookup for the MX record which will return a fqdn and then the dns lookup results in the destination IP.

Its the receiving server that has checks in place. 1and1 will make the connection to the server, the receiving server will then do a few checks, reverse dns to see if the claimed IP of the sender is valid and resolves, it may then check with DNS blocking servers to see if 1and1 IP is listed as a possible spam server / open relay, then they may check the SPF records to see if the IP address has a valid reverse dns and check if that dns host is listed as given authority to send emails from that IP.

If you read the RFC with regards to SMTP you will not find any references to the sending server having any decision as to whether it will deliver email.

I am prepared to be corrected.

This is also good except you have me baffled to the power of x10 :dk::( :D
 
This is also good except you have me baffled to the power of x10 :dk::( :D

in English. :)

The server that sends the email makes no checks as to the spam reputation of the destination.

The server that receives the email makes the spam checks.
 
Last edited:
If you read the RFC with regards to SMTP you will not find any references to the sending server having any decision as to whether it will deliver email.

I am prepared to be corrected.
My bad :eek:

You're right, it's one or more of the 1and1 servers that are blacklisted. For example, according to mxtoolbox.com, mout.kundenserver.de is currently on seven blacklists.

Thanks for your help and explanation :thumb:
 
So does any of this go anyways to explaining why an email from > to a known recipient gets bounced?





.
 
So does any of this go anyways to explaining why an email from > to a known recipient gets bounced?
It's not about the recipient per se, it's about the recipient's ISP checking the incoming message and finding that it has originated from, or been passed through, servers at the sender's ISP which are on a spam blacklist.

That some messages get through is possibly due to different messages being routed through different servers at the sender's ISP (there's nothing you or they can do to control that) and some are blacklisted while others aren't, or that your ISP didn't find any of the servers on a blacklist for whatever reason for a given message.

Unfortunately, there's not much you can do except ask the sender to take it up with their ISP (1and1) who are the owner of the blacklisted servers.
 
+As Phil says.

Also, she can check the bounce email she gets back as that may throw light on why your server rejected the email. Its true that IP do get added to the blacklist until the offender confirms they have cleared up the security hole that allowed spam to be sent. 1and1 like many hosting platforms will rent space to anyone if if they do not secure the email server, or run vulnerable services they are at risk of being attacked.
 
Last edited:
On a separate but loosely linked topic I have recently started receiving 50+ emails a day from what I can only describe as "ladies of the night" who want to do things with me!

Is there any simple way of stopping this please? Apple macbook, ipad and iphone user here. Thanks in advance and apologies for hijacking too.
 
On a separate but loosely linked topic I have recently started receiving 50+ emails a day from what I can only describe as "ladies of the night" who want to do things with me!

Is there any simple way of stopping this please? Apple macbook, ipad and iphone user here. Thanks in advance and apologies for hijacking too.

really, care to send me their details :)

Theres not much you can do other than report them to your own ISP and ask why the spam rules in place do not work, and report them to the ISP of the originating IP.

More info here from one of the spam blocking sites that many ISP use to verify sender reputation.
DNSBL Information - How to Report Spam
 
Mark Hi

Happy to do that so pm me your email address;-)

Thanks for the info and will give that a try.

Cheers

Mike
 

Users who are viewing this thread

Back
Top Bottom