Helping people with computers... one answer at a time.

Email providers use many techniques to attempt to stem the flow of spam. Occasionally, those techniques can cause legitimate mail to be blocked as well.

A friend of mine, who is with a different ISP, quite regularly has emails returned to her that she sends to me. The reason given is that my email provider, Hotmail, received complaints against her IP address and hence they put a block on me receiving her emails. This is a complete puzzle to me. How has this situation that has nothing to do with me occurred and how can I ensure that this block is being removed and that I no longer have problems receiving her emails?

I can theorize why it happened, but I can't hold out much hope for getting it resolved.

It's not your fault, of course. It may, or may not be your friend's fault, and she should do a couple of things to make sure she's in the clear.

Ultimately, it's the fault of spammers, and perhaps overly aggressive spam filtering.

It's Not Just You ... or Her

First let's be clear - if Hotmail received complaints and blocked email from your friend's IP address, it's not just you who can't get her emails - it's anyone she might send to via Hotmail. Hotmail believe's it's identified a source of spam, and as a result is protecting all Hotmail users from receiving more.

A laudable intent, if it were always accurate.

"... perhaps she shares an IP address with a spammer."

And it might not be only she who's blocked. Anyone who appears to be at her IP address may also be blocked. IP addresses are often shared by multiple computers. In some cases, mostly business, perhaps many computers. All of those computers and their users would be blocked from sending email to you or anyone at Hotmail if their IP address is blocked.

It Could Be Someone Else

That leads us to the first potential cause of your problem: perhaps she shares an IP address with a spammer.

That could be anyone behind the same router she uses or perhaps at the same location, if a common internet connection is in use. There's no easy way for her to determine who the culprit might be, other than to contact whoever's in charge of the connection. If that's her, then she needs to check with all of the users of all of the computers to make sure they're not spamming. (They might not know it - more on that in a moment.)

It's also possible that the IP address she's currently assigned was formerly used by a spammer. This actually happens from time to time - a spammer will use an IP address as the source of a massive amount of spam resulting in it being blocked. The spammer moves on to another IP address, and releases the old. That old IP address may come to its next owner with the "baggage" of lots of blocks and a very poor reputation.

The same happens with DHCP where you might be assigned a different IP address each time you connect to the internet. If the one you're currently assigned was previously abused by a spammer, you might end up in this situation.

The only real potential solution here is for her to ask her ISP for a new IP address.

It Could Be Her

The reason that this form of spam blocking even comes close to making sense these days is summed up in one word: spambot.

Spammers used to hijack or compromise mail servers and send out large amounts of spam from a single source. Naturally, that IP address was quickly blocked.

Zombie networks allow spammers to control thousands of machines, all at different IP addresses. Each machine is infected with malware - a spambot - that responds to the remote control of the zombie network to send spam. Since each machine is at its own IP address, blocking an IP address is relatively ineffectual at stopping spam. It blocks the one machine, but the remainder of the zombie network continues unabated.

Yet individual IP addresses are still banned. If nothing else, this helps ISPs identify individuals who are infected and who are responsible for sending some amount of spam. These individuals can then be notified and their machines cleaned.

This could be your friend.

It's quite possible that her machine is unknowingly infected with malware that is causing it to send spam as part of a zombie network. Needless to say, she needs to run up to date anti-malware scans as soon as possible.

Unfortunately, once she's confirmed clean there's still not much to be done. The block may expire some day. She might try contacting the Windows Live Mail postmaster to see if the block can be lifted. Or she might ask her own ISP for a different IP address.

But sadly none of this is guaranteed.

Perhaps you might open a new email account with a different provider that's not blocking her.

Article C4346 - June 18, 2010 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

5 Comments
Mark Jacobs
June 19, 2010 2:54 AM

Here we go again. This happened to me. My ISP was rejected by hotmail. I got a hotmail address and wrote to their help forum and the kindly (LOL) assured me that they were working the problem out. I wrote several computer help gurus and Mary Jo Foley, MS guru from Zdnet contacted hotmail and got the situation resolved. I suggest you tell your friend and everyone reading this tell your friends to get another email address other than hotmail. Try gmail or if you prefer gmx.com (owned by 1&1)is also good and has the advantage that the people receiving your email don't usually know it's a free provider.

Mike
June 22, 2010 6:23 AM

Problem is, you could be blocked even though you've never sent any spam, even though no spam has ever been sent from your domain, nor even any spam ever sent from your server.

Rarely do most people have their own mail server on their computer. They subscribe to a host server which is also host to many other domains. Such IP addresses are routinely blocked, not because of any actual complaints, but simply on the basis that those servers COULD be a source of spam.

It also does not help when lazy people no longer want to get email from you that they don't simply use Block Sender in the software, but hit Report Spam so that nobody can get email from you.

Coly Moore
June 22, 2010 8:13 AM

We run a volunteer anti-malware forum which sends email to members who have opted to follow a topic, notifying them of a new reply. We have had endless trouble with Yahoo mail, Hotmail, AOL, and many others. Often they don't even put our mail in a spam folder - they simply bounce it back and the member doesn't see it at all.

Writing to the ISPs has not had much if any success. Some will let our mail through for a while after I correspond with them, and then go back to bouncing it.

We tell our members to use Gmail. The one time they bounced our mail, they fixed the situation when I wrote to them and since then have given us no trouble at all.

stuart donaldson
July 3, 2010 2:14 AM

I had the same problem with the "Ask Leo" emails (see below). Lasted for several months then the block was removed.

The MessageLabs Email Security System discovered a possible virus
or unauthorised code (such as a Trojan) in an email sent to you.
The email has now been quarantined and was not delivered.
Please read the whole of this email carefully. It explains the status
of your email, the nature of the intercepted virus and the next steps
for addressing the problem.
To help identify the quarantined email:
The message sender was
TGwMLOzMtCxMLJzszIwstEa0rKwsjGycnA==<at>smtp-verifiedoptin-01.aweber.com
leo<at>ask-leo.com
leosanswers<at>aweber.com

The message originating IP was 207.106.200.7
The message recipients were
*******<at>omantel.net.om

The message title was Leo's Answers #200 - October 13, 2009
The message date was Tue, 13 Oct 2009 11:49:42 -0400
The virus or unauthorised code identified in the email is
>>> Possible MalWare 'Exploit/Phishing-amazon-b28b' found in '3473417_2X_PM3_EM8_MH__message.htm'. Heuristics score: 402

Some viruses forge the sender address. For more information please
visit the virus FAQ's link at the bottom of this page.
The message was diverted into the virus holding pen on
mail server server-9.tower-173.messagelabs.com (pen id 15846_1255448986)
and will be held for 30 days before being destroyed
Please contact your IT Helpdesk or Support Department for further
assistance.
Answers to virus-related questions can be found on the MessageLabs
Virus FAQ page at
http://www.messagelabs.com/page.asp?id=628

Unfortunately one of the facts of life when it comes to the battle against spam is that there is frequently collateral damage in the form of "false positives". My newsletter's never had a virus but every so often one -anti-spam tool or another will see what it thinks is one or is close enough to one to warrent flagging them email. I wish all they did was flag, so that the recipient was given the opportunity to decide for themselves, but many resort to complete blocks - often not telling you. As I've mentioned, short of choosing a more respectful email service provider I know of no real solution.
(I changed all the "@" to "<at>" to avoid spammers harvesting emails.)
Leo
04-Jul-2010
Chris Perkins
April 27, 2012 10:25 PM

Same Problem
My account has been blocked and like most people, I can no longer remember my original 'sign-up' details. The problem is that Hotmail

has also blocked my exterior links so that I can no longer contact my buisness contacts and my buisness is losing money daily. All I want to do is access my account to recover my contacts and then I can back them up on a more user-friendly e-mail provider like GMAIL.
Yours
chris perkins

This article discusses recovery options for the various ways that Hotmail accounts can be lost or compromised and I believe it applies here: What are my Lost Hotmail Account and Password Recovery Options?
Leo
29-Apr-2012

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.