Adding Documentation to Linux-SXS

Kevin O'Gorman kogorman
Sat Dec 9 13:15:43 PST 2006 

On 12/7/06, David Bandel <david.bandel at gmail.com> wrote:
> On 12/7/06, Kevin O'Gorman <kogorman at gmail.com> wrote:
> [snip]
> > >
> > > Try hinfo.  It shows who has you listed and why.  Some sites, notably
> > > abuse.net, seems to list a lot of site incorrectly.  For example, it
> > > has pananix.com listed for not having a postmaster address.  The
> > > postmaster and MAILER-DAEMON addresses, as abuse and spam are in _all_
> > > my domains as the first aliases.  Most likely, they check from a
> > > system that's blacklisted, although those addresses aren't included in
> > > the blacklist checks, but something is wrong at their end.
> >
> > Easy for you to say.  Hinfo looks interesting, but I'm mildly baffled
> > by the output, particularly by how my host is identified remotely as
> > 0.0.0.2 or 127.1.0.1, 65.77.130.111, etc.  Take a look:  Notice also
> > that SBC is my ISP, so their showing up in whois is normal.  The
> > 64.160.0.0/12 address seems to blacklist me along with a huge slab of
> > the ISP. What am I to make of all this?
>
> I shouldn't have to say it:  RTFM.  hinfo returns more than just
> blacklist info (which you would know if you read the fine manual).
> The ASN number has nothing to do with blacklisting.

You don't have to say it, but you might give a pointer to the FM.
Googling hinfo got me to the software, but nothing else.  The packaged
man page is minimal, to say the least.  So what FM should I be
reading?

In particular, what should I make of those odd generic IP addresses?

>
> >
> > > Processing treat.kosmanor.com (64.166.164.49)
> > treat.kosmanor.com. is in Abuse.net Contacts as 0.0.0.2
> >         "postmaster at treat.kosmanor.com"
> >         "postmaster at kosmanor.com"
> > 64.166.164.49 is adsl-64-166-164-49.dsl.snlo01.pacbell.net.
> > adsl-64-166-164-49.dsl.snlo01.pacbell.net. is in Abuse.net Contacts as 0.0.0.1
> >         "abuse at sbcglobal.net"
> > adsl-64-166-164-49.dsl.snlo01.pacbell.net. is in rfc-ignorant whois as 127.0.0.5
> > 64.166.164.49 is in Blars Block List as 127.1.0.1
> >         Spam sending domain
> > 64.166.164.49 is in v6net spammers as 65.77.130.111
> > 64.166.164.49 is in Yahoo as 127.0.0.2
> > 64.166.164.49 is in n13mbl relaywatcher as 208.38.61.228
> > 64.166.164.49 in ASN7132 64.160.0.0/12
> >
> > IPQuery: 64.166.164.49 Server: whois.arin.net
> > SBC Internet Services SBCIS-SIS80 (NET-64-160-0-0-1)
> >                                   64.160.0.0 - 64.175.255.255
> >
>
> And yes, you have been blacklisted -- by v6net, by Yahoo (what a
> joke), by n13mbl relaywatcher, and by blars (no big deal on blars).
>
> Appears you're rfc-ignorant.  Do you have postmaster, MAILER-DAEMON,
> spam, and abuse addresses as well as rDNS for your mail server? (Note:
> the mail server rDNS does not have to say mail.foo.org, it just has to
> exists.  And BTW, the ADSL list is like the dial-up list, normally
> blocked by all mail servers as a spam-bot.

I was ignorant about "spam".  Now added.  rDNS is provided by my ISP;
AFAIK I cannot change it to point to my actual domain.  I guess that
means I might be blocked because of being ADSL regardless of my actual
setup.  Sigh.

I still want to clean up my act, so I'll track down the services that
can check my relay behavior and anything else I need to clean up.




>
> Ciao,
>
> David A. Bandel
> --
> Focus on the dream, not the competition.
>             - Nemesis Air Racing Team motto
> _______________________________________________
> Linux-users mailing list ( Linux-users at linux-sxs.org )
> Unsub/Password/Etc: http://mail.linux-sxs.org/cgi-bin/mailman/listinfo/linux-users
>
> Need to chat further on this subject? Check out #linux-users on irc.linux-sxs.org !
>


-- 
Kevin O'Gorman, PhD

More information about the Linux-users mailing list