[SAC] Fwd: blacklisted mapserver

Howard Butler hobu.inc at gmail.com
Wed Apr 1 10:35:35 EDT 2009


mapserver.org (the .219 blade) was blacklisted because its mail server  
was incorrectly configured.  I have shutdown sendmail and postfix on  
the .219 blade.  If anyone was actually using .219 to send email,  
these must be fixed before starting up or .219 will be blacklisted.   
Any of the other blades will likely suffer a similar fate if their  
mail servers are incorrectly setup (just turning on postfix/sendmail  
by default will leave its hostname to 'localhost.localdomain' which  
many of the HELO test'ers will flag).

Howard

Begin forwarded message:

>
> I have shutdown sendmail and postfix on .219 and I was able to  
> successfully delist the server from the CBL.  If anyone is using any  
> of the blades to send email, they must be configured correctly for  
> hostname, etc, or this will happen again.
>
> http://cbl.abuseat.org/lookup.cgi?ip=198.202.74.219
>
> Howard
>
> On Mar 31, 2009, at 1:21 PM, Howard Butler wrote:
>
>> We were blacklisted because sendmail or some other mailing facility  
>> on .219 is not configured correctly and is using  
>> 'localhost.localdomain' instead of its real hostname.  This put us  
>> on the CBL, which IronPort then used to also black list us.
>>
>> http://www.senderbase.org/senderbase_queries/rep_lookup?search_name=http%3A%2F%2Fmapserver.org&action%3ASearch=Search
>>
>> http://cbl.abuseat.org/lookup.cgi?ip=198.202.74.219
>>
>> http://cbl.abuseat.org/namingproblems.html
>>
>> We need to get mail configured correctly on .219, or stop sending  
>> mail with .219 altogether (I don't know who/what is doing so), and  
>> then req
>> On Mar 31, 2009, at 12:52 PM, Frank Warmerdam wrote:
>>
>>> John van de Vegte wrote:
>>>> Hi Frank, sorry for the fuzz,
>>>> Our firewall does not allow us to reach mapserver.org because it  
>>>> is running vulnerable services (see screen grab).
>>>> I assume that you guys upgraded your mapserver (at mapserver.org)  
>>>> and that you can be removed from the list, but you need to notify  
>>>> those securitytracker? people to get you cleared ?
>>>
>>> John,
>>>
>>> I don't think that we (the mapserver project) can do much about
>>> IronPort deciding to blacklist mapserver.org.  I'm not aware of
>>> any mapserver servers actually running in the mapserver.org domain
>>> though there is a demo.mapserver.org with instances.
>>>
>>> As far as I can see, you guys have an IT issue with how you  
>>> (outsource)
>>> blacklisting.  I'm not sure that we will be that interested in  
>>> dealing
>>> with these folks to get delisted.
>>>
>>> I've cc:ed Jeff and Howard who are primarily responsible for the  
>>> web site.
>>>
>>> Best regards,
>>> -- 
>>> --------------------------------------- 
>>> +--------------------------------------
>>> I set the clouds in motion - turn up   | Frank Warmerdam, warmerdam at pobox.com
>>> light and sound - activate the windows | http://pobox.com/~warmerdam
>>> and watch the world go round - Rush    | Geospatial Programmer for  
>>> Rent
>>>
>>
>



More information about the Sac mailing list