April 2, 2012

L2.APEWS.ORG False Positive #14

This one came in over the weekend but has already been delisted by the APEWS Administrators. Just posting the email here for archive etc;

Sat 2012-03-31 12:30:29: [520:540] Accepting SMTP connection from [178.33.45.10]
Sat 2012-03-31 12:30:29: [520:540] Looking up PTR record for 178.33.45.10 (10.45.33.178.IN-ADDR.ARPA)
Sat 2012-03-31 12:30:30: [520:540] D=10.45.33.178.IN-ADDR.ARPA TTL=(1440) PTR=[18.mo5.mail-out.ovh.net]
Sat 2012-03-31 12:30:30: [520:540] Gathering A-records for PTR hosts
Sat 2012-03-31 12:30:30: [520:540] D=18.mo5.mail-out.ovh.net TTL=(1440) A=[178.33.45.10]
Sat 2012-03-31 12:30:30: [520:540] --> 220 xxx.xxx.xxx ESMTP MDaemon 6.7.9; Sat, 30 Mar 2012 22:30:30 -0500
Sat 2012-03-31 12:30:30: [520:540] <-- EHLO mo5.mail-out.ovh.net
Sat 2012-03-31 12:30:30: [520:540] Performing reverse lookup on mo5.mail-out.ovh.net (looking for 178.33.45.10)
Sat 2012-03-31 12:30:31: [520:540] D=mo5.mail-out.ovh.net TTL=(1440) A=[178.32.228.5]
Sat 2012-03-31 12:30:31: [520:540] --> 250-xxx.xxx.xxx Hello 18.mo5.mail-out.ovh.net (may be forged), pleased to meet you
Sat 2012-03-31 12:30:31: [520:540] --> 250-ETRN
Sat 2012-03-31 12:30:31: [520:540] --> 250-AUTH=LOGIN
Sat 2012-03-31 12:30:31: [520:540] --> 250-AUTH LOGIN CRAM-MD5
Sat 2012-03-31 12:30:31: [520:540] --> 250-8BITMIME
Sat 2012-03-31 12:30:31: [520:540] --> 250 SIZE 0
Sat 2012-03-31 12:30:31: [520:540] <-- MAIL FROM: SIZE=6970
Sat 2012-03-31 12:30:31: [520:540] Performing reverse lookup on yyy.yyy (looking for 178.33.45.10)
Sat 2012-03-31 12:30:32: [520:540] D=yyy.yyy TTL=(1439) A=[213.186.33.5]
Sat 2012-03-31 12:30:32: [520:540] P=100 D=webster.fr TTL=(1440) MX=[mxb.ovh.net]
Sat 2012-03-31 12:30:32: [520:540] P=001 D=webster.fr TTL=(1440) MX=[mx0.ovh.net] {213.186.33.32}
Sat 2012-03-31 12:30:33: [520:540] D=mxb.ovh.net TTL=(1440) A=[213.186.39.173]
Sat 2012-03-31 12:30:33: [520:540] Spam Blocker A-record resolution of [10.45.33.178.L2.APEWS.ORG] in progress (DNS Server: 192.168.1.2)...
Sat 2012-03-31 12:30:33: [520:540] Spam Blocker D=10.45.33.178.L2.APEWS.ORG TTL=(35) A=[127.0.0.2]
Sat 2012-03-31 12:30:33: [520:540] L2.APEWS.ORG LISTED
Sat 2012-03-31 12:30:33: [520:540] Message will be accepted and X-RBL-Warning: header will be inserted.
Sat 2012-03-31 12:30:33: [520:540] --> 250 , Sender ok
Sat 2012-03-31 12:30:33: [520:540] <-- RCPT TO:
Sat 2012-03-31 12:30:33: [520:540] --> 250 , Recipient ok
Sat 2012-03-31 12:30:33: [520:540] <-- DATA
Sat 2012-03-31 12:30:33: [520:540] --> 354 Enter mail, end with .
Sat 2012-03-31 12:30:33: [520:540] --> 250 Ok, message saved
Sat 2012-03-31 12:30:34: [520:540] <-- QUIT
Sat 2012-03-31 12:30:34: [520:540] --> 221 See ya in cyberspace
Sat 2012-03-31 12:30:34: [520:540] SMTP session successful, 7307 bytes transferred.
Sat 2012-03-31 12:30:34: [520:540] Shuffling message(s) into proper queue(s)
Sat 2012-03-31 12:30:34: [520:540] Message received from mo5.mail-out.ovh.net [178.33.45.10] with SMTP for [Size 796] {j:\localq\md00000000.msg}

OVH often have mail servers in the top 100 spam sources so no surprise that it was listed.
Posted by at
Labels: , , , , , , ,

32 comments:

  1. Dear Admin,

    I'm Putut form PT Linknet (AS 23700,9905), now some our IP Address in the blacklist Apews since 2007. Please review and delist following our IP Address :
    202.73.97.0/22
    202.137.8.0/22
    202.137.16.0/22
    202.137.20.0/22
    202.137.24.0/22
    202.137.28.0/22

    Please help me... thanks..

    Regards,

    Putut Ardiyanto.
    System Administrator
    PT Linknet

    ReplyDelete
    Replies

    1. Checking these CIDR, it seems that some have been delisted and others not which suggests a review has taken place or is taking place, e.g. 202.137.8.0/24 is not listed now.

      Delete

    2. Dear Admin,
      Thanks for your respone,following is result of lookup ip in apews.org,Our CIDR 202.73.96.0/22 is still on apews blacklist, we use ip 202.73.97.21 for our Mail Server :

      Oooops 202.73.97.21 is currently listed in APEWS :-(
      Entry matching your Query: E-298724
      202.73.96.0/22
      CASE: C-1275
      AS23700 ID, ISP permits abuse and/or ignores criminal activity
      Special Reason:
      ISP permits abuse and/or ignores criminal activity
      History:
      Entry created 2007-09-06

      Please review.

      Putut Ardiyanto.
      System Administrator
      PT Linknet

      Thanks.

      Delete

  2. Dear APEWS!

    Remove the black list the IP address of the following:
    Joker.com.tr
    212.109.99.7
    212.109.99.5

    Your IP re-check our terms.


    Sincerely,

    FOREIGN TRADE ATM PAZ.A.Ş.

    ReplyDelete
    Replies

    1. Multiple postings are not necessary or advised. These 2 IP addresses were de-listed as noted before.

      Delete

  3. Hello, my domanin is cng.edu 190.90.58.68 could you please remuve the blacklist for this ip and 190.90.58.66 de mx

    thanks system administrator cng

    ReplyDelete
    Replies

    1. Multiple postings are not necessary or advised. APEWS has 2 lists, L1 is for domain names and L2 is IP addresses. Your domain was never listed from what we can see, and your IP addresses are not listed now.

      Delete

  4. Dear Admin,

    I'm Ozan form SLC Internet Solutions. Please review and delist following our IP Address
    89.19.1.112/29
    94.73.135.224/29
    Please help me, thanks.

    Best Regards,
    Ozan BEKTAS
    SLC Network Administrator

    ReplyDelete

  5. dear admin

    can help to delist the following ip ?

    mail.matadorhub.com
    203.125.100.246

    Thanks

    ReplyDelete

  6. dear admin
    Hello,

    my ip is 122.180.116.26 could you please delist this ip.
    both Apews Li and Lpews L2 are blocked.
    kindly revert soon.


    thanks

    ReplyDelete
    Replies

    1. L1 is a list of domain names only, you have only given an IP address which is listed in L2.Apews.org in a block 122.180.0.0/17.

      Delete

  7. Remove the black list the IP address of the following:
    abendi.org.br
    201.23.84.138


    Sincerely,

    Ivanaga

    ReplyDelete

  8. Please help to remove this IP
    202.75.43.93

    ReplyDelete

  9. Hi,

    Could you please remove our ip: 115.126.128.37 which is actually one of our spam filtering servers. Yours is the only blacklist we are on and it looks as though the entry was created a really long time ago.

    E-413467

    ReplyDelete

  10. APEWS: E-457940 82.146.48.0/22 Removal request

    I would like to request for removal. Please help.
    Entry created 2011-02-08 and now those addresses from this network belong to other servers. An issue with SPAM or any other is solved since 2011-02-08.

    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.135
    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.132
    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.139
    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.123

    Alexandra
    ISPsystem Abuse-team

    ReplyDelete

  11. Remove the black list the IP address of the following:
    eip.snetsystems.co.kr
    211.41.190.2

    Sincerely,

    SNET Network Administrator.

    ReplyDelete

  12. APEWS: E-431417 178.63.96.0/19 Removal request

    I would like to request for removal.

    Alexandra
    ISPsystem Abuse-team

    ReplyDelete

  13. Dear Apews E-450928 Removal request

    Can you please help us delist 178.23.0.0/16

    Best regards

    Lars Ancker
    Administrator

    ReplyDelete

  14. Dear Apews,

    Remove the black list the IP address of the following:
    Coscoiberia.com
    213.27.241.62
    thank you
    Regards.

    ReplyDelete

  15. Hello, my domanin is infogest3000.com could you please scan and remove the blacklist for this ip 80.37.47.70. its fixed reverse dns. thanks.

    ReplyDelete

  16. please delist my-ip: 94.84.177.154

    thank you

    ReplyDelete

  17. Super Idee in aller Öffentlichkeit hier alles breit zu treten!
    Da drängt sichg die Frage auf: Wo bleibt der Datenschutz?
    Wie wäre es mit einem Form auf der Web-Page?
    Andere solcher Listenbetreiber bekommen das auch hin ohne von Spams überrollt zu werden.....

    ReplyDelete

  18. Dear Sir,

    Please remove our IP (200.62.152.68 - mailucss.ucss.edu.pe) from blacklist. Not using it for spam, maillists or other kind of that stuff.

    Best Regards.

    Arturo rodriguez - Administrator
    arodriguez@ucss.edu.pe



    Testresults

    Oooops 200.62.152.68 is currently listed in APEWS :-(


    --------------------------------------------------------------------------------
    Entry matching your Query: E-265994
    200.62.152.0/21
    --------------------------------------------------------------------------------
    CASE: C-534
    AS12252 PE, ISP permits abuse and/or ignores criminal activity
    --------------------------------------------------------------------------------
    Special Reason:
    ISP permits abuse and/or ignores criminal activity
    --------------------------------------------------------------------------------
    History:
    Entry created 2007-07-16

    ReplyDelete

  19. Dear admin,

    Please remove our IP (5.39.21.135 - server.exchange.local )from blacklist. Not using it for spam, maillists or other kind of that staff.

    Bests regards,

    Duc BUI VAN
    IT Manager
    dbuivan@osp.fr

    ReplyDelete

  20. Hi!

    I need your help to remove my domain emic.com.br ip 177.43.57.231 from your blacklist.
    My customer don't receive my e-mails, and i'm having a lot of problems with this.

    Sorry my bad english!

    Tks,
    Daniel.

    ReplyDelete

  21. Please remove IP 74.223.221.34 from your black list. They are having some issues with sending out mail. Kickbacks are being delayed. Ive checked this IP against 104 known black lists and it comes back clean. Thanks you

    ReplyDelete

  22. Dear Admin,

    I´m the network administrator, we have identified in our network adresses it´s listed in APEWS since 2007. Please review and delist following our IP Address : 190.11.240/20

    Our AS is 27740 and was assigned by LACNIC November 7, 2011

    Please help us,thanks.

    Patricio
    Nerworking Administrator
    New Access S.A.

    ReplyDelete

  23. Hi Admin,

    We have recently acquired the IP: 5.135.189.67 with our new server, however we have noticed it is blacklisted on your list.
    This is a huge problem for us. Can you please remove the IP from your blacklist.

    Thank you.

    Regards,
    Andrew

    ReplyDelete

  24. Dear Admin,
    we have noticed that our domain is blacklisted on your list.
    so could you please remove our ip from your blacklist,below am mention about our details:
    IP:168.187.150.162 / mail.ptb.gov.kw

    Please do a needful help.

    Thanks
    George


    Testresults

    Oooops 168.187.150.162 is currently listed in APEWS :-(
    Entry matching your Query: E-431041
    168.187.148.0/22
    CASE: C-415
    AS6412 KW, ISP permits abuse and/or ignores criminal activity
    History:
    Entry created 2010-11-02

    ReplyDelete

  25. Dear Admin,

    We found out that we are in Your spam list. We shoudn't be. Could You check it please?

    Test result

    Oooops 83.17.24.210 is currently listed in APEWS :-(
    ________________________________________
    Entry matching your Query: E-409816
    83.17.16.0/20
    ________________________________________
    CASE: C-1010
    Dynamic IP space, generic DNS/rDNS, no PTR
    Direct connections to MX not permitted, you
    need to use your ISP servers or smarthost

    Thank You in advance for Your help.

    Kind regards
    Wojtek

    ReplyDelete
    Replies

    1. Dear Sir,

      Our IP is still blocking in spite of fix the problem with PTR two weeks ago . It is very problmatic for our company. Once again please, delate our ip (83.17.24.210) from Your list.

      Kind regards
      Wojtek

      Delete

  26. Hello Sir.

    Please remove the IP 115.115.114.2 from your Block list

    Thanks Ram

    ReplyDelete

Subscribe to: Post Comments (Atom)