[gna-project] Re: [DSBL-Contact] Website link for 213.228.0.176

Wed, 08 Jun 2005 12:00:32 +0200 

Hello.

Mathieu Roy wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello people at DSBL,
> 
> There's a record where I suspect the "trusted user" (IP:
>  82.238.216.148) register smtps of it's own ISP, which is quite
>  annoying. 

Unfortunately, this machine 82.238.216.148 is really vulnerable and
really compromises your mail system just now. The practical proposal is
to insulate 82.238.216.148 from your mailservers as soon as possible.

A fresh test from Russia to Russia through 82.238.216.148-213.228.0.176
chain:

Return-Path: <>
Received: from postfix4-2.free.fr (postfix4-2.free.fr [213.228.0.176])
        by secadm.wplus.net (Postfix) with ESMTP id 3285171892
        for <[EMAIL PROTECTED]>; Wed,  8 Jun 2005 13:55:52 +0400 (MSD)
Received: from Controleur-01.GS2i.fr
(nor75-3-82-226-121-190.fbx.proxad.net [82.226.121.190])
        by postfix4-2.free.fr (Postfix) with ESMTP id C639231DA82
        for <[EMAIL PROTECTED]>; Wed,  8 Jun 2005 11:55:51 +0200 (CEST)
Received: from secadm.wplus.net ([195.131.4.141]) by
Controleur-01.GS2i.fr with Microsoft SMTPSVC(6.0.3790.0);
         Wed, 8 Jun 2005 11:54:57 +0200
Message-ID: <[EMAIL PROTECTED]>
Date: Wed, 8 Jun 2005 09:54:50 +0000
To: <[EMAIL PROTECTED]>
Subject: Open Relay Test Message
From: <>
X-OriginalArrivalTime: 08 Jun 2005 09:54:57.0093 (UTC)
FILETIME=[20871F50:01C56C10]

MAIL FROM:<>
RCPT TO:<[EMAIL PROTECTED]>

Best,
Alexey



> 
> The ISP is Free.fr/Proxad.
> 
> Example: <http://dsbl.org/message?27060329>, the input IP is
> 82.238.216.148 (yes, I read the FAQ entry regarding this kind of
> problem, and I do not think that's a matter of missing headers), and
> this belong to Free.fr/Proxad... as well as the listed SMTP
> (213.228.0.176 = postfix4-2.free.fr).
> 
> 
> The following tend to confirm that 82.238.216.148 is really a
> Free.fr/Proxad.net customer:
> <http://openrbl.org/ip/82/238/216/148.whois.htm>
> 
> 
> Regards,
> 
> - -- 
> Mathieu Roy
> 
>   +
>   | Thalie  : <http://yeupou.coleumes.org/> 
>   | Clio    : <http://clio.coleumes.org/>       
>   | Uranie  : <http://alberich.coleumes.org/>
>   | Euterpe : <http://kromaniaks.coleumes.org/>
>   +-----------------------------------------------------------+
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> 
> iD8DBQFCpr0KNl9/9y2hmbkRAhIeAJ4+aPGhajyf+LWrFdofgHc7cIU6IwCgigzh
> Z3d2VIPJrr/XvXwhB2J0Szc=
> =7qRv
> -----END PGP SIGNATURE-----

Reply via email to