Re: OT: The list posting issues

[Michael Silver <msilver farpan net>]

The link posted in a previous email does provide the information on why 
the IP address was listed, and how to get it delisted.

The IP address in question attempted to deliver email to spamtraps, also 
known as honeypots. They link to the Wikipedia article, but basically 
honeypots are systems, email addresses, whatever set up to deliberately 
catch the kind of brute-force spam attack employed by some spammers. If 
a mail server attempts to deliver email to these addresses, they get 
blacklisted.

The service provides a date and time stamp for the mail server admins to 
investigate the sender. In this case, there were two attempts to deliver 
at 20:57 CET on Feb 22. If the mail server stops trying to deliver email 
to the spamtraps, then the mail server will automatically be removed 
from the blacklist on Feb 29 at 22:00 CET.

The mail server admins need to check the server logs, find out who was 
sending messages to the spamtraps, and see if there are indeed spammers 
operating from that server. If I was running the server, I would do a 
grep on the appropriate log file using the date and time. The 5xx error 
codes should be fairly easy to see, assuming that the mail server is 
properly configured (e.g., using NTP to standardize date / time, logging 
appropriate information, etc.).

If the server admins are either unwilling or unable to follow through 
with those actions, then there is a problem with the server 
administration that should be addressed. I will admit that the $116 
charge for express delisting strikes me as a bit of a money grab, but it 
takes time and effort to run these services. Spam is a huge problem - 
bigger than most people realize. There may be a language issue here, 
since the the only languages for the UCEProtect pages appear to be DE 
and EN. Still, the concepts listed should be familiar to anyone 
responsible for running a mail server on the Internet.

I am not connected with UCEProtect or with the administrators of this 
list. As someone who has been responsible for running mail servers, I 
was intrigued by the idea of a blacklist service that didn't provide 
information on getting an IP address removed from the list. While they 
appear to be on the strict side of things, they do provide sufficient 
information to investigate further.

Michael

On 23/02/2012 11:31 PM, Andrey Repin wrote:
> Greetings, Michael Ross!
>
> > It would appear this has happened to your email address. As I understand it
> > your email address has been harvested and used to send spam to the mailing
> > list.
> This has nothing to do with email ADDRESS, for last time.
> It's my provider's mail server IP that got blocked.
> And UCEProtect do not offer any tools to find a reason for such block,
> therefore, even when my provider is certainly eager to cut spammers away from
> the service, there's nothing they can do about it without information.
>
> > If you investigate the UCEProtect website they explain how you can combat
> > the harvesting and use of your email address.
> 1. Does not apply. This situation have nothing to do with my address.
> 2. Everything they explain boils down to "whatever, just deal with it".
>
> > No one can do this for you, you have to undertake the solution on your own.
> Yeah. One solution I see right now is to stop posting into list, as it
> becoming increasingly troublesome. (Though i'm not posting that much anyway.)
>
> > Are you aware of a an anti-spam method that would work better than
> > UCEProtect?
> UCEProtect isn't the "method". Method is DNSBL/RBL, and that's what UCEProtect
> offer as a service. And they are not the only one company offering that
> service in the internet. I'm quite sure of that.
>
>
> --
> WBR,
> Andrey Repin (anrdaemon freemail ru) 24.02.2012,<08:55>
>
> Sorry for my terrible english...
>
> _______________________________________________
> dia-list mailing list
> dia-list gnome org
> http://mail.gnome.org/mailman/listinfo/dia-list
> FAQ at http://live.gnome.org/Dia/Faq
> Main page at http://live.gnome.org/Dia