Spam tsunami

pvmb · ‎12-02-2014

@M-M wrote:

Yes and enmail.co should have blocked it as a it comes from a blacklisted mailserver instead it forwards to plusnet. Plusnet should blacklist enmail.co servers, which I did i.e. reported to spamhaus.

But who says it is coming from a blacklisted "mailserver"? It's apparently coming from an IP address, in a domain belonging to Uzbektelecom. It is for them to deal with spammers originating within their control. You could try contacting them directly.

% Abuse contact for '198.163.193.0 - 198.163.193.255' is 'email@bkm.uz'

Also note the sender is using a spoofed, possibly valid, Plusnet email address. It seems impractical for a mailer to block every single IP address spam has ever been sent from - even if practicable it could end up with very many individuals unable to send out any emails! This is surely done on a domain basis. Which brings us back to the topic of people on Plusnet accounts unable to send messages to other people.

Received: from [198.163.193.190] (unknown [198.163.193.190])
by mail.enmail.co (Postfix) with ESMTP id DC570C0049
for <user@lastname.plus.com>; Sun, 3 May 2026 07:51:17 +0000 (UTC)
Authentication-Results: mail.enmail.co;
dkim=none;
spf=softfail (mail.enmail.co: 198.163.193.190 is neither permitted nor denied by domain of user@lastname.plus.com) smtp.mailfrom=user@lastname.plus.com;
dmarc=fail reason="No valid SPF, No valid DKIM" header.from=plus.com (policy=none)
Received: from wurggqe ([60.220.73.164]) by 15751.com with MailEnable ESMTP; Sun, 3 May 2026 12:51:27 +0500
Received: (qmail 54451 invoked by uid 544); 3 May 2026 12:51:25 +0500
From: user@lastname.plus.com
To: user@lastname.plus.com

I assume it is being correctly identified as "Spam" by the Greenby system?

M-M · ‎07-05-2022

If you do a DNS blacklist check against the mailserver IP you will see it is listed in the XBL and CSS blacklist as well assome other lists as a server distributing SPAM and exploits.

Checking: 198.163.193.190 []
-------------------------
[LISTED] 198.163.193.190 on zen.spamhaus.org → 127.0.0.11 (PBL (Policy Block List))
[LISTED] 198.163.193.190 on zen.spamhaus.org → 127.0.0.4 (XBL (Exploits Block List))
[LISTED] 198.163.193.190 on zen.spamhaus.org → 127.0.0.3 (CSS (Spamhaus CSS))
[OK] 198.163.193.190 not listed on bl.spamcop.net
[OK] 198.163.193.190 not listed on b.barracudacentral.org
[OK] 198.163.193.190 not listed on dnsbl.sorbs.net
[LISTED] 198.163.193.190 on cbl.abuseat.org → 127.0.0.2
[OK] 198.163.193.190 not listed on psbl.surriel.com
[LISTED] 198.163.193.190 on dnsbl-1.uceprotect.net → 127.0.0.2

Most ISPs rely on such blacklist to stop the distribution of SPAM. enmail.co i.e. Greenby does not.

Markus

Townman · ‎22-08-2007

Images awaiting approval for this thread disclose personal information (email addresses). Personally I am not inclined to release them - one for @James_B

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

James_B · ‎10-09-2024

That's absolutely the right thing to do, @Townman

Please remember not to share personal information in this public forum folks.

James

john_chandler · ‎09-06-2020

I've started getting the exact same spam message as of today - deleted 12 so far this morning, but they keep coming in.

M-M · ‎07-05-2022

As "proof" other ISPs, mail service providers like hotmail block e.g. Plusnet when on block list ( see other forum posts).

Diagnostic-Code: smtp; 550 5.7.1 Unfortunately, messages from [84.93.230.227] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150)

Diagnostic-Code: smtp; 550 5.7.1 Unfortunately, messages from [212.159.14.20] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150)

Greenby/Plusnet should do the same for the Spammers open mail gateway

Markus

pvmb · ‎12-02-2014

"As "proof" other ISPs, mail service providers like hotmail block e.g. Plusnet when on block list ( see other forum posts). "

I suspect you may be confusing two different things here. I have seen no convincing evidence to date that Plusnet is on any spam "block list". However, issues with sending emails to particular destinations, e.g. Gmail recipients, are to do with Plusnet originated emails coming from sources that do not conform with up to date DNS email domain settings for SMTP messages.

That's what many of those Diagnostic Codes usually mean - they are suspect as possible 'unwanted mail' or 'possible spam'.

"The error code 550 5.7.1 indicates that your email was rejected due to security or policy-related issues, often because the recipient's server considers it spam or lacks proper authentication."

Incoming spam is another matter. For instance, I don't get any - despite having a Plusnet email address now transferred to Greenby. According to some here I should be knee deep in spam. Why aren't I?

Spam tsunami

Re: Spam tsunami

Re: Spam tsunami

Re: Spam tsunami

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Re: Spam tsunami

Re: Spam tsunami

Re: Spam tsunami

Re: Spam tsunami