On 18.12.2024 06:41 Scott Q. wrote: > Our IP is on Level 1 but the problem is we can't identify which > user / e-mail caused us to get listed. It's probably a compromised > account. > > They say to look for logs +/- 1 minute around a certain time but > that's a lot of failures to go through.
You have to do that to identify this user. Can you get the destination MX from your log? If so, check for their domains and others used by them. Can you grep for uce? Maybe they use such error messages, IIRC I read about that, but can't find the source anymore Some people created a hate website and posted the domains of their traps. u c e p r o t e c t . w t f Remove the spaces here if you want to visit. You can then grep for them in your log. > I quickly filtered some but it's really not easy to identify which one > might be the culprit as none seem like Spam / spamtraps to me. How many are this? Are those really legitimate mails? > They seem to be geared more towards real spammers and have no facility > to work with e-mail providers to actually find the cause and help fix > it. Indeed, they could list the Message-ID on their website. That would make it much easier. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
