This FAQ is designed to assist end users who have received an email delivery failure notification (bounce) citing the SpamCop Blocking List as the reason.
- The bounce message should contain the name of the blocking list and the IP address being rejected. If the IP address is not included in the bounce message, please contact your mail service provider.
- You send mail through your ISP or hosting company: the listed IP is the ISP/host mail server. The ISP must solve the problem that caused the listing. Send the bounce message to them and ask them to contact SpamCop if assistance is required.
- If the IP shown in the bounce message is the one assigned to your computer by your ISP: your computer/network/LAN is insecure. A PC may be infected; a proxy may be insecure; a script may be insecure or your mailserver may not be set up correctly. Once you find and remove the source of the spam your IP will automatically delist after 24 hours with no new reports. Your ISP has probably received reports concerning the spam activity; get in touch with them for more information.
- Additional information on virus infections and other causes for spam to be sent from your IP:
- Viruses may disable Antivirus (AV) programs or your AV definitions may not be up-to-date or may not have caught the virus. If your computer is on a home/office network behind a NAT router, it could be any computer on your network that is infected. The NAT router does not prevent the mailers from sending spam, or the "call home" function of many backdoor trojans.
- It is not required that you open an email attachment to be infected. Downloader trojans are found on many malicious websites or even hidden in images received in email. Simply visiting such a site or viewing an image could cause your computer to be infected.
If the bounce message includes your IP, you should:
- Scan your computer with an AV program different from the one you normally use. All major AV companies provide free online virus scanning. One can be found at Trend Micro
- Make sure all your software, including your operating system and third-party programs are fully patched and up-to-date. In particular, a lot of malicious malware is pushed through media files, taking advantage of known exploits in Windows Media Player, WinAmp and others. If you don't have your software set for automatic updating, make it a habit to check for patches, updates and upgrades at least once per week.
- Run at least two spyware removal tools on your computer. Spyware tools are very effective at finding and removing these malicious programs. Spyware removal tools are available for free download from:
If your use HijackThis, you should run the resulting log through a helper site such as Network Techs
This is not an endorsement of the above products or sites. Many other security tools are available for free or low cost and work just as well or better. These tools are suggested because they are among the better known products on the Internet. Be careful though as many lesser known spyware products are rogue or of dubious value. See Spyware Warrior
Sometimes these viruses will alter/add so many files and registry keys that recovery is just not possible or causes longterm instability (frequent crashes) of your computer. When this happens, reformatting your harddrive and re-installing your operating system is the only solution.