I got some weird mail back, claiming that my e-mail was blocked, w/o indicating what server was blocked, after the mail appeared in the mailing list. Is this some BS shakedown? I use postfix on a DSL line forwarding to earthlink, this is hardly something that should be rare in the BSD world... the mail appeared to come from a web mail server and the first link has the following lovely text: "If you would like a site be added or removed from BlarsBL, you may hire Blars at his normal consulting rates (currently $250/hour, 2 hour minimum, $1000 deposit due in advance for non-established customers) to investigate your evidence about the site. If it is found that the entry was a mistake, no charge will be made and the entire deposit will be refunded. Send Blars email from a non-listed account to verify current rates and arrange payment." (Further research indicates that blars may be legit, but this is kind of sleazy) The IP of the "rejected" smtp server was not included. The 'rejection' text appears as follows: Your message with the subject & "'last' working OK for everybody on 4-STABLE?" addressed to "stable@freebsd.org" <stable@freebsd.org> was rejected by a open relay due to smtp server is listed at block.blars.org smtp server is listed at blackholes.five-ten-sg.com smtp server is listed at xbl.selwerd.cx
On Sat, 26 Apr 2003 16:27, Mike Harding wrote:> "If you would like a site be added or removed from BlarsBL, you may hire > Blars at his normal consulting rates (currently $250/hour, 2 hour > minimum, $1000 deposit due in advance for non-established customers) > to investigate your evidence about the site. If it is found that the > entry was a mistake, no charge will be made and the entire deposit > will be refunded. Send Blars email from a non-listed account to verify > current rates and arrange payment." > > (Further research indicates that blars may be legit, but this is kind > of sleazy)Yeouch! Pretty slimy :(> The 'rejection' text appears as follows: > > Your message with the subject & > "'last' working OK for everybody on 4-STABLE?" addressed to > "stable@freebsd.org" <stable@freebsd.org> was rejected by a open relay > due to smtp server is listed at block.blars.org smtp server is listed > at blackholes.five-ten-sg.com smtp server is listed at xbl.selwerd.cxI got this too when I sent a message about firewire. I tried sending via my work and home systems using an ssh tunnel, but both produced this response. I am very confident both systems are not open relays too.. -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 9A8C 569F 685A D928 5140 AE4B 319B 41F4 5D17 FDD5
While Blars is legitimate (I ported his "hinfo" utility that consolidates lookup information of various spam-blocks), he is the most radical of all the spam-block-list maintainers. This "consulting rate" BS is the only known mechanism of appeal to get off of his own list, which is so all-inclusive that it is useless for actual email filtering. (His IP granularity is generally /24). I honestly don't know why the man doesn't go to an ask-first system if he's that aggressive about it, but there it is. And I can't ask him why, either, as I'm in one of those /24s. mcl
Mike Harding wrote:> "If you would like a site be added or removed from BlarsBL, you may hire > Blars at his normal consulting rates (currently $250/hour, 2 hourI wouldn't worry about it, no one uses his blacklist -- he lists entire netblocks because of a single MTA, and he's an asshole. Unlike the rest of us, of course. ;-) His practices could subject him to a $$$$ lawsuit, and if it happens he'll eventually learn that pissing down your leg because you like the nice warm feeling is rather shortsighted.
On Saturday 26 April 2003 07:27, Mike Harding wrote:> I got some weird mail back, claiming that my e-mail was blocked, w/o > indicating what server was blocked, after the mail appeared in the > mailing list. Is this some BS shakedown? I use postfix on a DSL line > forwarding to earthlink, this is hardly something that should be rare > in the BSD world... the mail appeared to come from a web mail server > and the first link has the following lovely text: > > "If you would like a site be added or removed from BlarsBL, you may > hire Blars at his normal consulting rates (currently $250/hour, 2 hour > minimum, $1000 deposit due in advance for non-established customers) to > investigate your evidence about the site. If it is found that the entry > was a mistake, no charge will be made and the entire deposit will be > refunded. Send Blars email from a non-listed account to verify current > rates and arrange payment."Did you reply to the list and the jackass who posted to it? Some moron has crept into our midst who seems to use about a hundred different RBL servers. He even rejects my server at omnis.com who seem to be a reputable hosting service. We may have to start collecting information on people like this with unusably picky mail servers and black list THEM from our mailing lists, but it will likely force us to block Greg Lehey too. ;^) -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com
Mike Harding <mvh@ix.netcom.com> writes:> I got some weird mail back, claiming that my e-mail was blocked, w/o > indicating what server was blocked, after the mail appeared in the > mailing list. Is this some BS shakedown? I use postfix on a DSL line > forwarding to earthlink, this is hardly something that should be rare > in the BSD world... the mail appeared to come from a web mail server > and the first link has the following lovely text:[strange offer snipped] I have seen idiots apply "dialup user black lists" (aggressively promoted by MAPS LLC and Osirusoft and others) to Received: headers -- and consistently seen bounces hit the reverse path of my mailing list mail from such accounts, because the last Received: header in my mail will of course bear the IP of my private Postfix that's sitting on a DSL line in Germany, no matter if I use my ISP's relay server or not (I won't hack up my systems to accomodate the effects of other people's brain amputation). There are just some people that turn blind in their rage against spam. They'd better get working content based filtering <shameless plug>such as bogofilter</shameless plug> and use that instead of senseless blacklists. SCNR. -- Matthias Andree
"Mike Harding" <mvh@ix.netcom.com> wrote in message news:<20030426142745.14E165312@netcom1.netcom.com>...>> due to smtp server is listed at block.blars.org smtp server is listed > at blackholes.five-ten-sg.com smtp server is listed at xbl.selwerd.cxAnyone stupid enough to use xbl.selwerd.cx (which lists almost EVERY ip address of EVERY major provider and university) doesn't want your email. If you know which luser you sent that to, or if its one of the lusers on freebsd-stable list, please, do some research: do not use blacklists unless you know their listing and delisting policies, besides, if you want 100% spam free, then the only FREE list to use is ours' blocked.secnap.net. Again, do research before you use ANY blacklist!
"Bob Willcox" <bob@immure.com> wrote in message news:<20030502215651.GE27495@luke.immure.com>...> On Wed, Apr 30, 2003 at 01:08:55PM -0700, Tenebrae wrote: > > On Wed, 30 Apr 2003, Andy Harrison wrote: > using blacklists is a bad idea. The only blacklist that will stop all > spam is one that covers all addresses!now you know the reason I created 'blocked.secnap.net'. It is a warning to anyone using blacklists: know the blacklist policy before you use it. The same blacklists you can use for personal use CANNOT BE USED FOR COMMERCIAL PURPOSES. (we have blocked a lot of resumes sent in from free mail services..)
We don't use 'monkies.org' because they refuse to take fixed
computers out. we send an email to spews and dk10? telling them that they
MISSED one of our netblocks and please add it since we didn't want to send
any email to anyone stupid enough to use either list. (they added it, which
proved my point.. they violated their stated listing policies!)
here is what I use (in postfix)
we don't do any business out of the us, so screwem.
reject_rbl_client socks.relays.osirusoft.com,
reject_rhsbl_sender dsn.rfc-ignorant.org,
reject_rbl_client cn-kr.blackholes.us,
reject_rbl_client taiwan.blackholes.us,
reject_rbl_client hongkong.blackholes.us,
reject_rbl_client brazil.blackholes.us,
reject_rbl_client nigeria.blackholes.us,
reject_rbl_client dynablock.wirehub.net,
reject_rbl_client dialups.relays.osirusoft.com,
reject_rbl_client malaysia.blackholes.us,
reject_rbl_client singapore.blackholes.us,
reject_rbl_client thailand.blackholes.us,
reject_rbl_client flowgoaway.com
here is what was blocked here since 12:30:
--
Michael S. Scheidell, CEO
SECNAP Network Security www.secnap.com
scheidell@secnap.net / 1+561.368.9561, 1131
Sales: 866-SECNAPNET / 866.732.6276
Possibly Parallel Threads
- Dovecot Postfix MySQL Authentication Issues
- Using Dovecot-auth to return error code 450 (or other 4xx) to Postfix when user is on vacation
- Postfix - message queue filling with Host or name not found - try again
- dp.samba.org in a blacklist...
- postfix - reject of incoming mail due to helo check??