IETF Logo Mail Archive

How I deal with (false positive) IP-address blacklists...

Theodore Tso <tytso@MIT.EDU> Tue, 09 December 2008 06:21 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DA9FD3A696F; Mon, 8 Dec 2008 22:21:15 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C203C3A69BB for <ietf@core3.amsl.com>; Mon, 8 Dec 2008 22:21:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.999
X-Spam-Level:
X-Spam-Status: No, score=-5.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X8Sc10aAB1ij for <ietf@core3.amsl.com>; Mon, 8 Dec 2008 22:21:13 -0800 (PST)
Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by core3.amsl.com (Postfix) with ESMTP id 4E3D93A68D6 for <ietf@ietf.org>; Mon, 8 Dec 2008 22:21:13 -0800 (PST)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id mB96L5Fn026989; Tue, 9 Dec 2008 01:21:05 -0500 (EST)
Received: from closure.thunk.org (adsl-76-211-230-191.dsl.pltn13.sbcglobal.net [76.211.230.191]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id mB96ITTw025918 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 9 Dec 2008 01:18:33 -0500 (EST)
Received: from tytso by closure.thunk.org with local (Exim 4.69) (envelope-from <tytso@mit.edu>) id 1L9vvR-0003Rj-2o; Tue, 09 Dec 2008 01:18:29 -0500
Date: Tue, 09 Dec 2008 01:18:29 -0500
From: Theodore Tso <tytso@MIT.EDU>
To: ietf@ietf.org
Subject: How I deal with (false positive) IP-address blacklists...
Message-ID: <20081209061829.GA13153@mit.edu>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="gBBFr7Ir9EOA20Yy"
Content-Disposition: inline
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-Scanned-By: MIMEDefang 2.42
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

This doesn't work for most people, but I had fun composing this
response, and coming just a few weeks after people claiming that
IP-based blacklists work well, and rarely result in false positives, I
felt I just had to share.   :-)

						- Ted
--- Begin Message --- 
Hi there.  Your mailer appears to have my one of the addressed used by
primary mailhub, 69.25.196.31 (it reverse-resolves to
www.church-of-our-saviour.org.).  Its primary ip address and hostname
is thunk.org, 69.25.196.29.  You can see who I am here:

	http://thunk.org/tytso

If you use any amount of Linux on your systems, I am the first North
American Linux Kernel developer, and the maintainer of e2fsprogs, the
filesystem utilities for ext2/ext3/ext4.  This bounce took place
because I replied to some user who apparently has a mailbox on
gondor.apana.org.au, on the Linux Kernel Mailing List.

The way I see things, I provde *way* more services to your users than
you do to me, so I don't see any reason to place an international
phone call to get my IP address un-blacklisted.  If one of your users
or one of your staff members needs my help to fix a Linux kernel
problem, or to unscramble an ext2/3/4 filesystem, or an invite to the
some future Linux Kernel Summit, and they can't receive my e-mail,
that is *your* problem, not mine.

I've arranged to make sure this gets routed via an mit.edu mailhub,
but that's about all I plan to do to resolve this problem.

Your move.

Best regards,

Theodore Y. Ts'o
Linux Foundation Fellow and Chief Platform Strategist
STSM, IBM Linux Technology Center
Medford, Massachusetts
(617) 245-5616
(781) 391-2699 (fax)
(781) 526-0121 (cell)
--- Begin Message --- 
This message was created automatically by mail delivery software.
A message that you sent has not yet been delivered to one or more of its
recipients after more than 24 hours on the queue on thunker.thunk.org.

The message identifier is:     1L9Ulw-0001Yz-O5
The date of the message is:    Sun, 7 Dec 2008 20:18:51 -0500
The subject of the message is: Re: Runaway loop with the current git.

The address to which the message has not yet been delivered is:

  herbert@gondor.apana.org.au
    Delay reason: SMTP error from remote mailer after end of data:
    host rhun.apana.org.au [64.62.148.172]: 451-sender IP address 69.25.196.31 is locally blacklisted here. If you think
    451 this is wrong, please call +61289874478.

No action is required on your part. Delivery attempts will continue for
some time, and this warning may be repeated at intervals if the message
remains undelivered. Eventually the mail delivery software will give up,
and when that happens, the message will be returned to you.
--- End Message ---
--- End Message --- 
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email