You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Michael Monnerie <mi...@is.it-management.at> on 2009/10/21 20:39:30 UTC
false positive on hostkarma blacklist
> http://ipadmin.junkemailfilter.com/remove.php?ip=62.40.128.130
Just received this FP from a customer. That IP is indeed an MX for
kabsi.at, a big cable provider in Austria. Please put it on YELLOW.
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4
Re: false positive on hostkarma blacklist
Posted by Michael Monnerie <mi...@is.it-management.at>.
Another FP, reported some Monday from a customer:
212.62.57.38 == mtaout3.isp.ptt.rs
Which is a clear sign for an ISP. So please, again, check also their
mtaout1 ... mtaout9 or whatever and include all these in YELLOW.
Also, I've offered you a list of ISPs MX from Austria. We have an ISP
Associtation ( www.ispa.at ), and they keep that list actual. Do you
want that for your YELLOW list? Maybe you can subscribe for receiving
updates automatically, too...
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4
Re: false positive on hostkarma blacklist
Posted by Michael Monnerie <mi...@is.it-management.at>.
On Mittwoch 21 Oktober 2009 Marc Perkel wrote:
> Michael Monnerie wrote:
> http://ipadmin.junkemailfilter.com/remove.php?ip=62.40.128.130
> Just received this FP from a customer. That IP is indeed an MX for
> kabsi.at, a big cable provider in Austria. Please put it on YELLOW.
Please, Marc, you fixed above IP, but now this one is on the blacklist:
62.40.128.131
It's the following IP, and the reverse shows
62.40.128.130 mx02.kabsi.at
62.40.128.131 mx04.kabsi.at
When someone reports an ISP, and they name their MX in a very readable
way, you should automatically check for mx01 and mx03, mx05, ...
automatically:
195.202.128.130 mx03.kabsi.at
195.202.128.131 mx05.kabsi.at
Please put all these on YELLOW.
mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4