Want to get paid for a vulnerability similar to this one?
Contact us at: email@example.com
Well, multiple scanners say I have no malware, no spyware, and no rootkits.
http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a220.127.116.11+ says I’m clean except for Spamhaus.
Spamhaus shows that http://www.spamhaus.org/query/bl?ip=18.104.22.168 I’m clean and it’s Shaw that’s dirty.
Shaw’s support is as inane as ever:
Your representative has arrived.
Stephen – 6685 (11:43:37):
Thank you for choosing Shaw Internet Chat Support, my name is Steve. I will be happy to help you today.Before continuing, would you please confirm your home telephone number and address so that I can bring up your account information?
[If you don’t mind, I’ve elided this, but it’s the only change I’ve made – rms]
Stephen – 6685 (11:44:57):
Thank you, one moment please
Stephen – 6685 (11:48:07):
from what we see on the notes, it looks like your email is being blocked to due a poor reputation which means its being blocked by spam protection companies, im just looking into this a little further for you.
Rob Slade (11:49:16):
Do you have any idea of what that means? When I talked to “Rowell” yesteerday, he did not know anything about anti-spam technology, and just kept handing me bafflegab. If you do not have any knowledge in thsi area, please hand me to someone who does.
Rob Slade (11:49:46):
I should let you know that I *do* know what I’m talking about: look up “Robert Slade” on Wikipedia.
Stephen – 6685 (11:49:48):
your being blocked by spamhaus
Stephen – 6685 (11:50:02):
Rob Slade (11:50:18):
I’ve written two books on viruses and malware, the first book on software forensics, and a dictionary of information security.
Rob Slade (11:50:38):
I do know what spam is, and I am well aware of antipsam technology.
Rob Slade (11:51:08):
Per looking at senderbase yesterday, my specific IP address has nothing on it. Just Shaw’s domain range.
Stephen – 6685 (11:52:03):
you would need to go here http://www.spamhaus.org/lookup.lasso type in your ip address to lookup, then click the document it shows under the listed in red, and follow the steps to get it removed from spamhaus
Rob Slade (11:52:29):
Rob Slade (11:53:04):
See that it is only listed in the PBL, and if you look up the detail on that you will see that it is only the Shaw /22 range, and not my address.
Rob Slade (11:53:49):
Going back to your original list, you will see that it is *only* listed on Spamhaus (and therefore only on the PBL), and that *all* the other sites give me a clean bill of health.
Rob Slade (11:54:19):
In addition, why did I get absolutely no warning or notice from Shaw, just had my ability to send cut off without warning?
Stephen – 6685 (11:54:27):
its not blocked by us
Stephen – 6685 (11:54:31):
thats why we couldnt give warning
Stephen – 6685 (11:54:37):
its blocked by spamhaus
Rob Slade (11:54:49):
It is your SMTP server that refuses the connectionh.
Rob Slade (11:55:00):
You can’t blame Spamhaus.
Stephen – 6685 (11:55:14):
http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a22.214.171.124+ please review this, it will show you based on a search of your ip address, its listed by spamhaus-zen….
Rob Slade (11:55:52):
That is the same list as before.
Stephen – 6685 (11:56:19):
yes it is
Rob Slade (11:56:36):
As I told you, it gives me a clean bill of health, except for Spamhaus, and Spamhaus only lists the Shaw /22 range in the PBL, not my IP address specifically.
Stephen – 6685 (11:56:37):
if you look at the top.. spamhaus-zen to the right of that it shows as listed which means its blocked by them
Stephen – 6685 (11:57:00):
its still being listed by them, otherwise it would come up saying OK next to spamhaus
Stephen – 6685 (11:57:16):
if you login to webmail and try sending an email out from there, it will work because its not associated with your computer
Stephen – 6685 (11:57:30):
its not working on your computer because your ip address is blocked by spamhaus
Rob Slade (11:57:44):
Yes, and if you look at the detail, you will see that I am *not* lsited in the SBL, *not* listed in the CBL, and *only* listed in the PBL, and if you look at the detail for *that* you will see that it is *Shaw* that violates, not me.
Rob Slade (11:58:37):
Here. chew on these: http://is.gd/VbjOIh http://is.gd/ogefIX
Stephen – 6685 (11:59:31):
im not sure what i am suppose to be seeing in those links.. Error establishing a database connection
Stephen – 6685 (12:00:07):
http://www.spamhaus.org/pbl/query/PBL164253 from there, you will need to follow the steps from clicking on remove an ip from pbl
Rob Slade (12:01:20):
In the meantime, I will be writing up more blog posts on how Shaw has inconsitent spam filtering, does not say what kind of spam filtering it does do, has a weird relationship with the blacklisting outfits.
Rob Slade (12:02:09):
Obviously you have not read the page you sent me. This is the procedure only if you are running an email server (MTA) yourself. I don’t. You guys do.
Stephen – 6685 (12:05:15):
yes, from the report, its showing that its being blocked due to not using smpt authentication, that gets addressed from our side, where we communicate with spamhaus to get that resolved, however also by having you follow the link from the remove my ip address can usaully help get it resolved quicker.
Stephen – 6685 (12:06:12):
it is blocked by spamhaus, not us, which is something that will get looked into, if it was just being blocked by us, we could easily resolve it for you, however because its being blocked by a 3rd party, it will take some time, in the meantime you can use webmail to send and receive emails
Rob Slade (12:06:19):
How so? I don’t run an SMTP server, so I can’t give them full info in filling out that form.
Rob Slade (12:07:06):
Besides, it’s not a static address.
Rob Slade (12:07:45):
Obviously you do not know what you are talkign about. Are you going to put me through to someone who does?
Stephen – 6685 (12:08:08):
yes i do know what i am talking about Rob
Rob Slade (12:08:45):
Then how come you are asking em to fill out a form when the instructions specifically state not to do it unless this is a static IP address and I am running my own mail server?
Rob Slade (12:09:36):
http://www.spamhaus.org/pbl/removal/ “You should only remove an IP address from the PBL if (A) the IP address is Static and has proper Reverse DNS assigned to your mail server”
Stephen – 6685 (12:09:37):
i am just looking to see what more we can do on this right now, i will be a couple minutes.