Rick,
Thanks, I'll need to look into it some more - see what I can fix easily enough. Even your emails to me (via balug-admin@lists.balug.org) didn't land in my "inbox", but, alas, were snagged by gmail as "spam". Not that there's anything inherently wrong with the emails ... gmail's spam filtering seems to be getting increasingly stupid, and drops lots of legitimate email from numerous legitimate senders into spam - and senders having perfectly fine (or at least okay) email sending too. But at least gmail's spam filtering is better than yahoo's horrible mess of spam filtering ... but that's not saying much.
I miss when berkeley.edu actually handled their own mail - they've long since handed it all over to Google ... ugh.
So, yeah, anyway, something(s) definitely not right. I think some of the issues are - mailman's bounce processing isn't working 100%. That is likely due to exim4/eximconfig/mailman interaction.
There's also some fair bits of odd breakage(ness) in eximconfig. eximconfig, unfortunately, hasn't been maintained in many many years, and as time goes on, and exim evolves and upgrades versions, eximconfig only continues to be more and more broken.
My longer term plan is to get rid of eximconfig - and almost certainly also exim - and probably go with an MTA that is also more reasonably configurable - probably postfix. One of exim's significant limitations/issues, is it doesn't play very nice with multiple domains. If, e.g., one has multiple domains - be it 2 or thousands, and one wants to or needs to, say, set up, postmaster@DOMAIN, webmaster@DOMAIN, contact@DOMAIN, listmaster@DOMAIN, etc. the distinct DOMAINs can't be aliased separately, but every single one, e.g. postmaster, webmaster, etc, must all use the same alias for the same local part - even across distinct domains. That's a best highly annoying and unsatisfactory. Yes, is possible to add further post-processing tools, that might possibly address that, but that's also rather unsatisfactory. E.g. if I want/need webmaster@DOMAIN1, and @DOMAIN2, but don't want and want to reject webmaster@OTHER_DOMAINS - exim has no way to do that - post processing tools could drop that, but they can't reject it at connect.
Anyway, lots of reasons to switch out the MTA. And with that will need to put in some reasonable (and much more feasible to reasonably control - eximconfig is too creaky and unmaintained for that, and much of it is deeply tied into python - which I don't exactly fully grok ... yet).
And, "of course", since it's all live and operational, need to do the changes carefully (will probably need to alpha/beta test the changes on a quasi-work-alike dummy/test VM first ... carefully, as won't want to be doing actual Internet email/list traffic - at least not with same domains/IPs). Anyway, is on the todo list. Did get balug VM upgraded to current stable some months back - so that's a bit closer. Still have one (fairly complex) physical host to upgrade to current stable ... likely get to the MTA/anti-spam stuff on the BALUG VM sometime after that. But I'll also look to see if there's something I might be able to do in the meantime that works reasonably well and easily enough.
Also, might go from mailman2 to mailman3 at some point ... but that's not nearly as urgent. Would likely have some fair bit of advantages, but that wouldn't fix the other (at least for the most part) email issues - so not a priority at this time.
Date: Fri, 26 Jun 2020 21:23:29 -0700 From: Rick Moen rick@linuxmafia.com To: balug-admin@lists.balug.org Subject: Re: [BALUG-Admin] balug.org's IP and domain are on some blocklists Sender: BALUG-Admin balug-admin-bounces@lists.balug.org
I wrote:
RBL claims in the bounce notices below motivated me to check the BALUG IP (96.86.170.229) and domain on DNSBLs. There are some reputation problems for the IP address...
$ dig -t a +short 229.170.86.96.dnsbl-1.uceprotect.net 127.0.0.2 $ dig -t a +short 229.170.86.96.all.s5h.net 127.0.0.2 $ dig -t a +short 229.170.86.96.b.barracudacentral.org 127.0.0.2 $ dig -t a +short 229.170.86.96.bb.barracudacentral.org 127.0.0.2 $ dig -t a +short 229.170.86.96.black.dnsbl.brukalai.lt 127.0.0.2 $
One more:
$ dig -t a +short 229.170.86.96.l2.apews.org 127.0.0.2 $
http://www.apews.org/?page=test&C=20&E=521546&ip=96.86.170.229
Date: Fri, 26 Jun 2020 21:03:21 -0700 From: Rick Moen rick@linuxmafia.com To: balug-admin@lists.balug.org Subject: [BALUG-Admin] balug.org's IP and domain are on some blocklists Sender: BALUG-Admin balug-admin-bounces@lists.balug.org
RBL claims in the bounce notices below motivated me to check the BALUG IP (96.86.170.229) and domain on DNSBLs. There are some reputation problems for the IP address...
$ dig -t a +short 229.170.86.96.dnsbl-1.uceprotect.net 127.0.0.2 $ dig -t a +short 229.170.86.96.all.s5h.net 127.0.0.2 $ dig -t a +short 229.170.86.96.b.barracudacentral.org 127.0.0.2 $ dig -t a +short 229.170.86.96.bb.barracudacentral.org 127.0.0.2 $ dig -t a +short 229.170.86.96.black.dnsbl.brukalai.lt 127.0.0.2 $
...and for the domain:
$ dig -t a +short balug.org.postmaster.rfc-clueless.org 127.0.0.3 $
The domain claim is definitely bogus, and I don't know why the RBL claims balug.org doesn't accept mail to postmaster -- as I just verified that it does:
$ telnet balug.org smtp Trying 96.86.170.229... Connected to balug.org. Escape character is '^]'. 220-balug.org ESMTP Exim 4.92 (EximConfig 2.5) Sat, 27 Jun 2020 03:41:33 +0000 220-. 220-WARNING: Unsolicited commercial E-mail (UCE/SPAM), pornographic 220-material, viruses and relaying is prohibited by this server and 220-any such messages will be rejected/filtered automatically 220-depending on content. 220-. 220-By using this server, you agree not to send any messages of the 220-above nature. Please disconnect immediately if you do not agree 220-to these terms and conditions. 220-. 220-Please contact postmaster@balug.org if you have any 220-enquiries about or problems with this server. 220-. 220-Find out more about EximConfig for the Exim mailer by visiting 220-the following URL: http://www.jcdigita.com/eximconfig 220 . HELO linuxmafia.com 250 balug-sf-lug-v2.balug.org Hello linuxmafia.com [96.95.217.99] MAIL FROM: root@linuxmafia.com 250 OK RCPT TO: postmaster@balug.org 250 Accepted DATA 354 Enter message, ending with "." on a line by itself From: root@linuxmafia.com To: postmaster@balug.org Subject: Just testing postmaster deliverability
postmaster.rfc-clueless.org lists the balug.org domain, so I'm just doing a test. Am guessing the RBL's claim is bogus. . 250 OK id=1jp1kE-0004HS-RP quit 221 balug-sf-lug-v2.balug.org closing connection Connection closed by foreign host. $
It could be that rfc-clueless.org's testing is aggressive enough to occasionally cause Exim to reject the test mails to postmaster, or that their text seems spammy to the rulesets, or something like that. I cannot remember exactly where EximConfig's whitelisting is, but, if logfile analysis reveals where rfc-clueless.org's test mails originate, that would be a preventative.
The other listings are more troubling, claiming that balug.org's IP has been functioning as a spamhaus.
The bounce message (below) talks about the IP address also being listed at 'spamrl.com', but according to https://www.gmass.co/blog/domain-blacklists-comprehensive-guide/ , 'SpamRL.com is a domain blacklist cloaked in secrecy' with no Web-based or other query tools, though one can manually de-list one's IP for up to seven days at their Web site.
----- Forwarded message from mailman@lists.balug.org -----
Date: Sat, 27 Jun 2020 00:50:51 +0000 From: mailman@lists.balug.org To: balug-talk-owner@lists.balug.org Subject: Bounce action notification
This is a Mailman mailing list bounce action notice:
List: BALUG-Talk Member: dale@skywriterhosting.com Action: Subscription disabled. Reason: Excessive or fatal bounces.The triggering bounce notice is attached below.
Questions? Contact the Mailman site administrator at mailman@lists.balug.org.
Received: from Debian-exim by balug-sf-lug-v2.balug.org with local (Exim 4.92 #3 (EximConfig 2.5)) id 1joyqL-0001nw-BL ; Sat, 27 Jun 2020 00:37:17 +0000 X-Failed-Recipients: pricen@live-int.com, james@globaltap.com, jack@puppetlabs.com, luke@teyssier.com, zen@pengaru.com, embeddedlinuxguy@gmail.com, dale@skywriterhosting.com, melissa@ginormus.com Reply-To: postmaster@balug.org Auto-Submitted: auto-replied From: Mail Delivery System Mailer-Daemon@balug.org To: balug-talk-bounces@lists.balug.org Content-Type: multipart/report; report-type=delivery-status; boundary=1593218237-eximdsn-1255133696 MIME-Version: 1.0 Subject: Mail delivery failed: returning message to sender Message-Id: E1joyqL-0001nw-BL@balug-sf-lug-v2.balug.org Date: Sat, 27 Jun 2020 00:37:17 +0000 X-SA-Do-Not-Run: Yes X-SA-Exim-Connect-IP: <locally generated> X-SA-Exim-Mail-From: X-SA-Exim-Scanned: No (on balug-sf-lug-v2.balug.org); SAEximRunCond expanded to false
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
pricen@live-int.com retry timeout exceeded james@globaltap.com host mxa.spamstick.net [192.73.242.154] SMTP error from remote mail server after RCPT TO:james@globaltap.com: 550 no mailbox by that name is currently available jack@puppetlabs.com host aspmx.l.google.com [2607:f8b0:400e:c07::1a] SMTP error from remote mail server after RCPT TO:jack@puppetlabs.com: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 https://support.google.com/mail/?p=NoSuchUser k88si9124651pjk.22 - gsmtp luke@teyssier.com host mail.teyssier.com [64.26.60.153] SMTP error from remote mail server after end of data: 550 The sending IP (96.86.170.229) is listed on https://spamrl.com/. Please resolve this and retry. zen@pengaru.com host mail.pengaru.com [66.240.222.126] SMTP error from remote mail server after RCPT TO:zen@pengaru.com: 554 5.7.1 Service unavailable; Client host [96.86.170.229] blocked using b.barracudacentral.org; http://www.barracudanetworks.com/reputation/?pr=1&ip=96.86.170.229 embeddedlinuxguy@gmail.com host gmail-smtp-in.l.google.com [2607:f8b0:400e:c08::1b] SMTP error from remote mail server after RCPT TO:embeddedlinuxguy@gmail.com: 552-5.2.2 The email account that you tried to reach is over quota. Please direct 552-5.2.2 the recipient to 552 5.2.2 https://support.google.com/mail/?p=OverQuotaPerm y34si3775952pgk.91 - gsmtp dale@skywriterhosting.com Unrouteable address melissa@ginormus.com Unrouteable address
Reporting-MTA: dns; balug-sf-lug-v2.balug.org
Action: failed Final-Recipient: rfc822;melissa@ginormus.com Status: 5.0.0
Action: failed Final-Recipient: rfc822;dale@skywriterhosting.com Status: 5.0.0
Action: failed Final-Recipient: rfc822;embeddedlinuxguy@gmail.com Status: 5.0.0 Remote-MTA: dns; gmail-smtp-in.l.google.com Diagnostic-Code: smtp; 552-5.2.2 The email account that you tried to reach is over quota. Please direct 552-5.2.2 the recipient to 552 5.2.2 https://support.google.com/mail/?p=OverQuotaPerm y34si3775952pgk.91 - gsmtp
Action: failed Final-Recipient: rfc822;zen@pengaru.com Status: 5.0.0 Remote-MTA: dns; mail.pengaru.com Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host [96.86.170.229] blocked using b.barracudacentral.org; http://www.barracudanetworks.com/reputation/?pr=1&ip=96.86.170.229
Action: failed Final-Recipient: rfc822;luke@teyssier.com Status: 5.0.0 Remote-MTA: dns; mail.teyssier.com Diagnostic-Code: smtp; 550 The sending IP (96.86.170.229) is listed on https://spamrl.com/. Please resolve this and retry.
Action: failed Final-Recipient: rfc822;jack@puppetlabs.com Status: 5.0.0 Remote-MTA: dns; aspmx.l.google.com Diagnostic-Code: smtp; 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 https://support.google.com/mail/?p=NoSuchUser k88si9124651pjk.22 - gsmtp
Action: failed Final-Recipient: rfc822;james@globaltap.com Status: 5.0.0 Remote-MTA: dns; mxa.spamstick.net Diagnostic-Code: smtp; 550 no mailbox by that name is currently available
Action: failed Final-Recipient: rfc822;pricen@live-int.com Status: 5.0.0
Return-path: balug-talk-bounces@lists.balug.org Received: from localhost ([127.0.0.1]:50342 helo=balug.org) by balug-sf-lug-v2.balug.org with esmtp (Exim 4.92 #3 (EximConfig 2.5)) id 1joyoo-0001ju-Jy ; Sat, 27 Jun 2020 00:35:42 +0000 Received: from mail-lj1-f174.google.com ([209.85.208.174]:44764) by balug-sf-lug-v2.balug.org with esmtps (Cipher TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92 #3 (EximConfig 2.5)) id 1joyog-0001jQ-H0 for balug-talk@lists.balug.org; Sat, 27 Jun 2020 00:35:39 +0000 Received: by mail-lj1-f174.google.com with SMTP id s9so12067445ljm.11 for balug-talk@lists.balug.org; Fri, 26 Jun 2020 17:35:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Wn8H2ShFdHhe4BNguMg/UIqr20XvfG9VUNOkJ854sRE=; b=tXPJdqLthil1+swKuvMfVwBMeCKXD6EQCsxoaMi5rizt2LJGsRMTPYFSsClES7RVRF Z3bpm8VCikrxXu6vyxd9cMaXZYnuD+4flBU6TUhrIINccno2Z+ilmgQbl3Opl1fr6IVC aQ/D1EkmaBobeM2J2sLZZ8jko22xjqVQHZa9pPCeJCUbEqUgTDKoYmZFjEN64/oFviiS nCZ3alynwZCqRGupT0kHyxfbuXHBIAf6MPg6UA/dVxyCEbTj+ig40uA35ElojuAopJX5 eWqnXiBO4oSC+1O36B31v66dAkvXv74zuFsBJzb+SFrIfgClW6gSOOWzpWkZNXfUpdZG kMOw== X-Gm-Message-State: AOAM530EzYEexmMPf1V7QDIi06oBzbRcWMkVwQ2ondPw36bOL0dnHHX1 3mPgUhjt8MLR/ZjrwirAE5FDP2yivNNlkJufiOCJ8HIY X-Google-Smtp-Source: ABdhPJzAIqjhfbbkmBjG+4rYayUqSbTSQa6zyj9Z7hxTUx7Qw5khYM/hYXwXVV39a460nB5k6JtvA8ASIhifOlN7xN4= X-Received: by 2002:a50:d790:: with SMTP id w16mr5805036edi.231.1593216865715; Fri, 26 Jun 2020 17:14:25 -0700 (PDT) MIME-Version: 1.0 References: 20200626023605.17604atnvm66m8ao@webmail.rawbw.com In-Reply-To: 20200626023605.17604atnvm66m8ao@webmail.rawbw.com From: Tony Godshall togo@of.net Date: Fri, 26 Jun 2020 17:13:48 -0700 Message-ID: CAAOvATjh27eGzrAMmnDUCxsKPskbdO0XG02FvzZHij0gt9kv1g@mail.gmail.com To: Michael Paoli Michael.Paoli@cal.berkeley.edu X-Flood-Protect-Sender-Added: Yes X-Flood-Protect-Sender-Rcpt-Added: Yes Received-SPF: pass (gmail.com ... _spf.google.com: Sender is authorized to use 'apgodshall@gmail.com' in 'mfrom' identity (mechanism 'include:_netblocks.google.com' matched) (gmail.com ... _spf.google.com: Sender is authorized to use 'apgodshall@gmail.com' in 'mfrom' identity (mechanism 'include:_netblocks.google.com' matched))) X-Greylist-Verify-Added: Yes X-Greylist-Passed: Yes X-Flood-Protect-Repeat-Fail-Added: Yes X-Flood-Protect-Message-Added: Yes X-SA-Do-Not-Teergrube: Yes X-EximConfig: v2.5 on balug.org (http://www.jcdigita.com/eximconfig) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on balug-sf-lug-v2.balug.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [BALUG-Talk] Company in Concord seeks to donate older PCs to a LUG X-BeenThere: balug-talk@lists.balug.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: General discussion list for BALUG <balug-talk.lists.balug.org> List-Unsubscribe: https://lists.balug.org/cgi-bin/mailman/options/balug-talk, mailto:balug-talk-request@lists.balug.org?subject=unsubscribe List-Archive: https://lists.balug.org/pipermail/balug-talk/ List-Post: mailto:balug-talk@lists.balug.org List-Help: mailto:balug-talk-request@lists.balug.org?subject=help List-Subscribe: https://lists.balug.org/cgi-bin/mailman/listinfo/balug-talk, mailto:balug-talk-request@lists.balug.org?subject=subscribe Cc: BALUG-Talk balug-talk@lists.balug.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: balug-talk-bounces@lists.balug.org Sender: "BALUG-Talk" balug-talk-bounces@lists.balug.org X-SA-Do-Not-Run: Yes X-EximConfig: v2.5 on balug.org (http://www.jcdigita.com/eximconfig) X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: balug-talk-bounces@lists.balug.org X-SA-Exim-Scanned: No (on balug-sf-lug-v2.balug.org); SAEximRunCond expanded to false
Ah, I recall times I participated in Installfest For The Schools, I think these guys were involved...
On Fri, Jun 26, 2020 at 2:37 AM Michael Paoli Michael.Paoli@cal.berkeley.edu wrote:
Also replied to 'em off-list regarding Partimus and such.
references/excerpts:
From: "Michael Paoli" Michael.Paoli@cal.berkeley.edu To: "Cameron Abrams" cameronabrams25@gmail.com, "Christian Einfeldt" christian@partimus.org, "Grant Bowman" grant@partimus.org, "James Howard" james@partimus.org Cc: "Rick Moen" rick@linuxmafia.com Subject: Re: Company in Concord seeks to donate older PCs to a LUG Date: Fri, 26 Jun 2020 02:15:09 -0700
Cameron / Partimus folks, perhaps y'all ought connect. :-)
I believe Partiums is (approximately?) based in(/around?) San Francisco, and also does / has done work with some East Bay (Oakland, if I recall correctly) school(s). I believe Grant is also out in East Bay, East of Concord.
Also including link to list of lists (of [L]UGs), in case that's also useful.
Thanks for reaching out and asking!
http://www.partimus.org/ http://www.partimus.org/contact.php
https://www.wiki.balug.org/wiki/doku.php?id=balug:bay_area_open_source_linux...
references/excerpts: http://linuxmafia.com/pipermail/dvlug/2020q2/000608.html http://linuxmafia.com/pipermail/dvlug/2020q2/000609.html https://groups.google.com/g/berkeleylug/c/Tr_WRg1STpI/m/qOZ_8bheCQAJ https://lists.balug.org/pipermail/balug-talk/2020-June/000213.html
From: "Rick Moen" rick@linuxmafia.com To: dvlug@linuxmafia.com Subject: [dvlug] Company in Concord seeks to donate older PCs to a LUG Date: Thu, 25 Jun 2020 11:02:25 -0700
----- Forwarded message from Cameron Abrams cameronabrams25@gmail.com -----
Date: Thu, 25 Jun 2020 09:28:39 -0700 From: Cameron Abrams cameronabrams25@gmail.com
From rick@linuxmafia.com Thu Jun 25 18:11:04 2020 Date: Thu, 25 Jun 2020 11:10:49 -0700 From: Rick Moen rick@linuxmafia.com To: BALUG-Talk@lists.balug.org Subject: [BALUG-Talk] Company in Concord seeks to donate older
PCs to a LUG
----- Forwarded message from Cameron Abrams
cameronabrams25@gmail.com -----
Date: Thu, 25 Jun 2020 09:28:39 -0700 From: Cameron Abrams cameronabrams25@gmail.com To: dvlug-owner@linuxmafia.com Subject: Do you take donations?
Hello,
I am contacting you on behalf of the company I work for. We are
located in
Concord, and are in the midst of a transition. We would like to
get rid of
some older PCs we have replaced with newer ones, and we are in
the midst of
wiping all of our hard drives. We were wondering if perhaps this was a Linux group that took donations, as we would rather put the PCs
to use than
scrap them as e-waste. If you do accept donations and would like
to discuss
this matter further, or if you do not accept donations but do
know of other
local groups that accept donations, please email me back.
Thanks,
Cameron
----- End forwarded message -----
BALUG-Talk mailing list BALUG-Talk@lists.balug.org https://lists.balug.org/cgi-bin/mailman/listinfo/balug-talk
--
Best Regards. This is unedited. This message came out of me via a suboptimal keyboard.
apnews.org - looks like "issue" there predates me/BALUG using the IPs: Oooops 96.86.170.229 is currently listed in APEWS :-( Entry matching your Query: E-521546 96.64.0.0/11 CASE: C-20 Spambots, zombies, contaminated CIDR, bad reputation provider History: Entry created 2012-04-14 Note the block, and date. I didn't get any of those IPs until 2019-12-12, and I only have 96.86.170.224/29 and of that, BALUG VM, for IPv4, only has and uses 96.86.170.229. Anyway, will see what I can do, but checked logs and such, and I've got absolutely nothing in there mentioning (regardless of case) "apnews.org". Likewise no matches for "apnews" except for some false positives (spam: health@zaapnews.com)
Date: Fri, 26 Jun 2020 21:23:29 -0700 From: Rick Moen rick@linuxmafia.com To: balug-admin@lists.balug.org Subject: Re: [BALUG-Admin] balug.org's IP and domain are on some blocklists Sender: BALUG-Admin balug-admin-bounces@lists.balug.org
One more:
$ dig -t a +short 229.170.86.96.l2.apews.org 127.0.0.2 $
http://www.apews.org/?page=test&C=20&E=521546&ip=96.86.170.229
Well, 0 of 6 down, 6 to go.
Spend well over half an hour going over apnews.org's documentation and such. Doesn't seem to be anything abundantly clear about how to rectify the problem. Closest I've come so far seems to be Q42/A42 on http://www.apews.org/?page=faq but that doesn't seem to be particularly clear about what needs to be done where ... something about posting to forum, but doesn't seem clear, and link followed that would seem to be forum they're talking about, doesn't seem to have a forum there ... so not sure where from here. They also seem ambiguous about who can post regarding it - only the net owner? or host/IP "owner"? Seems unclear. I don't and can't control 96.64.0.0/11 nor speak on behalf of same ... and that's no less than 2,097,152 Comcast IP addresses. I only have control over 96.86.170.224/29 - that's just 8 of the IP addresses.
Oh, and current IPv4 of linuxmafia.com is also in that same 96.64.0.0/11.
From: "Michael Paoli" Michael.Paoli@cal.berkeley.edu Subject: Re: balug.org's IP and domain are on some blocklists - apnews.org Date: Sun, 28 Jun 2020 03:58:50 -0700
apnews.org - looks like "issue" there predates me/BALUG using the IPs: Oooops 96.86.170.229 is currently listed in APEWS :-( Entry matching your Query: E-521546 96.64.0.0/11 CASE: C-20 Spambots, zombies, contaminated CIDR, bad reputation provider History: Entry created 2012-04-14 Note the block, and date. I didn't get any of those IPs until 2019-12-12, and I only have 96.86.170.224/29 and of that, BALUG VM, for IPv4, only has and uses 96.86.170.229. Anyway, will see what I can do, but checked logs and such, and I've got absolutely nothing in there mentioning (regardless of case) "apnews.org". Likewise no matches for "apnews" except for some false positives (spam: health@zaapnews.com)
Date: Fri, 26 Jun 2020 21:23:29 -0700 From: Rick Moen rick@linuxmafia.com To: balug-admin@lists.balug.org Subject: Re: [BALUG-Admin] balug.org's IP and domain are on some blocklists Sender: BALUG-Admin balug-admin-bounces@lists.balug.org
One more:
$ dig -t a +short 229.170.86.96.l2.apews.org 127.0.0.2 $
http://www.apews.org/?page=test&C=20&E=521546&ip=96.86.170.229