North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: contact at yahoo mail? (they think we're an open relay :< )
Its a very confusing page to read, we are listed as 127.0.0.2 and that is NERD-CA. The other entries like: ARIXDICTSTALE Sender has a history of dictionary spamming: stale.dict.rbl.arix.com -> 127.0.0.1 I think indicate what that RBL is for and what the value indicates, we are NOT in there: host smtp.easydns.comstale.dict.rbl.arix.com and the txt record looks like a wildcard for all of the lists. In fact, several of the people who emailed me off list saying "you're in no-more-funn" were ALSO listed in "no-more-funn" in the same manner. So that, combined with the number of "same here" posts wrt yahoo lead me to believe that that's not the reason. -mark On Thu, 9 Oct 2003, Thor Larholm wrote: > If you would read the page through, you would see that you are listed > MULTIPLE places. > > No-more-funn.moensted.dk > ARIXDICTSTALE > NERD-CA > NERD-ZZ > > Only the last two are country specific > > /thor > > -----Original Message----- > From: Mark Jeftovic [mailto:[email protected]] > Sent: Thursday, October 09, 2003 2:30 PM > To: Thor Larholm > Cc: [email protected] > Subject: RE: contact at yahoo mail? (they think we're an open relay :< ) > > > > We are listed in no-more-funn.moensted.dk as 127.0.0.2 which > is described as: > > + NERD-CA ip-space assigned to Canada: ca.countries.nerd.dk -> 127.0.0.2 > 216.220.40/24 is in ca, rejected based on geographical location > about: Please see our webpage for more information > about: This zone lists ONLY based on geographic information > about: The zone does NOT contain known spammers, nor open relays > > We do cop to being Canadian, but that's about it. I hope yahoo isn't > keying on this RBL. > > -mark > > ...and we've already filled out the retest form at Yahoo. > > On Thu, 9 Oct 2003, Thor Larholm wrote: > > > If you read through all of that page, you will notice that Yahoo > > itself has a re-test script you can use to trigger a verification. > > > > http://add.yahoo.com/fast/help/us/mail/cgi_retest > > > > Yahoo is not your only problem, if you look at > > http://moensted.dk/spam/?addr=216.220.40.247 you will notice that > > several DNSBL lists that IP address. No-more-fun believes it to be a > > "Direct spam source" and ArixDictStale says it has performed active > > dictionary attacks within the last 3 months. > > > > If you want to positively check whether you are an open relay, I would > > > recommend testing through ORDB at http://ordb.org/submit/ > > > > > > Regards > > Thor Larholm > > PivX Solutions, LLC - Senior Security Researcher > > > > -----Original Message----- > > From: Mark Jeftovic [mailto:[email protected]] > > Sent: Thursday, October 09, 2003 1:23 PM > > To: [email protected] > > Subject: contact at yahoo mail? (they think we're an open relay :< ) > > > > > > > > > > Today our email forwarders started getting this from yahoo.com mail > > handlers: > > > > 553 Mail from 216.220.40.247 not allowed - VS99-IP1 deferred - see > > help.yahoo.com/help/us/mail/defer/defer-02.html (#5.7.1) Connection > > closed by foreign host. > > > > Which when you go look at that page basically tells you you're > > probably an open relay (which we're not), etc. > > > > Can any mail admins at Yahoo contact me offlist, or post what the > > restrictions are or at what levels this will kick in? > > > > -mark > > > > > > -- Mark Jeftovic <[email protected]> Co-founder, easyDNS Technologies Inc. ph. +1-(416)-535-8672 ext 225 fx. +1-(416)-535-0237
|