[BALUG-Admin] balug.org's IP and domain are on some blocklists
Rick Moen
rick@linuxmafia.com
Sat Jun 27 04:03:21 UTC 2020
RBL claims in the bounce notices below motivated me to check the BALUG
IP (96.86.170.229) and domain on DNSBLs. There are some reputation
problems for the IP address...
$ dig -t a +short 229.170.86.96.dnsbl-1.uceprotect.net
127.0.0.2
$ dig -t a +short 229.170.86.96.all.s5h.net
127.0.0.2
$ dig -t a +short 229.170.86.96.b.barracudacentral.org
127.0.0.2
$ dig -t a +short 229.170.86.96.bb.barracudacentral.org
127.0.0.2
$ dig -t a +short 229.170.86.96.black.dnsbl.brukalai.lt
127.0.0.2
$
...and for the domain:
$ dig -t a +short balug.org.postmaster.rfc-clueless.org
127.0.0.3
$
The domain claim is definitely bogus, and I don't know why the RBL
claims balug.org doesn't accept mail to postmaster -- as I just verified
that it does:
$ telnet balug.org smtp
Trying 96.86.170.229...
Connected to balug.org.
Escape character is '^]'.
220-balug.org ESMTP Exim 4.92 (EximConfig 2.5) Sat, 27 Jun 2020 03:41:33
+0000
220-.
220-WARNING: Unsolicited commercial E-mail (UCE/SPAM), pornographic
220-material, viruses and relaying is prohibited by this server and
220-any such messages will be rejected/filtered automatically
220-depending on content.
220-.
220-By using this server, you agree not to send any messages of the
220-above nature. Please disconnect immediately if you do not agree
220-to these terms and conditions.
220-.
220-Please contact postmaster@balug.org if you have any
220-enquiries about or problems with this server.
220-.
220-Find out more about EximConfig for the Exim mailer by visiting
220-the following URL: http://www.jcdigita.com/eximconfig
220 .
HELO linuxmafia.com
250 balug-sf-lug-v2.balug.org Hello linuxmafia.com [96.95.217.99]
MAIL FROM: <root@linuxmafia.com>
250 OK
RCPT TO: <postmaster@balug.org>
250 Accepted
DATA
354 Enter message, ending with "." on a line by itself
From: root@linuxmafia.com
To: postmaster@balug.org
Subject: Just testing postmaster deliverability
postmaster.rfc-clueless.org lists the balug.org domain, so I'm just
doing a test. Am guessing the RBL's claim is bogus.
.
250 OK id=1jp1kE-0004HS-RP
quit
221 balug-sf-lug-v2.balug.org closing connection
Connection closed by foreign host.
$
It could be that rfc-clueless.org's testing is aggressive enough
to occasionally cause Exim to reject the test mails to postmaster,
or that their text seems spammy to the rulesets, or something like
that. I cannot remember exactly where EximConfig's whitelisting
is, but, if logfile analysis reveals where rfc-clueless.org's test
mails originate, that would be a preventative.
The other listings are more troubling, claiming that balug.org's IP
has been functioning as a spamhaus.
The bounce message (below) talks about the IP address also being listed
at 'spamrl.com', but according to
https://www.gmass.co/blog/domain-blacklists-comprehensive-guide/ ,
'SpamRL.com is a domain blacklist cloaked in secrecy' with no Web-based
or other query tools, though one can manually de-list one's IP for up
to seven days at their Web site.
----- Forwarded message from mailman@lists.balug.org -----
Date: Sat, 27 Jun 2020 00:50:51 +0000
From: mailman@lists.balug.org
To: balug-talk-owner@lists.balug.org
Subject: Bounce action notification
This is a Mailman mailing list bounce action notice:
List: BALUG-Talk
Member: dale@skywriterhosting.com
Action: Subscription disabled.
Reason: Excessive or fatal bounces.
The triggering bounce notice is attached below.
Questions? Contact the Mailman site administrator at
mailman@lists.balug.org.
Received: from Debian-exim by balug-sf-lug-v2.balug.org with local (Exim 4.92 #3 (EximConfig 2.5))
id 1joyqL-0001nw-BL ; Sat, 27 Jun 2020 00:37:17 +0000
X-Failed-Recipients: pricen@live-int.com,
james@globaltap.com,
jack@puppetlabs.com,
luke@teyssier.com,
zen@pengaru.com,
embeddedlinuxguy@gmail.com,
dale@skywriterhosting.com,
melissa@ginormus.com
Reply-To: postmaster@balug.org
Auto-Submitted: auto-replied
From: Mail Delivery System <Mailer-Daemon@balug.org>
To: balug-talk-bounces@lists.balug.org
Content-Type: multipart/report; report-type=delivery-status; boundary=1593218237-eximdsn-1255133696
MIME-Version: 1.0
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1joyqL-0001nw-BL@balug-sf-lug-v2.balug.org>
Date: Sat, 27 Jun 2020 00:37:17 +0000
X-SA-Do-Not-Run: Yes
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From:
X-SA-Exim-Scanned: No (on balug-sf-lug-v2.balug.org); SAEximRunCond expanded to false
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
pricen@live-int.com
retry timeout exceeded
james@globaltap.com
host mxa.spamstick.net [192.73.242.154]
SMTP error from remote mail server after RCPT TO:<james@globaltap.com>:
550 no mailbox by that name is currently available
jack@puppetlabs.com
host aspmx.l.google.com [2607:f8b0:400e:c07::1a]
SMTP error from remote mail server after RCPT TO:<jack@puppetlabs.com>:
550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 https://support.google.com/mail/?p=NoSuchUser k88si9124651pjk.22 - gsmtp
luke@teyssier.com
host mail.teyssier.com [64.26.60.153]
SMTP error from remote mail server after end of data:
550 The sending IP (96.86.170.229) is listed on https://spamrl.com/. Please resolve this and retry.
zen@pengaru.com
host mail.pengaru.com [66.240.222.126]
SMTP error from remote mail server after RCPT TO:<zen@pengaru.com>:
554 5.7.1 Service unavailable; Client host [96.86.170.229] blocked using b.barracudacentral.org; http://www.barracudanetworks.com/reputation/?pr=1&ip=96.86.170.229
embeddedlinuxguy@gmail.com
host gmail-smtp-in.l.google.com [2607:f8b0:400e:c08::1b]
SMTP error from remote mail server after RCPT TO:<embeddedlinuxguy@gmail.com>:
552-5.2.2 The email account that you tried to reach is over quota. Please direct
552-5.2.2 the recipient to
552 5.2.2 https://support.google.com/mail/?p=OverQuotaPerm y34si3775952pgk.91 - gsmtp
dale@skywriterhosting.com
Unrouteable address
melissa@ginormus.com
Unrouteable address
Reporting-MTA: dns; balug-sf-lug-v2.balug.org
Action: failed
Final-Recipient: rfc822;melissa@ginormus.com
Status: 5.0.0
Action: failed
Final-Recipient: rfc822;dale@skywriterhosting.com
Status: 5.0.0
Action: failed
Final-Recipient: rfc822;embeddedlinuxguy@gmail.com
Status: 5.0.0
Remote-MTA: dns; gmail-smtp-in.l.google.com
Diagnostic-Code: smtp; 552-5.2.2 The email account that you tried to reach is over quota. Please direct
552-5.2.2 the recipient to
552 5.2.2 https://support.google.com/mail/?p=OverQuotaPerm y34si3775952pgk.91 - gsmtp
Action: failed
Final-Recipient: rfc822;zen@pengaru.com
Status: 5.0.0
Remote-MTA: dns; mail.pengaru.com
Diagnostic-Code: smtp; 554 5.7.1 Service unavailable; Client host [96.86.170.229] blocked using b.barracudacentral.org; http://www.barracudanetworks.com/reputation/?pr=1&ip=96.86.170.229
Action: failed
Final-Recipient: rfc822;luke@teyssier.com
Status: 5.0.0
Remote-MTA: dns; mail.teyssier.com
Diagnostic-Code: smtp; 550 The sending IP (96.86.170.229) is listed on https://spamrl.com/. Please resolve this and retry.
Action: failed
Final-Recipient: rfc822;jack@puppetlabs.com
Status: 5.0.0
Remote-MTA: dns; aspmx.l.google.com
Diagnostic-Code: smtp; 550-5.1.1 The email account that you tried to reach does not exist. Please try
550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at
550 5.1.1 https://support.google.com/mail/?p=NoSuchUser k88si9124651pjk.22 - gsmtp
Action: failed
Final-Recipient: rfc822;james@globaltap.com
Status: 5.0.0
Remote-MTA: dns; mxa.spamstick.net
Diagnostic-Code: smtp; 550 no mailbox by that name is currently available
Action: failed
Final-Recipient: rfc822;pricen@live-int.com
Status: 5.0.0
Return-path: <balug-talk-bounces@lists.balug.org>
Received: from localhost ([127.0.0.1]:50342 helo=balug.org)
by balug-sf-lug-v2.balug.org with esmtp (Exim 4.92 #3 (EximConfig 2.5))
id 1joyoo-0001ju-Jy ; Sat, 27 Jun 2020 00:35:42 +0000
Received: from mail-lj1-f174.google.com ([209.85.208.174]:44764)
by balug-sf-lug-v2.balug.org with esmtps
(Cipher TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92 #3 (EximConfig
2.5)) id 1joyog-0001jQ-H0
for <balug-talk@lists.balug.org>; Sat, 27 Jun 2020 00:35:39 +0000
Received: by mail-lj1-f174.google.com with SMTP id s9so12067445ljm.11
for <balug-talk@lists.balug.org>; Fri, 26 Jun 2020 17:35:33 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=Wn8H2ShFdHhe4BNguMg/UIqr20XvfG9VUNOkJ854sRE=;
b=tXPJdqLthil1+swKuvMfVwBMeCKXD6EQCsxoaMi5rizt2LJGsRMTPYFSsClES7RVRF
Z3bpm8VCikrxXu6vyxd9cMaXZYnuD+4flBU6TUhrIINccno2Z+ilmgQbl3Opl1fr6IVC
aQ/D1EkmaBobeM2J2sLZZ8jko22xjqVQHZa9pPCeJCUbEqUgTDKoYmZFjEN64/oFviiS
nCZ3alynwZCqRGupT0kHyxfbuXHBIAf6MPg6UA/dVxyCEbTj+ig40uA35ElojuAopJX5
eWqnXiBO4oSC+1O36B31v66dAkvXv74zuFsBJzb+SFrIfgClW6gSOOWzpWkZNXfUpdZG
kMOw==
X-Gm-Message-State: AOAM530EzYEexmMPf1V7QDIi06oBzbRcWMkVwQ2ondPw36bOL0dnHHX1
3mPgUhjt8MLR/ZjrwirAE5FDP2yivNNlkJufiOCJ8HIY
X-Google-Smtp-Source: ABdhPJzAIqjhfbbkmBjG+4rYayUqSbTSQa6zyj9Z7hxTUx7Qw5khYM/hYXwXVV39a460nB5k6JtvA8ASIhifOlN7xN4=
X-Received: by 2002:a50:d790:: with SMTP id w16mr5805036edi.231.1593216865715;
Fri, 26 Jun 2020 17:14:25 -0700 (PDT)
MIME-Version: 1.0
References: <20200626023605.17604atnvm66m8ao@webmail.rawbw.com>
In-Reply-To: <20200626023605.17604atnvm66m8ao@webmail.rawbw.com>
From: Tony Godshall <togo@of.net>
Date: Fri, 26 Jun 2020 17:13:48 -0700
Message-ID: <CAAOvATjh27eGzrAMmnDUCxsKPskbdO0XG02FvzZHij0gt9kv1g@mail.gmail.com>
To: Michael Paoli <Michael.Paoli@cal.berkeley.edu>
X-Flood-Protect-Sender-Added: Yes
X-Flood-Protect-Sender-Rcpt-Added: Yes
Received-SPF: pass (gmail.com ... _spf.google.com: Sender is authorized to use
'apgodshall@gmail.com' in 'mfrom' identity (mechanism
'include:_netblocks.google.com' matched) (gmail.com ... _spf.google.com:
Sender is authorized to use 'apgodshall@gmail.com' in 'mfrom' identity
(mechanism 'include:_netblocks.google.com' matched)))
X-Greylist-Verify-Added: Yes
X-Greylist-Passed: Yes
X-Flood-Protect-Repeat-Fail-Added: Yes
X-Flood-Protect-Message-Added: Yes
X-SA-Do-Not-Teergrube: Yes
X-EximConfig: v2.5 on balug.org (http://www.jcdigita.com/eximconfig)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
balug-sf-lug-v2.balug.org
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2 autolearn=ham autolearn_force=no version=3.4.2
Subject: Re: [BALUG-Talk] Company in Concord seeks to donate older PCs to a
LUG
X-BeenThere: balug-talk@lists.balug.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General discussion list for BALUG <balug-talk.lists.balug.org>
List-Unsubscribe: <https://lists.balug.org/cgi-bin/mailman/options/balug-talk>,
<mailto:balug-talk-request@lists.balug.org?subject=unsubscribe>
List-Archive: <https://lists.balug.org/pipermail/balug-talk/>
List-Post: <mailto:balug-talk@lists.balug.org>
List-Help: <mailto:balug-talk-request@lists.balug.org?subject=help>
List-Subscribe: <https://lists.balug.org/cgi-bin/mailman/listinfo/balug-talk>,
<mailto:balug-talk-request@lists.balug.org?subject=subscribe>
Cc: BALUG-Talk <balug-talk@lists.balug.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: balug-talk-bounces@lists.balug.org
Sender: "BALUG-Talk" <balug-talk-bounces@lists.balug.org>
X-SA-Do-Not-Run: Yes
X-EximConfig: v2.5 on balug.org (http://www.jcdigita.com/eximconfig)
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: balug-talk-bounces@lists.balug.org
X-SA-Exim-Scanned: No (on balug-sf-lug-v2.balug.org); SAEximRunCond expanded to false
Ah, I recall times I participated in Installfest For The Schools, I
think these guys were involved...
On Fri, Jun 26, 2020 at 2:37 AM Michael Paoli
<Michael.Paoli@cal.berkeley.edu> wrote:
>
> Also replied to 'em off-list regarding Partimus and such.
>
> references/excerpts:
>
> > From: "Michael Paoli" <Michael.Paoli@cal.berkeley.edu>
> > To: "Cameron Abrams" <cameronabrams25@gmail.com>, "Christian
> > Einfeldt" <christian@partimus.org>, "Grant Bowman"
> > <grant@partimus.org>, "James Howard" <james@partimus.org>
> > Cc: "Rick Moen" <rick@linuxmafia.com>
> > Subject: Re: Company in Concord seeks to donate older PCs to a LUG
> > Date: Fri, 26 Jun 2020 02:15:09 -0700
>
> > Cameron / Partimus folks, perhaps y'all ought connect. :-)
> >
> > I believe Partiums is (approximately?) based in(/around?) San Francisco,
> > and also does / has done work with some East Bay (Oakland, if I
> > recall correctly) school(s). I believe Grant is also out in East Bay,
> > East of Concord.
> >
> > Also including link to list of lists (of [L]UGs), in case that's
> > also useful.
> >
> > Thanks for reaching out and asking!
> >
> > http://www.partimus.org/
> > http://www.partimus.org/contact.php
> >
> > https://www.wiki.balug.org/wiki/doku.php?id=balug:bay_area_open_source_linux_bsd_unix_user_groups_and_related_associations_and_events#meta-list_-_list_of_lists
> >
> > references/excerpts:
> > http://linuxmafia.com/pipermail/dvlug/2020q2/000608.html
> > http://linuxmafia.com/pipermail/dvlug/2020q2/000609.html
> > https://groups.google.com/g/berkeleylug/c/Tr_WRg1STpI/m/qOZ_8bheCQAJ
> > https://lists.balug.org/pipermail/balug-talk/2020-June/000213.html
> >
> >> From: "Rick Moen" <rick@linuxmafia.com>
> >> To: dvlug@linuxmafia.com
> >> Subject: [dvlug] Company in Concord seeks to donate older PCs to a LUG
> >> Date: Thu, 25 Jun 2020 11:02:25 -0700
> >
> >> ----- Forwarded message from Cameron Abrams
> >> <cameronabrams25@gmail.com> -----
> >>
> >> Date: Thu, 25 Jun 2020 09:28:39 -0700
> >> From: Cameron Abrams <cameronabrams25@gmail.com>
>
>
> > From rick@linuxmafia.com Thu Jun 25 18:11:04 2020
> > Date: Thu, 25 Jun 2020 11:10:49 -0700
> > From: Rick Moen <rick@linuxmafia.com>
> > To: BALUG-Talk@lists.balug.org
> > Subject: [BALUG-Talk] Company in Concord seeks to donate older PCs to a LUG
> >
> > ----- Forwarded message from Cameron Abrams <cameronabrams25@gmail.com> -----
> >
> > Date: Thu, 25 Jun 2020 09:28:39 -0700
> > From: Cameron Abrams <cameronabrams25@gmail.com>
> > To: dvlug-owner@linuxmafia.com
> > Subject: Do you take donations?
> >
> > Hello,
> >
> > I am contacting you on behalf of the company I work for. We are located in
> > Concord, and are in the midst of a transition. We would like to get rid of
> > some older PCs we have replaced with newer ones, and we are in the midst of
> > wiping all of our hard drives. We were wondering if perhaps this was a
> > Linux group that took donations, as we would rather put the PCs to use than
> > scrap them as e-waste. If you do accept donations and would like to discuss
> > this matter further, or if you do not accept donations but do know of other
> > local groups that accept donations, please email me back.
> >
> > Thanks,
> >
> > Cameron
> >
> > ----- End forwarded message -----
>
>
> _______________________________________________
> BALUG-Talk mailing list
> BALUG-Talk@lists.balug.org
> https://lists.balug.org/cgi-bin/mailman/listinfo/balug-talk
--
--
Best Regards.
This is unedited.
This message came out of me
via a suboptimal keyboard.
_______________________________________________
BALUG-Talk mailing list
BALUG-Talk@lists.balug.org
https://lists.balug.org/cgi-bin/mailman/listinfo/balug-talk
----- End forwarded message -----
More information about the BALUG-Admin
mailing list