Wake up sleepy-head, someone around you is thinking their way into the future....
« CentOS made the netcraft survey!The Not-So-Secret History of 'Aeon Flux' »

got listed at cbl.abuseat.org

Permalink 05/Dec/2005 01:35 , Categories: EMail, Spam

http://cbl.abuseat.org/ -- heard of them before ?

I cant work out why they have listed one of my home IP's on their suppression list. The reasons they mention for a listing are :

1. viruses, spyware, adware, open proxies and trojans
2. dynamic ip : so someone else might have been having fun
3. mail server running on Microsoft Windows or is running proxy services

And I can quite assure you that none of the above are valid in my case. So I wonder, what is it that made them list my IP ? Have sent them an email, lets see if they reply. All in all, going by their setup and info they provide - cbl seems to be a very shoddy service, if you are an admin running mail services, and use cbl, wake up - drop their service. It seems worthless, you _ARE_ loosing valid emails.

--
Karanbir Singh { http://www.karan.org/ }

5 comments »

5 comments

Comment from: ETM [Visitor]
Probably the person using the IP before you was infected with some kind of worm or running an open proxy. CBL doesn't disclose much - but part of that may be that they're trying to keep the attack vector for spammers as small as possible. I've had a look at their RBL file (at least that is publicly disclosed). There are no /24 netblocks etc. in there, just single IPs (~ 2 Million). Comparing the file within two hours showed that ~30k IPs expired from the list, while 60k new IPs were added.

In spammy times like these you need a static IP to properly run an mailserver on the Internet. Sad but true. Spammers made the Internet a less "friendly" place.
12/Dec/2005 @ 20:59
Comment from: Karanbir Singh [Member] Email · http://www.karan.org/
I've had this IP subnet for over a year now - CBL must be really brain dead to list this IP now, if someone else who had this IP before me was infected with a worm or something.

For the time being I've bumped MX for the domains I receive email on, and changed the IP address of the mailserver. Lets see if CBL or someone else lists it again.
12/Dec/2005 @ 23:17
Comment from: Nidhruv [Visitor]
Does base.karan.org belong to you ? If it does then that explains why. This IP is being used to route phishing emails to people. Please secure the ports of the CentOS webserver running on it.

Thanks,Nidhruv
17/Dec/2005 @ 16:35
Comment from: Karanbir Singh [Member] Email · http://www.karan.org/
Nidhruv, yes - base.karan.org does belong to me. Could you provide me some means to verify these so called phishing emails you seem to have received from this machine ????

fwiw, base.karan.org is not the machine that I had issues with.
17/Dec/2005 @ 16:57
Comment from: Techy [Visitor]
Everthing is fine, but can i find anywhere that what is the orginal cause that CBL listing my IP again & again. My IP is fully safe & no Viruses & Torjans & etc. are there on my server...

can we catch the reason for getting listed at CBL.
27/Feb/2006 @ 10:18

Leave a comment


Your email address will not be revealed on this site.

Your URL will be displayed.
(Line breaks become <br />)
(Name, email & website)
(Allow users to contact you through a message form (your email will not be revealed.)

Welcome to my Blog. Various bits of rambling and going-on's find their way here. If you have something to say, I would love to hear it from you.

Search

XML Feeds

powered by b2evolution free blog software

Contact | Blog skin by Asevo