April 2, 2012

L2.APEWS.ORG False Positive #14

This one came in over the weekend but has already been delisted by the APEWS Administrators. Just posting the email here for archive etc;

Sat 2012-03-31 12:30:29: [520:540] Accepting SMTP connection from [178.33.45.10]
Sat 2012-03-31 12:30:29: [520:540] Looking up PTR record for 178.33.45.10 (10.45.33.178.IN-ADDR.ARPA)
Sat 2012-03-31 12:30:30: [520:540] D=10.45.33.178.IN-ADDR.ARPA TTL=(1440) PTR=[18.mo5.mail-out.ovh.net]
Sat 2012-03-31 12:30:30: [520:540] Gathering A-records for PTR hosts
Sat 2012-03-31 12:30:30: [520:540] D=18.mo5.mail-out.ovh.net TTL=(1440) A=[178.33.45.10]
Sat 2012-03-31 12:30:30: [520:540] --> 220 xxx.xxx.xxx ESMTP MDaemon 6.7.9; Sat, 30 Mar 2012 22:30:30 -0500
Sat 2012-03-31 12:30:30: [520:540] <-- EHLO mo5.mail-out.ovh.net
Sat 2012-03-31 12:30:30: [520:540] Performing reverse lookup on mo5.mail-out.ovh.net (looking for 178.33.45.10)
Sat 2012-03-31 12:30:31: [520:540] D=mo5.mail-out.ovh.net TTL=(1440) A=[178.32.228.5]
Sat 2012-03-31 12:30:31: [520:540] --> 250-xxx.xxx.xxx Hello 18.mo5.mail-out.ovh.net (may be forged), pleased to meet you
Sat 2012-03-31 12:30:31: [520:540] --> 250-ETRN
Sat 2012-03-31 12:30:31: [520:540] --> 250-AUTH=LOGIN
Sat 2012-03-31 12:30:31: [520:540] --> 250-AUTH LOGIN CRAM-MD5
Sat 2012-03-31 12:30:31: [520:540] --> 250-8BITMIME
Sat 2012-03-31 12:30:31: [520:540] --> 250 SIZE 0
Sat 2012-03-31 12:30:31: [520:540] <-- MAIL FROM: SIZE=6970
Sat 2012-03-31 12:30:31: [520:540] Performing reverse lookup on yyy.yyy (looking for 178.33.45.10)
Sat 2012-03-31 12:30:32: [520:540] D=yyy.yyy TTL=(1439) A=[213.186.33.5]
Sat 2012-03-31 12:30:32: [520:540] P=100 D=webster.fr TTL=(1440) MX=[mxb.ovh.net]
Sat 2012-03-31 12:30:32: [520:540] P=001 D=webster.fr TTL=(1440) MX=[mx0.ovh.net] {213.186.33.32}
Sat 2012-03-31 12:30:33: [520:540] D=mxb.ovh.net TTL=(1440) A=[213.186.39.173]
Sat 2012-03-31 12:30:33: [520:540] Spam Blocker A-record resolution of [10.45.33.178.L2.APEWS.ORG] in progress (DNS Server: 192.168.1.2)...
Sat 2012-03-31 12:30:33: [520:540] Spam Blocker D=10.45.33.178.L2.APEWS.ORG TTL=(35) A=[127.0.0.2]
Sat 2012-03-31 12:30:33: [520:540] L2.APEWS.ORG LISTED
Sat 2012-03-31 12:30:33: [520:540] Message will be accepted and X-RBL-Warning: header will be inserted.
Sat 2012-03-31 12:30:33: [520:540] --> 250 , Sender ok
Sat 2012-03-31 12:30:33: [520:540] <-- RCPT TO:
Sat 2012-03-31 12:30:33: [520:540] --> 250 , Recipient ok
Sat 2012-03-31 12:30:33: [520:540] <-- DATA
Sat 2012-03-31 12:30:33: [520:540] --> 354 Enter mail, end with .
Sat 2012-03-31 12:30:33: [520:540] --> 250 Ok, message saved
Sat 2012-03-31 12:30:34: [520:540] <-- QUIT
Sat 2012-03-31 12:30:34: [520:540] --> 221 See ya in cyberspace
Sat 2012-03-31 12:30:34: [520:540] SMTP session successful, 7307 bytes transferred.
Sat 2012-03-31 12:30:34: [520:540] Shuffling message(s) into proper queue(s)
Sat 2012-03-31 12:30:34: [520:540] Message received from mo5.mail-out.ovh.net [178.33.45.10] with SMTP for [Size 796] {j:\localq\md00000000.msg}

OVH often have mail servers in the top 100 spam sources so no surprise that it was listed.

69 comments:

  1. Dear Admin,

    I'm Putut form PT Linknet (AS 23700,9905), now some our IP Address in the blacklist Apews since 2007. Please review and delist following our IP Address :
    202.73.97.0/22
    202.137.8.0/22
    202.137.16.0/22
    202.137.20.0/22
    202.137.24.0/22
    202.137.28.0/22

    Please help me... thanks..

    Regards,

    Putut Ardiyanto.
    System Administrator
    PT Linknet

    ReplyDelete
    Replies
    1. Checking these CIDR, it seems that some have been delisted and others not which suggests a review has taken place or is taking place, e.g. 202.137.8.0/24 is not listed now.

      Delete
    2. Dear Admin,
      Thanks for your respone,following is result of lookup ip in apews.org,Our CIDR 202.73.96.0/22 is still on apews blacklist, we use ip 202.73.97.21 for our Mail Server :

      Oooops 202.73.97.21 is currently listed in APEWS :-(
      Entry matching your Query: E-298724
      202.73.96.0/22
      CASE: C-1275
      AS23700 ID, ISP permits abuse and/or ignores criminal activity
      Special Reason:
      ISP permits abuse and/or ignores criminal activity
      History:
      Entry created 2007-09-06

      Please review.

      Putut Ardiyanto.
      System Administrator
      PT Linknet

      Thanks.

      Delete
  2. Dear APEWS!

    Remove the black list the IP address of the following:
    Joker.com.tr
    212.109.99.7
    212.109.99.5

    Your IP re-check our terms.


    Sincerely,

    FOREIGN TRADE ATM PAZ.A.Ş.

    ReplyDelete
    Replies
    1. Multiple postings are not necessary or advised. These 2 IP addresses were de-listed as noted before.

      Delete
    2. Dear APEWS,
      Remove the black list the IP address of the following:
      121.243.205.162

      Please help us.
      Thanks & Regards,
      Mr. Nitin Shinde
      Networking Administrator
      CMS Kharghar Branch

      Delete
  3. Hello, my domanin is cng.edu 190.90.58.68 could you please remuve the blacklist for this ip and 190.90.58.66 de mx

    thanks system administrator cng

    ReplyDelete
    Replies
    1. Multiple postings are not necessary or advised. APEWS has 2 lists, L1 is for domain names and L2 is IP addresses. Your domain was never listed from what we can see, and your IP addresses are not listed now.

      Delete
  4. Dear Admin,

    I'm Ozan form SLC Internet Solutions. Please review and delist following our IP Address
    89.19.1.112/29
    94.73.135.224/29
    Please help me, thanks.

    Best Regards,
    Ozan BEKTAS
    SLC Network Administrator

    ReplyDelete
  5. dear admin

    can help to delist the following ip ?

    mail.matadorhub.com
    203.125.100.246

    Thanks

    ReplyDelete
  6. dear admin
    Hello,

    my ip is 122.180.116.26 could you please delist this ip.
    both Apews Li and Lpews L2 are blocked.
    kindly revert soon.


    thanks

    ReplyDelete
    Replies
    1. L1 is a list of domain names only, you have only given an IP address which is listed in L2.Apews.org in a block 122.180.0.0/17.

      Delete
  7. Remove the black list the IP address of the following:
    abendi.org.br
    201.23.84.138


    Sincerely,

    Ivanaga

    ReplyDelete
  8. Please help to remove this IP
    202.75.43.93

    ReplyDelete
  9. Hi,

    Could you please remove our ip: 115.126.128.37 which is actually one of our spam filtering servers. Yours is the only blacklist we are on and it looks as though the entry was created a really long time ago.

    E-413467

    ReplyDelete
  10. APEWS: E-457940 82.146.48.0/22 Removal request

    I would like to request for removal. Please help.
    Entry created 2011-02-08 and now those addresses from this network belong to other servers. An issue with SPAM or any other is solved since 2011-02-08.

    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.135
    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.132
    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.139
    http://www.apews.org/?page=test&C=20&E=457940&ip=82.146.51.123

    Alexandra
    ISPsystem Abuse-team

    ReplyDelete
  11. Remove the black list the IP address of the following:
    eip.snetsystems.co.kr
    211.41.190.2

    Sincerely,

    SNET Network Administrator.

    ReplyDelete
  12. APEWS: E-431417 178.63.96.0/19 Removal request

    I would like to request for removal.

    Alexandra
    ISPsystem Abuse-team

    ReplyDelete
  13. Dear Apews E-450928 Removal request

    Can you please help us delist 178.23.0.0/16

    Best regards

    Lars Ancker
    Administrator

    ReplyDelete
  14. Dear Apews,

    Remove the black list the IP address of the following:
    Coscoiberia.com
    213.27.241.62
    thank you
    Regards.

    ReplyDelete
  15. Hello, my domanin is infogest3000.com could you please scan and remove the blacklist for this ip 80.37.47.70. its fixed reverse dns. thanks.

    ReplyDelete
  16. please delist my-ip: 94.84.177.154

    thank you

    ReplyDelete
  17. Super Idee in aller Öffentlichkeit hier alles breit zu treten!
    Da drängt sichg die Frage auf: Wo bleibt der Datenschutz?
    Wie wäre es mit einem Form auf der Web-Page?
    Andere solcher Listenbetreiber bekommen das auch hin ohne von Spams überrollt zu werden.....

    ReplyDelete
  18. Dear Sir,

    Please remove our IP (200.62.152.68 - mailucss.ucss.edu.pe) from blacklist. Not using it for spam, maillists or other kind of that stuff.

    Best Regards.

    Arturo rodriguez - Administrator
    arodriguez@ucss.edu.pe



    Testresults

    Oooops 200.62.152.68 is currently listed in APEWS :-(


    --------------------------------------------------------------------------------
    Entry matching your Query: E-265994
    200.62.152.0/21
    --------------------------------------------------------------------------------
    CASE: C-534
    AS12252 PE, ISP permits abuse and/or ignores criminal activity
    --------------------------------------------------------------------------------
    Special Reason:
    ISP permits abuse and/or ignores criminal activity
    --------------------------------------------------------------------------------
    History:
    Entry created 2007-07-16

    ReplyDelete
  19. Dear admin,

    Please remove our IP (5.39.21.135 - server.exchange.local )from blacklist. Not using it for spam, maillists or other kind of that staff.

    Bests regards,

    Duc BUI VAN
    IT Manager
    dbuivan@osp.fr

    ReplyDelete
  20. Hi!

    I need your help to remove my domain emic.com.br ip 177.43.57.231 from your blacklist.
    My customer don't receive my e-mails, and i'm having a lot of problems with this.

    Sorry my bad english!

    Tks,
    Daniel.

    ReplyDelete
  21. Please remove IP 74.223.221.34 from your black list. They are having some issues with sending out mail. Kickbacks are being delayed. Ive checked this IP against 104 known black lists and it comes back clean. Thanks you

    ReplyDelete
  22. Dear Admin,

    I´m the network administrator, we have identified in our network adresses it´s listed in APEWS since 2007. Please review and delist following our IP Address : 190.11.240/20

    Our AS is 27740 and was assigned by LACNIC November 7, 2011

    Please help us,thanks.

    Patricio
    Nerworking Administrator
    New Access S.A.

    ReplyDelete
  23. Hi Admin,

    We have recently acquired the IP: 5.135.189.67 with our new server, however we have noticed it is blacklisted on your list.
    This is a huge problem for us. Can you please remove the IP from your blacklist.

    Thank you.

    Regards,
    Andrew

    ReplyDelete
  24. Dear Admin,
    we have noticed that our domain is blacklisted on your list.
    so could you please remove our ip from your blacklist,below am mention about our details:
    IP:168.187.150.162 / mail.ptb.gov.kw

    Please do a needful help.

    Thanks
    George


    Testresults

    Oooops 168.187.150.162 is currently listed in APEWS :-(
    Entry matching your Query: E-431041
    168.187.148.0/22
    CASE: C-415
    AS6412 KW, ISP permits abuse and/or ignores criminal activity
    History:
    Entry created 2010-11-02

    ReplyDelete
  25. Dear Admin,

    We found out that we are in Your spam list. We shoudn't be. Could You check it please?

    Test result

    Oooops 83.17.24.210 is currently listed in APEWS :-(
    ________________________________________
    Entry matching your Query: E-409816
    83.17.16.0/20
    ________________________________________
    CASE: C-1010
    Dynamic IP space, generic DNS/rDNS, no PTR
    Direct connections to MX not permitted, you
    need to use your ISP servers or smarthost

    Thank You in advance for Your help.

    Kind regards
    Wojtek

    ReplyDelete
    Replies
    1. Dear Sir,

      Our IP is still blocking in spite of fix the problem with PTR two weeks ago . It is very problmatic for our company. Once again please, delate our ip (83.17.24.210) from Your list.

      Kind regards
      Wojtek

      Delete
  26. Hello Sir.

    Please remove the IP 115.115.114.2 from your Block list

    Thanks Ram

    ReplyDelete
  27. please remove ip address 66.7.199.104 it was listed in 2011
    uceprotect is currently blocking us because of 1 email sent to their server, I am a private dedicated server with a strict policy but in the last 5 years i have had 3 clients get a virus which sent out spam it has always been cleaned up within an hour of the attack though, i receive extensive emails about what goes on, on my server.

    ReplyDelete
  28. Remove the black list the IP address of the following:
    desejofatal.com.br
    189.76.68.33


    Sincerely,

    cezar

    ReplyDelete
  29. Please, remove the black list the IP address of the following:
    mail.upnorte.edu.pe
    190.223.54.20

    ReplyDelete
  30. Hi - our server IP - 50.28.34.130 - seems to have been listed before we even started using it; I am sure we do not spam, so please could you remove the listing?

    Thanks
    Alan

    ReplyDelete
  31. Please remove our mailserver's IP from your blacklist (mail.santaclara.com.gt - 190.149.222.173). It is listed due to the reputation of the entire range of our ISP. I have reported this to them, but I don't expect any help from their side and as they are the only ISP available here in Guatemala we have no choice but to use their service. Please help.

    Test result:
    Oooops 190.149.222.173 is currently listed in APEWS :-(
    Entry matching your Query: E-383779
    190.149.0.0/16
    CASE: C-1402
    Spambots in CIDR, little or no action by NOC
    Special Reason:
    Only the ASN/CIDR owner can solve this listing by actioning FAQ 42 apews.org SHUTDOWN BOTS, ZOMBIES, NET ABUSE
    History:
    Entry created 2009-04-27

    ReplyDelete
  32. HI APEWS Admin,

    Plz Delist our IP : " 184.172.186.61 "

    Which is listed on APEWS. As we didn't send any Spammer's.

    If we have sent by mistake, we will stop that process.

    So plz delist the IP asap.

    Thanks.

    ReplyDelete
  33. dear Admin,

    Please remove ip 62.38.151.21 if i may say, you should put another an automatic way to remove blacklist for real ip.

    Thanks

    ReplyDelete
  34. please remove below ip with details
    91.138.172.34
    Entry matching your Query: E-384089
    91.138.128.0/17CASE: C-1403
    Dynamic IP space

    ReplyDelete
  35. please unlist our IP Adress 105.235.246.83

    ReplyDelete
  36. Buenas tardes ayúdeme eliminando mi IP de su lista negra 181.198.19.210 el dominio mail.imar-ec.com

    ReplyDelete
  37. Oooops 181.198.19.210 is currently listed in APEWS :-(
    Entry matching your Query: E-180024
    181.0.0.0/8
    CASE: C-1404
    IP allocations to providers with a bad reputation
    Special Reason:
    No traffic until allocated

    ReplyDelete
  38. Oooops 181.198.19.210 is currently listed in APEWS :-(
    Entry matching your Query: E-180024
    181.0.0.0/8
    CASE: C-1404
    IP allocations to providers with a bad reputation
    Special Reason:
    No traffic until allocated

    ReplyDelete
  39. good afternoon,'s administrator please list your IP 201,217,110,218 lsiatdo, my domain is spam liubre now ... thanks for your prompt help.

    ReplyDelete
  40. good afternoon,'s administrator please delist IP 201,217,110,218, my domain is spam nothing now ... thanks for your prompt help.

    ReplyDelete
  41. شكرا لكم كتيرا
    http://jeuxjeux99.blogspot.com/
    العاب سيارات هنا سوف ستجدون تشكيلة مميزة من أروع و أفضل ما يوجد في العاب سيارات يمكنك اللعب مباشرة وبسهولة تامة بدون تحميل و مرحبا بالجميع في موقع العاب سيارات .

    ReplyDelete
  42. pueden remover esta IP de la lista negra 187.163.144.51

    ReplyDelete
  43. Ip 116.118.104.138 là Ip server mail công ty mình, bạn có remove blacklist giúp mình dc ko?Ip is not spam!Thanks

    ReplyDelete
  44. Dear Apews,

    Remove the black list the IP address of the following:
    shield.greencross.com
    218.235.251.29
    thank you
    Regards.

    ReplyDelete
  45. buenas tardes por favor sacar de listas negras la siguiente ip 190.12.7.210

    ReplyDelete
  46. 31.210.55.141 ip smtp blocked, pls open

    ReplyDelete
  47. Dear Apews,

    Remove the black list the IP address of the following:
    tabasco.gob.mx
    187.157.9.66
    thank you

    ReplyDelete
  48. Please remove our IP address from the blacklist:

    198.57.172.249

    Thank you!

    ReplyDelete
  49. Dear APEWS,
    Please remove below network block with details, 196.45.145.163,
    Entry matching your Query: E-259539
    196.45.128.0/19
    CASE: C-424
    AS22351 GN, ISP permits abuse and/or ignores criminal activity

    ReplyDelete
  50. Please remove below IP address from the blacklist.
    104.246.18.75
    Thank you.

    ReplyDelete
  51. Please remove below IP address from the blacklist.
    104.246.18.75
    Thank you.

    ReplyDelete
  52. Dear APEWS,
    Please remove our ip address 190.85.130.18
    we didn't send any Spammer's.
    Thanks

    ReplyDelete
  53. Dear APEWS,
    I wish to delist my server IP 89.136.235.189 from the blacklist.
    This issue arose two weeks ago. They are listed only on l2.apews.org.
    There is no longer any threat or any spam that will lead out from my server IP 89.136.235.189.
    Thanks

    ReplyDelete
  54. Please remove our IP address from the blacklist:

    180.148.2.102

    Thank you very much!

    ReplyDelete
  55. Hi,

    Please remove tihs IP 212.175.59.187

    Thanks,
    Best Regards

    ReplyDelete
  56. Hi,

    Please remove tihs IP 186.72.233.6

    Thanks,
    Best Regards

    ReplyDelete
  57. Dear Admin,

    I'm Zoltán form Pannon-Work Zrt. Please review and delist following our IP Addresses
    195.228.212.246
    217.113.62.94
    Please help me, thanks.

    Best Regards,
    Zoltán Reider
    Pannon-Wprl Administrator

    ReplyDelete
  58. Dear Admin,

    please remove this IP address from blacklist.

    184.154.1.59


    Please review it. its not spam sending .

    Thanks

    ReplyDelete
  59. Dear Admin,

    Please review 216.107.149.91 & 216.107.149.92

    ReplyDelete
  60. Caro Administrador,

    Pode por favor remover o IP: 201.7.103.5 (mail2.metrorio.com.br), está listado na L2 de vocês.

    Obrigado!

    Att,
    Paulo Vitor

    ReplyDelete
  61. Buenas Tardes

    Administrador de APEWS

    la siguiente solicitud es para el deslis ta miento de la ip 190.248.11.164

    ReplyDelete