OT: email being incorrectly flagged as spam

OT warning.... OT.... OT....
SWMBO is having problems receiving email sent to her as the membership secretary of a club - prospective applicants find the club website and send email to the publicised address " snipped-for-privacy@clubname.org.uk"; the club's website then forwards this to her personal address, which is snipped-for-privacy@mypersonaldomain.com. The email gets forwarded by 123-reg.co.uk to her 'real' address (ie, with our ISP), which is snipped-for-privacy@ntlworld.com.
I've just sent a test email to the snipped-for-privacy@clubname.org.uk, and got back the following non-delivery message:
> SMTP error occurred while sending message to following recipient(s) > > snipped-for-privacy@mypersonaldomain.com > > 550 Blacklisted by Webfusion for high spam volumes. > > Headers of original message follow: > [snipped]
This is obviously pretty serious for a club that is always trying to recruit new members! However, I am unable to ascertain from the error message where in the chain the problem is occurring. Is it down to SWMBO's personal email or ISP (and therefore something I need to sort out), or is it just down to the snipped-for-privacy@clubname.org.uk address, and I can just bat the issue back to the club to sort out? How can I tell?
There's nothing obvious in the message header to point the finger,but then again I don't speak 'messageheader-ese'
Will Webfusion (never heard of it) be the club's web service provider?
Thanks David
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

IIRC webfusion have a SPAM filter the account holder can turn on/off and/or set to a couple of response states - perhaps the "block suspicious email" (or similar) setting is enabled? What you really want is the "flag messages as spam" setting enabled... that way the messages will come through albeit marked as spam in their subject lines..
It's dead easy to check however you'll need to get whoever sets the emails up/ does the website to do it.
Cheers JimK
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 24/02/2010 20:27, JimK wrote:

False spam flagging has caused me some grief lately. I sell small volumes of shareware software via PayPal and send licence numbers by email to those who buy a licence. Gmail has been very aggressive lately deleting registration emails. The first I know about it is an email from the buyers saying their registration email hasn't arrived and it isn't in their spam or trash folders. It is only those people who give a Gmail address for contact whose registration emails go missing.
--
David in Normandy. snipped-for-privacy@yahoo.fr
To e-mail you must include the password FROG on the
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Lobster wrote:

In this case webfusion is providing personaldomain.com, or at least some part of it's mail infrastructure.
maybe someone has compromised the web server and is using it for spam. You need to get the webserver checked and delisted from any blacklists (including any held by webfusion). If you post the headers (or email them to me, watch the spamtrap) having cahnged the email addresses to disguise them, I'd be glad to advise if I can.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 24/02/2010 18:57, Lobster wrote:

They could be, but they are also connected with (e.g. the same parent company?) 123-reg so that could be the problem, see the copyright statement on the 123-reg homepage:
http://www.123-reg.co.uk /
Could you just bypass 123-reg and get the club to forward email direct to snipped-for-privacy@ntlworld.com? Seems to me the fewer stages the less chance of a problem?
--
-----------------------------------------------------------------------
To reply to me directly:
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 24/02/10 18:57, Lobster wrote:

The usual reason for seeing this is that your ISP's SMTP server has been blacklisted. In this case it's whoever runs the SMTP server that your web site uses to send mail, quite possibly it's the hosting company's own machine. It's probably a mistake caused by one of their other users sending spam, but it would be a good idea to double-check your systems just in case it's you.
If it's just a misunderstanding then your ISP should clear up the problem pretty quickly. It happens occasionally to every ISP and blacklisting companies are used to dealing with it.
--
Bernard Peek
snipped-for-privacy@shrdlu.com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Lobster wrote:
I assume the domain is hosted on 123-reg as well?
Assuming so, they now turn on spam filtering for domains by default. You can change the level of this detection on a per domain basis. Log into the 123-reg control panel, and click manage mail. The click on the Edit link beside any of your forwards or email boxes. On the spam filtering option click the Edit settings link. You can now "turn down" the level of detection.

OK, the headers would actually help here!
The black listing could be because the domain you were sending *from* has been blacklisted for example.
I would suggest repeating the experiment after changing the filter settings.

Study the headers and see the chain of mail handlers that have added routing lines to the message. That will tell you where the problem occurred.

Webfusion is one of 123-reg's brands - its one of their web hosting platforms that can also provide email boxes (and probably by extension email forwarding)
--
Cheers,

John.

/=================================================================\
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
John Rumm wrote:

Yes, appreciated but not sure which of those I should not be publicising here, vs which would actually be necessary to diagnose the problem! I took up Chris Bartram on his earlier offer, and he's been through my headers and reckons it's definitely the club servers that are blacklisted, so am following that up.

Thanks. Didn't know about that but have now disabled the spam filters there just in case!
David
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Lobster wrote:

;-) yup I thought that was probably the case. (If you get further problems I don't mind have a look over the headers for you either).

Right, progress then which is good.

Chances are its unlikely to be on the receiving end - I control loads of domains on 123-reg and have not noticed over zealous spam filtering being a problem.
A sending domain getting blacklisted however is not uncommon if its shared by a few people. Two activities will often trigger it: if it has an open relay or mail proxy hosted on the domain, or for the domain to show up as the source address of too much spam (usually the result of a users machine acting as a spam relay under the control of a botnet)
--
Cheers,

John.

/=================================================================\
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.