June 18, 2013

Apews listing only part of the problem, correctly listed IP

Hi APEWS Admins, please remove my IP address from your blacklist : 162.39.36.66

Thanks!


Full headers:

Received: from pusen02 (192.168.16.40) by connect.activedata.ca
(192.168.16.38) with Microsoft SMTP Server (TLS) id 14.2.247.3; Tue, 18 Jun
2013 07:59:31 -0400
Received: from pusen02 ([162.39.36.66] helo=pusen02) by ASSP.nospam with SMTP
(2.3.3); 18 Jun 2013 07:59:31 -0400
From: <***@***.com>
Subject: [SPAM]
To: J*** <***@***.com>
Date: Tue, 18 Jun 2013 07:49:24 -0400
Message-ID: <201306180749242N.DCSML-S000250000.000074FBD545@172.23.40.3>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="_41dffd17-33c1-4156-825e-2450e53d5501_"
X-Assp-Version: 2.3.3(13137) on ASSP.nospam
X-Assp-ID: ASSP.nospam m1-56771-09551
X-Assp-Session: 7F329949E7B8 (mail 1)
X-Assp-Server-TLS: yes
X-Assp-Received-SPF: softfail ip=162.39.36.66 mailfrom=***@***.com
helo=pusen02
X-Original-Authentication-Results: ASSP.nospam; spf=softfail
X-Assp-Message-Score: 5 (SPF softfail)
X-Assp-IP-Score: 5 (SPF softfail)
X-Assp-Message-Score: 35 (DNSBLcache: neutral, 162.39.36.66 listed in
l2.apews.org{127.0.0.2})
X-Assp-IP-Score: 35 (DNSBLcache: neutral, 162.39.36.66 listed in
l2.apews.org{127.0.0.2})
X-Assp-DNSBLcache: neutral, 162.39.36.66 listed in l2.apews.org{127.0.0.2}
X-Assp-Message-Score: 10 (invalid HELO: 'pusen02')
X-Assp-IP-Score: 10 (invalid HELO: 'pusen02')
X-Assp-Bayes-Confidence: 0.00040
X-Assp-Tag: MessageLimit
X-Assp-Spam: YES
X-Spam-Status: yes
X-Assp-Spam-Reason: MessageScore passed low limit
X-Assp-Message-Totalscore: 50
X-Assp-Spam-Level: ***********
Return-Path: ***@***.com
X-MS-Exchange-Organization-AuthSource: ExchSrv.activedata.local
X-MS-Exchange-Organization-AuthAs: Anonymous

The delivering server is using an incorrect HELO/EHLO, it should be a FQDN (fully qualified domain name) and to do that you need to contact your ISP, Windstream, and tell them what FQDN you want them to write in their DNS server for a PTR record. Windstream are using generic PTR records which are not satisfactory for email servers, yours is showing as;
h66.36.39.162.static.ip.windstream.net
That alone will cause your emails to fail reverse DNS lookups that many email servers perform automatically in realtime.
Using Windstream IP space probably isn't doing you any favors either. If they won't do that DNS entry for you, you'll have to change ISP or accept a poor delivery rate.
The person that did the setup of your email server does not know enough to do the job, we suggest you contact a professional who should know about things like EHLO/HELO configuration and SMTP per RFCs.

28 comments:

  1. Hi APEWS Admins, please remove my IP address from your blacklist : 182.18.175.75

    Thanks!

    ReplyDelete
  2. Hi APEWS Admins, please remove my IP address from your blacklist: 178.63.228.221

    Oooops 178.63.228.221 is currently listed in APEWS :-(
    Entry matching your Query: E-439544
    178.63.224.0/21CASE: C-17
    Spambots, zombies, contaminated CIDR, bad reputation providerHistory:
    Entry created 2010-12-24


    Thanks! Best regards. Milan Kucej, Bytca, Slovak Republic.

    ReplyDelete
  3. Please IP website address removed from the black list
    IP : 178.211.33.131

    ReplyDelete
  4. Apnews, I am not listed on any other spam site. Please release my IP adress

    Oooops 72.38.118.94 is currently listed in APEWS :-(
    Entry matching your Query: E-437378
    72.38.118.0/23CASE: C-17
    Spambots, zombies, contaminated CIDR, bad reputation providerHistory:
    Entry created 2010-12-18

    I can assure you that there is no spam coming from this IP adress.

    ReplyDelete
  5. Apnews, would you please remove the following IP address from your blacklist: 50.195.93.209
    We are a non-profit organization (Jobs, Housing, and Recovery) and this is causing some serious problems on our email delivers.

    We were a victim of backscatter and have since corrected that by disabling the NDRs in the Exchange server.

    ReplyDelete
  6. Hi APEWS Admins, please remove my IP address from your blacklist : 175.182.73.15

    Thanks!

    Eden

    ReplyDelete
  7. Hi APEWS Admins, please remove my IP address from your blacklist : 190.12.81.67

    and

    190.12.81.66

    Thanks!

    ReplyDelete
  8. Hi APEWS Admins, please remove my IP address from your blacklist : 79.188.148.2

    Thanks!

    ReplyDelete
  9. Hi,

    We believe you may have our IP block listed as dynamic when this is not the case all our IP addresses are STATIC assigned. You have all our IP's listed in your database. Only 2 were our mail servers 220.233.255.92 and 220.233.255.91. Please remove the whole block however.

    We are not listed in the CIDR you mention in the lookup report.

    You are starting to cost us money due to this mistake as clients who can no longer receive emails are leaving us. Thank you.

    ReplyDelete
  10. Apnews, Please release my IP adress

    OOooops 108.166.84.21 is currently listed in APEWS :-(
    Entry matching your Query: E-631065
    108.164.0.0/14CASE: C-131
    Unallocated CIDR, no traffic until allocated,
    or allocated to bad reputation provider
    or allocated but dynamic / generically named IPs,
    or bogons, see www.cidr-report.org,
    or orphaned IP / CIDR in routing tableHistory:
    Entry created 2013-06-05

    I can assure you that there is no spam coming from this IP adress.

    ReplyDelete
  11. This comment has been removed by the author.

    ReplyDelete
  12. Oooops 177.70.21.182 is currently listed in APEWS :-(
    Entry matching your Query: E-520140
    177.64.0.0/11
    CASE: C-131
    Unallocated CIDR, no traffic until allocated,
    or allocated to bad reputation provider
    or allocated but dynamic / generically named IPs,
    or bogons, see www.cidr-report.org,
    or orphaned IP / CIDR in routing table
    History:
    Entry created 2012-04-10

    ---------------------------------------------------------------

    De: "System Administrator"
    Assunto: Delivery Failure
    Data: 10 de julho de 2013 11:06:28 BRT
    Para: XXXXXXXX@bluemint.com.br


    Could not deliver message to the following recipient(s):

    Failed Recipient: XXXXXX@jdtseguros.com.br
    Reason: Remote host said: 550 The content of this message looked like spam.


    -- The header and top 20 lines of the message follows --

    Received: from [192.168.0.5] (b3db00bb.virtua.com.br [179.219.0.187]) by cloud.infinihostidc.com.br with SMTP;
    Fri, 5 Jul 2013 11:05:57 -0300
    From: Ana Paula Costa
    Content-Type: multipart/alternative; boundary="Apple-Mail=_50EEB6E6-7745-4A0A-8AAC-CDD8D8A45983"
    Subject: FOTOGRAFA - BABY!
    Date: Fri, 5 Jul 2013 11:06:00 -0300
    Message-Id:
    To: Juliana Tiede
    Mime-Version: 1.0 (Apple Message framework v1283)
    X-Mailer: Apple Mail (2.1283)

    ReplyDelete
  13. Sou administrador de rede na instituição que corresponde esse IP.
    Solicito a deslistagem do nosso IP junto a Apews.

    desde já agradecemos.

    Oooops 200.245.198.2 is currently listed in APEWS :-(
    Entry matching your Query: E-612512
    200.245.192.0/21
    CASE: C-15
    Spambots, zombies, contaminated CIDR, bad reputation provider
    History:
    Entry created 2012-11-15

    ReplyDelete
  14. Somos uma instituição governamental, como administrador da rede quero dizer que identificamos o problema em nossas contas de email e resolvemos o problema.
    Solicitamos a deslist urgentemente.

    Oooops 200.245.198.2 is currently listed in APEWS :-(
    Entry matching your Query: E-612512
    200.245.192.0/21
    CASE: C-15
    Spambots, zombies, contaminated CIDR, bad reputation provider
    History:
    Entry created 2012-11-15

    ReplyDelete
  15. Hi Apnews,
    please remove our IP address from your list
    96.250.50.195. We were recently hit with a virus
    but have corrected the issue.
    Thank you.
    Boris Vassall

    ReplyDelete
  16. Hi APEWS Admins, please remove my IP address from your blacklist : 88.149.171.127
    We were recently hit with a virus
    but have corrected the issue.

    Thanks!

    Andrea Atlantidee Srl

    ReplyDelete
  17. Hi! Plase fix this. you are blocking half of the city!!

    Oooops 159.148.230.92 is currently listed in APEWS :-(
    Entry matching your Query: E-384808
    159.148.192.0/18CASE: C-1375
    Spambots/zombies within CIDRSpecial Reason:
    Only the ASN/CIDR owner can solve this listing by actioning FAQ 42 apews.org SHUTDOWN BOTS, ZOMBIES, NET ABUSEHistory:
    Entry created 2009-05-01

    ReplyDelete
  18. Hi APEWS Admins, please remove my IP address from your blacklist :
    95.111.18.118

    ReplyDelete
  19. APEWS:
    Our office WAN IP 175.136.232.242 being listed at APEWS
    Record Number: E-393403
    We have resolved the malware/trojan infection issue on our mail server (another server IP) and delisted from SORBS & SPAMHAUS. Please do so for APEWS. Thank you.

    ReplyDelete
  20. Good Morning. We Resolve Problems with emails please
    Oooops 65.111.180.240 is currently listed in APEWS :-(
    Entry matching your Query: E-1230177
    65.111.180.240
    CASE: C-1469
    Spammer, scanner, scammer, zombie PC, rooted PC, bot, etc
    History:
    Entry created 2014-03-12

    ReplyDelete
  21. Hi APEWS Admins, please remove my IP address from your blacklist : 209.105.212.156

    Thanks!

    ReplyDelete
  22. Hi APEWS Admins, please remove my IP address from your blacklist : 209.105.212.156

    ReplyDelete
  23. thxxxxxxxxxxxxxxxx et mérciiiii
    http://jeuxjeux99.blogspot.com/
    العاب سيارات هنا سوف ستجدون تشكيلة مميزة من أروع و أفضل ما يوجد في العاب سيارات يمكنك اللعب مباشرة وبسهولة تامة بدون تحميل و مرحبا بالجميع في موقع العاب سيارات .

    ReplyDelete
  24. Hi APEWS Admins, please remove my IP address from your blacklist : 88.250.135.200
    We had some problem(virus attack) with our server but have corrected the issue.

    Also our IP listed only APEWS blacklist now. Could you remove our IP please?

    Thanks,

    ReplyDelete
  25. Good morning Apews Administrator, could you please remove my IP 201.88.104.134 Black List because we have a binder and some accounts have been hacked and had begun to distribute spam, the problem was solved.
    grateful

    ReplyDelete
  26. Good morning Apews Administrator, could you please remove my IP 201.88.104.134 Black List because we have a binder and some accounts have been hacked and had begun to distribute spam, the problem was solved.
    grateful

    Oooops Currently 201.88.104.134 is listed in APEWS:-(
    Entry matching your Query: E-247809
    201.88.64.0/18CASE C-315
    AS8167 BR, ISP Permits abuse and / or criminal ignores activityHistory:
    Entry created 2007-07-08

    ReplyDelete
  27. Good morning Apews Administrator, could you please remove my IP 79.175.176.57 from your blacklist.

    Entry matching your Query: E-411172
    79.175.176.0/20CASE: C-1375
    Spambots/zombies within CIDRHistory:
    Entry created 2010-09-05

    Thanks.

    ReplyDelete
  28. Hello,

    can you please delist my IP 88.146.253.3
    Entry matching your Query: E-358086
    88.146.240.0/20
    CASE: C-1375
    Spambots/zombies within CIDR
    Special Reason:
    Only the ASN/CIDR owner can solve this listing by actioning FAQ 42 apews.org SHUTDOWN BOTS, ZOMBIES, NET ABUSE
    History:
    Entry created 2008-06-20

    It is IP of our customer and this IP was listed at time when it belonged to previous customer..

    Thank you

    ReplyDelete