OT: MailFrontier

[Kelson]

Is anyone here familiar with MailFrontier?  I got a message from them on 
Tuesday claiming they'd seen a lot of spam from our mail server's IP 
address, and that they have "marked this IP in [their] central database 
to protect [their] customers."  Following it was a list of hash values 
and report times which, unfortunately, are completely useless when it 
comes to checking our logs to see if the mail even came from us, never 
mind figuring out whether we've got a rogue user sending spam, or a 
backup MX or forwarding customer receiving spam, or bogus reports.

Meanwhile, we've been getting complaints about spam which, on analysis, 
clearly contains forged Received headers.  They have our IP but the 
wrong HELO, and no or wrong reverse DNS...and of course they don't show 
up in our logs.  So we know spammers are out there forging our IP 
address.  (Why ours?  I have no idea.  Probably the same reason they 
like forging our domain name and sending us 90,000 bounces a day.)

Anyway, since I can't answer the "charges" witout additional info (which 
they were unwilling or unable to give me) I asked them some follow-up 
questions on Wednesday morning, but they haven't replied.  These boiled 
down to: Which IP addresses do they extract from a message?  Do they 
block by IP or just use it as part of a more complex system?  If they 
block mail, to they discard it silently or reject it in SMTP?

Unfortunately, I suspect they may have silently discarded my questions.
Does anyone here know more about them, or have any suggestions on what 
to do next?

--
Kelson Vibber
SpeedGate Communications <www.speed.net>