My configuration is set to block my own IP

I was surprised to find it in the stats, but when I drilled down it was there with the info of bigpond nsw etc which is correct but then further down under country it put me in Minnesota USA and quoted an ISP I have never heard of.

In other words with my IP it reported in one place correct info then in another column incorrect info.

Is this normal? Does it mean I need to treat all info from stat counter with suspicion?

Tony

Does a city with the same name as your city exist in the USA perhaps?

When things get sorted by one field such as the city, and there are multiple occurrences of that city name (albeit in differnt states or countries) and only the top first occurrence is kept (try it in Excel), this is what happens at times. For example of the city is Paris, Paris, France and another one is Paris, NY, USA, well, guess which one comes first?

I agree, stats by city alone are meaningless. It should be stats by city + region + country.The stats by region alone should in fact be by region + country, etc.

I think you misunderstand. this is the situation:

Under Country/state/city/isp

Refering link: from one of my websites
Host name: CPE-60-225-30-53.nsw.bigpond.net.au
IP: 60.225.30.53

This is all correct about me and my IP address, but what follows is nonsense, I am in Sydney, Australia, my ISP is Bigpond.

Country: United States
Region: Minnesota
City: Saulk Center
ISP: Telstrainternet40
Returning visits: 0
Length: spread over more than one day

Navigation Path: 12 visits recorded over a week.

It is possible that Bigpond may call itself Telstrainternet40 in some cases but Sualk Center etc can't be mistaken for Sydney Australia, nor do 0 returning visits correspond with 12 visits in navigation path. Although I would be surprised if my once or twice a week visits to this site tally with that info anyway. Seems something is amiss

Tony

BTW In case you want to take a look around, the site is:

http://kingscross.blogs.com/librarian

Tony

Checked with http://www.whois.sc and get the following registered with the IP# 60.225.30.53

Blacklist Status: Listed (link to details)
Record Type: IP Address
IP Location: United States United States - Minnesota - Sauk Centre - Telstrainternet40
Reverse IP: No websites hosted using this IP address
Reverse DNS: CPE-60-225-30-53.nsw.bigpond.net.au

inetnum: 60.224.0.0 - 60.231.255.255
netname: TELSTRAINTERNET40-AU
descr: Telstra Internet
descr: Locked Bag 5744
descr: Canberra
descr: ACT 2601
country: AU

So it seams like your IP# (if you still have it) is located in the US, with the Bigpond DNS in Australia and the company responsible for the IP range including your IP# is Telstra Internet. Things like this, can confuse even the best when looking at the stats :shock:

Thank You very much. My world view has changed quite a bit now that I know that I am American, I'm getting a sudden urge to believe in god, drive a Chevy SUV and support the death penalty. Just kidding folks! :-)

So now I have the interesting assumption to make that all these stats aren't particularly useful, because I cannot be certain that the country of origin of the computer user is necessarily correct. Particularly when trying to deal with my fellow country men, considering that Bigpond is the largest ISP here.

Any way around this?

The Global Village I generally support, but it throws up some curley's sometimes!

Tony

Any way around this?

In a more global world it can be hard to get better geo-location logs, but I would be more worred about the IP# being blacklisted for spam if you are not responsible for the spamming.

Sounds like a proxy relay setup.

What is this spamming issue? I am currently getting emails that purport to be from my ISP but are not, is this part of what you are talking about? Do you mean people using my IP as their own because of a problem with the way my ISP set things up?

Tony

Not the same kind of spam.

Referrer spam is when you find hits in your stats that appear to come from other sites which have nothing to do with yours. You click on the links, so you end up seeing those sites. So in fact they tricked you into visiting their site.

They use programs to do this, so it's a simulation of a visit in fact, only purpose being to use your Statcounter project to log a fake visit.

I can get punished for this? Is it inevitable or can my ISP do something to protect me?

Tony

I can get punished for this? Is it inevitable or can my ISP do something to protect me?

Regardless how the spammers get to use your IP# you probably should report to your ISP that your IP# is blacklisted (ref. to http://www.whois.sc) and if you can't change your IP your self, they may do it and block the listed IP so it can't be used. I guess they can advice you further, what more you can do.

Your responsibility is to check that your computer is not infected with trojans and viruses that may use it to e.g. relay the spammers mails (Your ISP can also make actions to prevent relaying). Some spammer can also use your email address as reply-to address, but in that case you probably will get a lot of bounced mail that can't be delivered.

Please forgive my ignorance here, but I don't understand all of this. I am black listed? What does that mean? It is the address of my computer, it is still connected to the internet, and seems to be functioning normally. It is a Mac with OS X so not prone to the usual viruses that affect PC's.

I have started having problems lately of delivery failure notifications of mysterious emails that are to and from variations on my email address that don't actually exist. (1 to 4 per day) I have also been getting spoof mails from what appears to be my ISP although they deny this. They seem to be uncommunicative over this issue even though I have reported these attacks to them.

Can any of this affect my websites or relationship with hosting services?

Tony

The IP address that may be blacklisted would be the IP of the server hosting your website.

That may happen if spam originates from that server and various anti-spam services have therefore placed that IP address on a blacklist.

It need not be your website responsible for sending out spam either. Typically most websites are hosted on servers under shared hosting. Several hundred websites all being hosted on the same server share the same IP address. Any one of those websites being found as generating spam, risks placing the IP address of that server on the blacklist. Thus all other websites from the same server are automaticlaly blacklisted.

Spam can originate on a website either because the owner of the site is indeed using it to send out spam, or because of vulnerabilities in the way they have set up their mail server and/or their email forms that make it possible for hackers to exploit those and send out spoofed emails using their mail account.

More common though is spam sent out through proxy servers where the replyto field is filled in with email addresses from existing websites. The addresses themselves may or may not correspond to actual email addresses on those websites.

The replyto email address on an email is rather meaningless (you can set it to anything you want yourself in your email client), it doesn't necessarily equal the true sender's address. Rejecting email based on that field is not the way to filter out spam. But that's the one easily tested for. Generally the sender's IP address (of whatever server was used to send the email) which appears in the email headers (which you see in properties) is usually what can get onto a blacklist.

You are getting rejected emails purporting to have been sent by yours or some other random email address at your own website. This simply means your email address (or some other real or fake one at your website) was used as a replyto email address on spam which got rejected by the recpient's mail sever for some reason: either for being identified as spam and filtered out, or because the recipient email address didn't actually exist on that server.

If the IP address used to send out the spam wasn't yours (or your website's) Ip address, you have no worries really. If it is, then you have to find ways to get off the blacklist. Get your hosting involved in this issue. And good luck.

How to stop those bounced emails from getting into your inbox depends on whether the email address they come back to actually exists on your website or if you allow anything@mywebsite.com to get to your default address. In the latter case you cannot do much except set up filters, after receiving the bounced email into the general inbox.

If you have a set of defined email addresses, you can reject all email coming to neither of those by setting the default email address to :blackhole:. That will take care of random email sent to your website. If bounced email still comes back to one of those email addresses, then you need filters in place as well.

Please forgive my ignorance here, but I don't understand all of this. I am black listed? What does that mean? It is the address of my computer, it is still connected to the internet, and seems to be functioning normally. It is a Mac with OS X so not prone to the usual viruses that affect PC's.

Your IP# is blacklisted by SORBS (Spam and Open Relay Blocking System). A lot of ISP's and hosts follow this kind of databases as an advise to block spammers. If your ISP causing the spam because they have a server that is open for relays, then everything from that server can be blocked by other ISP's and hosts. That means mails from all their customers will not be delivered to customers to other ISP's.

So, if you are a customer to a ISP who gets blocked you can be affected.
More about SORBS: http://www.us.sorbs.net/

Hmmm, things get nastier if it's an ISP that is blacklisted. You can't change ISP's so easily, but it's certainly what you have to do.

SORBS are a pesky, ruthless service, easy to get onto their blacklists, practically impossible to get off of them even if it was an error - which it often is. Unfortunately many ISP's subscribe to SORBS blacklists. This means that when you send email to somebody using an ISP whoc subscribes to SORSB, your email will not get through to the recipient.

Thank you for the lengthy explanation. It helps, although I am still finding it difficult to get my head around all of this.

I'll open a channel to my webhosts, and get back to Bigpond (ISP) although until now their attitude is that they are already protecting me and they don't care to discuss the issue of spam.

Big corporations sometimes have an arrogance that comes with size. I may need to go to consumer affairs to get action from them

These spammers are doing a good job of ruining the web for the rest of us.

Thank you for the lengthy explanation. It helps, although I am still finding it difficult to get my head around all of this.

I'll open a channel to my webhosts, and get back to Bigpond (ISP) although until now their attitude is that they are already protecting me and they don't care to discuss the issue of spam.

Big corporations sometimes have an arrogance that comes with size. I may need to go to consumer affairs to get action from them

These spammers are doing a good job of ruining the web for the rest of us.

If your ISP says they are already protecting you, then you should ask (if you have not allready?) why the IP# registered to them is blacklisted and what they are doing to get it unlisted again.

Have to ask to be safe :) The IP# mentioned, is connected to your ISP and the one you use to connect to Internet, if I have get it right? If so, is the ISP also your host for your website(s)?

If you have an other company (not Bigpond) to host your sites and have email on the web host account, it would be great if you can use the webhost's SMTP server. That would make your mail addresses for your domain secured if the ISP gets blocked, since the IP# would be different. But I know people often must use the ISP's SMTP server and only the POP server from the webhost, but you could check if it's possible for you if you don't allready know the possibilitys.

Arne, some day when I am visiting relatives in Bergen, I will have to cross the border just to buy you a drink :-)

As to Christina, I am quite certain she is so perfect that she must be able to walk on water :-)

The IP concerned is my computer and its internet connection via ISP I use one of the offered email addresses as my main tech and computer related address eg talking on tech forums, dealing with webhosts etc.

I have 2 static websites with 'SurfSpeedy' and 2 with '2BuckWebs' I have 4 seperate IP addresses with those hosts.

Additionally I have 18 blogs with TypePad, presumably all on one IP.

I use an on-line disk (Box), and have a Flickr account.

I have 24 email addresses but only 3 that I actually use (one personal, one business, and one computer related.

I hadn't realised until writing this down how much stuff I have on the net. It sure has a way of accumulating. No wonder I live on this thing.

It has just occured to me that it might be wise for me to check the blacklist status on all my IP's. Being Sunday I can't do much about Bigpond until tomorrow.

A thought: There have been 2 occassions in the last 6 to 12 months when I have sent out Media Releases via email. Neither would have involved more than 20 Newspapers/tv/radio. but is it possible that that might have caused this? Apart from that I don't even send out newsletters or forward those terrible group collections of jokes or whatever that people circulate.

Thank you so very much
Tony

Arne, some day when I am visiting relatives in Bergen, I will have to cross the border just to buy you a drink :-)

Bergen in Norway? It's stil a long way to for a drink :lol: Check out JWJ's "statmap" to see where I am http://www.jwjonline.net/statmap.htm

A thought: There have been 2 occassions in the last 6 to 12 months when I have sent out Media Releases via email. Neither would have involved more than 20 Newspapers/tv/radio. but is it possible that that might have caused this? Apart from that I don't even send out newsletters or forward those terrible group collections of jokes or whatever that people circulate.

Hard to belive that amount of media releases can hurt in sutch way. The media should be used to recive releases by mail by now.

It seems that even for a little country like Sweden, its a long way to Bergen :-) Even if it's a long wait, I still owe you that drink. Maybe one day.