[Dshield] A question.... :(

John Groseclose iain at caradoc.org
Thu Jan 23 01:15:45 GMT 2003


At 7:48 PM -0500 1/22/03, Johannes Ullrich wrote:
>In 'english', it says that this mail server received an email from
>'66.128.66.64'. However, it rejected the mail message because it
>found this mail server in a relay blackhole list (relays.osirusoft.com).
>
>This is a quite common check. We use a similar check for our DShield
>e-mail. It cuts down on spam somewhat.
>
>66.218.66.64 resolves to n1.grp.scd.yahoo.com, which looks like a legit
>yahoo IP/host. Not sure how they made it in this particular block list.

http://relays.osirusoft.com/cgi-bin/rbcheck.cgi?addr=66.93.152.66

As I recall, certain Yahoo servers were blocklisted for failing to 
confirm subscriptions prior to spamming the hell out of people. I 
know I was "subscribed" to at least three porno-spam mailing lists 
hosted on Yahoo.

This is a different listing, though:

(127.0.0.7) 66.218.66.64 is DNSbl listed. by blackholes.five-ten-sg.com

added 2001-11-06; spam support - refusal to delete yahoo stores spammers
added 2002-07-05; spam support - allow spamvertised sites
-- 
John Groseclose
iain at caradoc.org




More information about the list mailing list