SpamCop Blocking List
SpamCop's blocking list works on a mail-server level.
If your mail was blocked incorrectly it may be due to the actions of other
users or technical flaws with the mail system you use.
If you are not the administrator of your email system, please forward
this information to them.
Information about the reasons for listing (blocking) your mail server ($)
The most common causes of blocking systems not intending to spam
You may be attempting to send mail from a system which is being blocked for cause. System administrators should consider the current most common causes of blocking.
- Misdirected auto replies:
Vacation messages, auto-responses, challenge-response spam filters and
virus-notification messages are some of the most prominent examples
of automatic emails which have caused otherwise innocent sites to be
blocked. If you or your system's administrator operate any of these
systems, they may be responsible for your system being blocked.
- SMTP-auth brute-force password guessing:
Microsoft Exchange and other servers using smtp-auth to limit outbound
mail are being exploited frequently in the wild. Spammers are using
brute-force methods to find valid accounts. Today, the holes found by spammers
are much more subtle than the traditional "open relay."
- Non-mailserver spam sources inside your firewall: Workstations (usually windows systems) will often become infected with spam-sending viruses. These will try to send spam bypassing your normal outbound mail server. Check your firewall or NAT logs for outboud port-25 connections to identify the infected systm. Or simply block outbound port-25 from systems which are not actual legitimate mail servers.
- "Typhoid Mary" laptops: Sometimes, normally well-defended networks can become spam sources when travelling users connect systems which have been infected outside your network are connected. Check your mailserver logs and firewall logs for unusually large amounts of email from a single internal IP address.
SpamCop Blocking List Details
The SpamCop Blocking List (SCBL) lists IP addresses which have transmitted reported email to SpamCop users. SpamCop, service providers and individual users then use the SCBL to block and filter unwanted email. The SCBL is a fast and automatic list of sites sending reported mail, fueled by a number of sources, including automated reports and SpamCop user submissions. The SCBL is time-based, resulting in quick and automatic delisting of these sites when reports stop.
- Learn more about the SpamCop Blocking List (SCBL)
- How to implement the SCBL
- Other information about the SCBL
Received a Report from SpamCop?
Start by following the link(s) in the email report you received from SpamCop. These links provide details about the reported email and SpamCop's procedures. These links provide access to advanced options for analyzing and responding to reported spam.
Implement the SCBL to Filter Spam
The SCBL aims to stop most spam while not blocking wanted email. This is a difficult task. It is not possible for any blocking tool to avoid blocking wanted mail entirely. Given the power of the SCBL, SpamCop encourages use of the SCBL in concert with an actively maintained whitelist of wanted email senders. SpamCop encourages SCBL users to tag and divert email, rather than block it outright. Most SCBL users consider the amount of unwanted email successfully filtered to make the risks and additional efforts worthwhile.
The SCBL is aggressive and often errs on the side of blocking mail. When implementing the SCBL, provide users with the information about how the SCBL and your mail system filter their email. Ideally, they should have a choice of filtering options. Many mailservers operate with blacklists in a "tag only" mode, which is preferable in many situations.
There is no warranty associated with using this system. It is provided as is.