[olug] Introduction

Luke -Jr luke at dashjr.org
Thu May 10 22:45:22 UTC 2007 

On Thursday 10 May 2007 16:59, roberson at olug.org wrote:
> Hello Luke, and hopefully.. Welcome to Omaha!!

Thanks.

> On Thu, May 10, 2007 at 12:25:00PM -0500, Luke -Jr wrote:
> > P.S. whoever admins the mailing list server *PLEASE* stop using bogus
> > lists like DNSBL. There is no legitimate reason to drop email just
> > because the mail server's IP is only semi-static. Use real spam
> > blacklists instead... (As for using TW's mail servers, that loses my
> > ability to verify delivery and they also get listed on the real spam
> > blacklists for actual real spam; besides, LUG members should be more than
> > capable of keeping their email servers secure better than their ISPs!)
> >
> > <olug at olug.org>: host mail.olug.org[198.70.254.115] said: 554 5.7.1
> > Service unavailable; Client host [24.31.250.242] blocked using
> >     dul.dnsbl.sorbs.net; Dynamic IP Addresses See:
> >     http://www.sorbs.net/lookup.shtml?24.31.250.242
> >     (in reply to RCPT TO command)
>
> Bogus list? I beg to differ! I have always had really good luck with the
> various sorbs lists. Looking at the mail log a bit closer, I do not see
> any host that was blocked today that I would ever want to receive
> email from!

Except mine, I hope! Maybe block them some other (sane) way? :)
Besides, how could you *possibly* know if whether you wanted to receive the 
email if you never see it?

> However... if you would like, I would be happy to add you to the whitelist
> to avoid rbl checks. 

Sure. If it's by host instead of From, the mail server is hachi.dashjr.org :)
Why not auto-whitelist any confirmed subscriber email?

Based on the below data and the blacklists on mxtoolbox.com, I conclude that 
since there are always at least 13 entries of the 127 blacklists for each IP 
listed, there are 2 very good blacklists (13 minus the 11 bogus lists). Using 
either of those two should block all the spam, while not blocking the legit 
mail. Note that compared to the rest which were listed on 13-34 blacklists, 
my server was only on 10 of the 11 bogus lists.

I am defining "bogus list" as a list that includes IPs on any basis other than 
actual spam sending and will not remove the IPs no matter how secure the mail 
server is.

> users mail # grep dul.dnsbl.sorbs.net current  | awk '{print $9 " blocked
> by " $19}' | sort | uniq 12-226-16-233.client.mchsi.com[12.226.16.233]:
> blocked by dul.dnsbl.sorbs.net;

listed 15/127 times

> 124-8-97-137.dynamic.tfn.net.tw[124.8.97.137]: blocked by
> dul.dnsbl.sorbs.net; 

listed 15/127 times

> 239.221.78.222.broad.np.fj.dynamic.163data.com.cn[222.78.221.239]: blocked
> by dul.dnsbl.sorbs.net;

listed 28/127 times

> 81.203.50.126.dyn.user.ono.com[81.203.50.126]: 
> blocked by dul.dnsbl.sorbs.net;

listed 23/127 times

> 88-105-206-55.dynamic.dsl.as9105.com[88.105.206.55]: blocked by
> dul.dnsbl.sorbs.net; 

listed 23/127 times

> CPE-24-31-250-242.kc.res.rr.com[24.31.250.242]: 
> blocked by dul.dnsbl.sorbs.net;

listed 10/127 times <-- THIS IS ME

> adsl196-183-26-206-196.adsl196-1.iam.net.ma[196.206.26.183]: blocked by
> dul.dnsbl.sorbs.net; 

listed 19/127 times

> bb219-74-178-174.singnet.com.sg[219.74.178.174]: 
> blocked by dul.dnsbl.sorbs.net;

listed 13/127 times

> bsp178.neoplus.adsl.tpnet.pl[83.29.135.178]: blocked by
> dul.dnsbl.sorbs.net; 

listed 25/127 times

> bzq-88-154-53-241.red.bezeqint.net[88.154.53.241]: 
> blocked by dul.dnsbl.sorbs.net;

listed 14/127 times

> c-68-59-206-246.hsd1.tn.comcast.net[68.59.206.246]: blocked by
> dul.dnsbl.sorbs.net; 

listed 26/127 times

> catv-50620682.catv.broadband.hu[80.98.6.130]: blocked 
> by dul.dnsbl.sorbs.net; 

listed 25/127 times

> dsldyn197.travel-net.com[205.150.76.197]: blocked 
> by dul.dnsbl.sorbs.net; 

listed 13/127 times

> ehv182.neoplus.adsl.tpnet.pl[83.21.111.182]: 
> blocked by dul.dnsbl.sorbs.net;

listed 25/127 times

> eji237.neoplus.adsl.tpnet.pl[83.21.150.237]: blocked by
> dul.dnsbl.sorbs.net;

listed 34/127 times

> host229-173-dynamic.20-87-r.retail.telecomitalia.it[87.20.173.229]: blocked
> by dul.dnsbl.sorbs.net;

listed 34/127 times

> host86-142-195-221.range86-142.btcentralplus.com[86.142.195.221]: blocked
> by dul.dnsbl.sorbs.net;

listed 13/127 times

> i577BE431.versanet.de[87.123.228.49]: blocked by 
> dul.dnsbl.sorbs.net;

listed 13/127 times

> r190-64-42-227.dialup.adsl.anteldata.net.uy[190.64.42.227]: blocked by
> dul.dnsbl.sorbs.net;

listed 14/127 times

> unknown[200.121.233.146]: blocked by 
> dul.dnsbl.sorbs.net;

listed 25/127 times

> unknown[218.149.67.35]: blocked by dul.dnsbl.sorbs.net;

listed 30/127 times

> unknown[218.19.27.104]: blocked by dul.dnsbl.sorbs.net;

listed 29/127 times

> unknown[61.247.95.12]: blocked by dul.dnsbl.sorbs.net;

listed 20/127 times

> unknown[88.224.82.72]: blocked by dul.dnsbl.sorbs.net;

listed 16/127 times

More information about the OLUG mailing list