How I deal with (false positive) IP-address blacklists...
Theodore Tso <tytso@MIT.EDU> Tue, 09 December 2008 06:21 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DA9FD3A696F; Mon, 8 Dec 2008 22:21:15 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C203C3A69BB for <ietf@core3.amsl.com>; Mon, 8 Dec 2008 22:21:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.999
X-Spam-Level:
X-Spam-Status: No, score=-5.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X8Sc10aAB1ij for <ietf@core3.amsl.com>; Mon, 8 Dec 2008 22:21:13 -0800 (PST)
Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by core3.amsl.com (Postfix) with ESMTP id 4E3D93A68D6 for <ietf@ietf.org>; Mon, 8 Dec 2008 22:21:13 -0800 (PST)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id mB96L5Fn026989; Tue, 9 Dec 2008 01:21:05 -0500 (EST)
Received: from closure.thunk.org (adsl-76-211-230-191.dsl.pltn13.sbcglobal.net [76.211.230.191]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id mB96ITTw025918 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 9 Dec 2008 01:18:33 -0500 (EST)
Received: from tytso by closure.thunk.org with local (Exim 4.69) (envelope-from <tytso@mit.edu>) id 1L9vvR-0003Rj-2o; Tue, 09 Dec 2008 01:18:29 -0500
Date: Tue, 09 Dec 2008 01:18:29 -0500
From: Theodore Tso <tytso@MIT.EDU>
To: ietf@ietf.org
Subject: How I deal with (false positive) IP-address blacklists...
Message-ID: <20081209061829.GA13153@mit.edu>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="gBBFr7Ir9EOA20Yy"
Content-Disposition: inline
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-Scanned-By: MIMEDefang 2.42
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
This doesn't work for most people, but I had fun composing this response, and coming just a few weeks after people claiming that IP-based blacklists work well, and rarely result in false positives, I felt I just had to share. :-) - Ted
--- Begin Message ---Hi there. Your mailer appears to have my one of the addressed used by primary mailhub, 69.25.196.31 (it reverse-resolves to www.church-of-our-saviour.org.). Its primary ip address and hostname is thunk.org, 69.25.196.29. You can see who I am here: http://thunk.org/tytso If you use any amount of Linux on your systems, I am the first North American Linux Kernel developer, and the maintainer of e2fsprogs, the filesystem utilities for ext2/ext3/ext4. This bounce took place because I replied to some user who apparently has a mailbox on gondor.apana.org.au, on the Linux Kernel Mailing List. The way I see things, I provde *way* more services to your users than you do to me, so I don't see any reason to place an international phone call to get my IP address un-blacklisted. If one of your users or one of your staff members needs my help to fix a Linux kernel problem, or to unscramble an ext2/3/4 filesystem, or an invite to the some future Linux Kernel Summit, and they can't receive my e-mail, that is *your* problem, not mine. I've arranged to make sure this gets routed via an mit.edu mailhub, but that's about all I plan to do to resolve this problem. Your move. Best regards, Theodore Y. Ts'o Linux Foundation Fellow and Chief Platform Strategist STSM, IBM Linux Technology Center Medford, Massachusetts (617) 245-5616 (781) 391-2699 (fax) (781) 526-0121 (cell)--- Begin Message ------ End Message ---This message was created automatically by mail delivery software. A message that you sent has not yet been delivered to one or more of its recipients after more than 24 hours on the queue on thunker.thunk.org. The message identifier is: 1L9Ulw-0001Yz-O5 The date of the message is: Sun, 7 Dec 2008 20:18:51 -0500 The subject of the message is: Re: Runaway loop with the current git. The address to which the message has not yet been delivered is: herbert@gondor.apana.org.au Delay reason: SMTP error from remote mailer after end of data: host rhun.apana.org.au [64.62.148.172]: 451-sender IP address 69.25.196.31 is locally blacklisted here. If you think 451 this is wrong, please call +61289874478. No action is required on your part. Delivery attempts will continue for some time, and this warning may be repeated at intervals if the message remains undelivered. Eventually the mail delivery software will give up, and when that happens, the message will be returned to you.--- End Message ---
_______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- How I deal with (false positive) IP-address black… Theodore Tso
- Re: How I deal with (false positive) IP-address b… Mark Andrews
- Re: How I deal with (false positive) IP-address b… Theodore Tso
- Re: How I deal with (false positive) IP-address b… Mark Andrews
- Re: How I deal with (false positive) IP-address b… Theodore Tso
- Re: Why the IETF is irrelevant to the future of e… John Levine
- Re: How I deal with (false positive) IP-address b… SM
- Re: How I deal with (false positive) IP-address b… Paul Hoffman
- Re: Why the IETF is irrelevant to the future of e… Peter Dambier
- Re: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- RE: How I deal with (false positive) IP-address b… michael.dillon
- RE: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Peter Dambier
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- RE: How I deal with (false positive) IP-address b… michael.dillon
- RE: How I deal with (false positive) IP-address b… michael.dillon
- Re: How I deal with (false positive) IP-address b… Keith Moore
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- RE: How I deal with (false positive) IP-address b… Tony Hain
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- Re: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Keith Moore
- Re: How I deal with (false positive) IP-address b… Peter Dambier
- RE: How I deal with (false positive) IP-address b… michael.dillon
- RE: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Rich Kulawiec
- Re: How I deal with (false positive) IP-address b… Theodore Tso
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- Re: How I deal with (false positive) IP-address b… Paul Hoffman
- Re: How I deal with (false positive) IP-address b… Randy Presuhn
- Re: How I deal with (false positive) IP-address b… Keith Moore
- Re: How I deal with (false positive) IP-address b… Douglas Otis
- Re: How I deal with (false positive) IP-address b… John C Klensin
- Accountable Use Registry was: How I deal with (fa… Douglas Otis
- Re: Accountable Use Registry was: How I deal with… John C Klensin