[sf-lug] junkemailfilter.com claimed that linuxmafia.com is a 'virus' site

Rick Moen rick at linuxmafia.com
Wed Oct 5 16:17:31 PDT 2016 

So, Jim's at well.com, that uses outsourced vetting of mail using
external site junkemailfilter.com .  And recently it decided to
start refusing all mail from linuxmafia.com's IP address,
198.144.195.186.

http://ipadmin.junkemailfilter.com/remove.php yields this detail:

  /ip-log/karma.log.03:virus 198.144.195.186 linuxmafia.com NOTQUIT [S=4 -
  FakeMX NoQuit] X=tarbaby2 H=linuxmafia.com [198.144.195.186]
  HELO=[linuxmafia.com] SN=[skeptic-bounces at linuxmafia.com]

...and I'm pretty sure I know where this noise comes from.  Until
recently, I hosted on linuxmafia.com a collection for _study_ of
MS-Windows malware that was current a couple of decades ago, every one
of which had been rendered safe through measures that included giving
them all .txt filename extensions.  Recently a couple of automated
malware-checking sites stumbled on the archive.  I removed the archive
(sorry, no more security study), and have been chasing down the places
that blacklisted my IP.

More at:
http://linuxmafia.com/pipermail/conspire/2016-September/008583.html
http://linuxmafia.com/pipermail/conspire/2016-September/008584.html

I've just now gotten 198.144.195.186 whitelisted at junkemailfilter.com .



----- Forwarded message from Mail Delivery System <Mailer-Daemon at linuxmafia.com> -----

Date: Wed, 05 Oct 2016 08:00:09 -0700
From: Mail Delivery System <Mailer-Daemon at linuxmafia.com>
To: mailman-bounces at linuxmafia.com
Subject: Mail delivery failed: returning message to sender

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  jim at well.com
    SMTP error from remote mail server after RCPT TO:<jim at well.com>:
    host xmx.well.com [52.0.124.244]: 550 5.7.1 <jim at well.com>... mail from server 198.144.195.186 rejected - see <http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists> for an explanation of this blacklist. In most cases YOU may remove your IP from this blacklist without any hassle.

------ This is a copy of the message, including all the headers. ------

Return-path: <mailman-bounces at linuxmafia.com>
Received: from localhost ([127.0.0.1] helo=linuxmafia.com)
	by linuxmafia.com with esmtp (Exim 4.72)
	(envelope-from <mailman-bounces at linuxmafia.com>)
	id 1brnfx-0007KK-Ql
	for jim at well.com; Wed, 05 Oct 2016 08:00:05 -0700
Received: from localhost ([127.0.0.1] helo=linuxmafia.com)
	by linuxmafia.com with esmtp (Exim 4.72)
	(envelope-from <sf-lug-bounces at linuxmafia.com>) id 1brnfw-0007Jy-AC
	for sf-lug-owner at linuxmafia.com; Wed, 05 Oct 2016 08:00:04 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: 14 sf-lug moderator request(s) waiting
From: sf-lug-bounces at linuxmafia.com
To: sf-lug-owner at linuxmafia.com
Message-ID: <mailman.1.1475679603.28143.sf-lug at linuxmafia.com>
Date: Wed, 05 Oct 2016 08:00:03 -0700
Precedence: bulk
X-BeenThere: sf-lug at linuxmafia.com
X-Mailman-Version: 2.1.13
List-Id: Home for SF-LUG's mailing list <sf-lug.linuxmafia.com>
X-List-Administrivia: yes
Sender: mailman-bounces at linuxmafia.com
Errors-To: mailman-bounces at linuxmafia.com
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: mailman-bounces at linuxmafia.com
X-SA-Exim-Scanned: No (on linuxmafia.com); SAEximRunCond expanded to false

Notice: 2 old request(s) automatically expired.

The sf-lug at linuxmafia.com mailing list has 14 request(s) waiting for
your consideration at:

	http://linuxmafia.com/mailman/admindb/sf-lug
	
Please attend to this at your earliest convenience.  This notice of
pending requests, if any, will be sent out daily.


Pending posts:

[snip summary of held postings that was sent to Jim as listadmin]



----- End forwarded message -----

More information about the sf-lug mailing list