gb-users mailing list archive
<-- Chronological -->
Extended
<-- Thread -->

[gb-users] RE: {Spam?} [gb-users] gb-users list being marked as spam

More messages from [ Martin Hepworth]
To: <gb-users_at_gta_dot_com>
Subject: [gb-users] RE: {Spam?} [gb-users] gb-users list being marked as spam
From: "Martin Hepworth" <martinh_at_solid-state-logic_dot_com>
Date: Mon, 28 Nov 2005 09:18:22 -0000
In-reply-to: <10511262217.AA02425@solid-state-logic.com> 
Looks like someone is ruuning a really old version of spamassassin as well.
I got the email and it showed a version 2.55 in the headers. If I remember
rightly this has at least one nasty vulnerability in it.

--
Martin Hepworth 
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300

> -----Original Message-----
> From: Don Drake [mailto:don_at_drakeconsult_dot_com]
> Sent: 26 November 2005 22:17
> To: gb-users-help_at_gta_dot_com; gb-users_at_gta_dot_com
> Subject: {Spam?} [gb-users] gb-users list being marked as spam
> 
> Did GTA recently change ISP's?  I just noticed most GB-USERS email is
> being
> flagged as spam by my server and it's due to the SPF configuration of
> gta.com.
> 
> 
> 
> Here's a recent header:
> 
> 
> 
> X-Spam-Flag: YES
> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
>         katie.drakeconsult.com
> X-Spam-Level: *****
> X-Spam-Status: Yes, score=5.7 required=5.0 tests=BAYES_50,RATWARE_MS_HASH,
>         SPF_HELO_SOFTFAIL,SPF_SOFTFAIL autolearn=no version=3.1.0
> X-Spam-Report:
>         *  1.4 SPF_SOFTFAIL SPF: sender does not match SPF record
> (softfail)
>         *      [SPF failed: Please see
> http://spf.pobox.com/why.html?sender=gb-users-return-2304-
> don%3Ddrakeconsult
> .com%40gta.com&ip=24.227.126.130&receiver=katie.drakeconsult.com]
>         *  2.4 SPF_HELO_SOFTFAIL SPF: HELO does not match SPF record
> (softfail)
>         *      [SPF failed: Please see
> http://spf.pobox.com/why.html?sender=gta.com&ip=24.227.126.130&receiver=ka
> ti
> e.drakeconsult.com]
>         *  0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
>         *      [score: 0.5001]
>         *  1.9 RATWARE_MS_HASH Bulk email fingerprint (msgid ms hash)
> found
> Received: from gta.com (24.227.126.130:3650)
>         by incoming.maillaunder.com with [XMail 1.20 ESMTP Server]
>         id <S371FB3> for <don_at_drakeconsult_dot_com> from
> <gb-users-return-2304-don=drakeconsult_dot_com_at_gta_dot_com>;
>         Thu, 24 Nov 2005 08:06:05 -0600
> Received: (qmail 79088 invoked by alias); 24 Nov 2005 14:06:01 -0000
> Mailing-List: contact gb-users-help_at_gta_dot_com; run by ezmlm
> Precedence: bulk
> List-Post: <mailto:gb-users_at_gta_dot_com>
> List-Help: <mailto:gb-users-help_at_gta_dot_com>
> List-Unsubscribe: <mailto:gb-users-unsubscribe_at_gta_dot_com>
> List-Subscribe: <mailto:gb-users-subscribe_at_gta_dot_com>
> Delivered-To: mailing list gb-users_at_gta_dot_com
> Delivered-To: gb-users_at_gta_dot_com
> Received: (qmail 79071 invoked by uid 0); 24 Nov 2005 14:06:01 -0000
> X-GB-Rule: 7
> X-GB-Received: from mail.solid-state-logic.com (193.117.244.250) by
>   mailgate2.gta.com (199.120.225.5); 3.7.2 pre-release a; 24 Nov 2005
>   09:06:00 -0500
> X-GB-From: martinh_at_solid-state-logic_dot_com
> X-GB-To: gb-users_at_gta_dot_com
> X-GB-AS-summary:  2,-4,0,253d7adf9903369c,367b350d6234bb7e,martinh_at_solid
>   -state-logic.co
>   m,gb-users_at_gta_dot_com,RULES_HIT:10:69:355:379:539:541:542:599:600:601:94
>   5:946:967:973:980:988:989:1155:1156:1160:1260:1261:1277:1311:1313:131
>   4:1345:1359:1437:1515:1516:1518:1534:1543:1593:1594:1605:1711:1730:17
>   47:1766:1785:2075:2078:2393:2525:2553:2559:2564:2682:2685:2741:2857:2
>   859:2900:2901:2933:2937:2939:2942:2945:2947:2951:2954:3022:3027:3934,
>   0,RBL:none,CacheIP:none,Bayesian:0.5,1.49764e-05,0.5,Netcheck:none,Do
>   mainCache:0,MSF:not bulk
> X-GB-AS: unknown, (score 2, 0 seconds)
> X-GB-AV: none found (0 seconds)
> From: "Martin Hepworth" <martinh_at_solid-state-logic_dot_com>
> To: <tritter_at_westfaliausa_dot_com>, <gb-users_at_gta_dot_com>
> Date: Thu, 24 Nov 2005 14:05:41 -0000
> Message-Id: <013401c5f100$29605400$3004010a_at_martinhlaptop>
> Mime-Version: 1.0
> Content-Type: text/plain; charset="US-ASCII"
> Content-Transfer-Encoding: 7bit
> X-Mailer: Microsoft Office Outlook 11
> In-Reply-To: <1132690408_414_at_mailgate>
> Thread-Index: AcXvoTZmTfBq/X+SQXi3hgsOpQKC3gBXspEw
> X-Solid-State-Logic-MailScanner-Information: Please contact Solid State
>   Logic for more information
> X-Solid-State-Logic-MailScanner: Found to be clean
> X-Solid-State-Logic-MailScanner-From: martinh_at_solid-state-logic_dot_com
> Subject: RE: [gb-users] Two Public Networks - One Provider
> 
> 
> 
> Here's your current SPF record:
> 
> [drake_at_prior drake]$ dig gta.com txt
> 
> 
> 
> ; <<>> DiG 9.2.3 <<>> gta.com txt
> 
> ;; global options:  printcmd
> 
> ;; Got answer:
> 
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64725
> 
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 4
> 
> 
> 
> ;; QUESTION SECTION:
> 
> ;gta.com.                       IN      TXT
> 
> 
> 
> ;; ANSWER SECTION:
> 
> gta.com.                300     IN      TXT     "v=spf1 ip4:199.120.225.20
> ip4:199.120.225.4 ~all"
> 
> 
> 
> ;; AUTHORITY SECTION:
> 
> gta.com.                300     IN      NS      ns2.gta.com.
> 
> gta.com.                300     IN      NS      ns2.everydns.net.
> 
> gta.com.                300     IN      NS      ns3.everydns.net.
> 
> gta.com.                300     IN      NS      ns4.everydns.net.
> 
> gta.com.                300     IN      NS      ns1.gta.com.
> 
> gta.com.                300     IN      NS      ns1.everydns.net.
> 
> 
> 
> ;; ADDITIONAL SECTION:
> 
> ns1.everydns.net.       172394  IN      A       64.158.219.3
> 
> ns2.everydns.net.       172394  IN      A       216.218.240.206
> 
> ns3.everydns.net.       172394  IN      A       80.84.249.169
> 
> ns4.everydns.net.       172394  IN      A       63.219.183.200
> 
> 
> 
> ;; Query time: 108 msec
> 
> ;; SERVER: 10.0.0.10#53(10.0.0.10)
> 
> ;; WHEN: Sat Nov 26 16:13:46 2005
> 
> ;; MSG SIZE  rcvd: 270
> 
> 
> 
> 
> 
> From the mail headers, we receive the email from 24.227.126.130, which is
> not part of your SPF record.
> 
> 
> 
> Please fix this ASAP.
> 
> 
> 
> -Don
> 
> 
> 
> Donald Drake
> 
> President
> 
> Drake Consulting
> 
> http://www.drakeconsult.com/
> 
> 312-560-1574
> 
> ------------------------------------------------------
> To unsubscribe:           gb-users-unsubscribe_at_gta_dot_com
> For additional commands:         gb-users-help_at_gta_dot_com
> Archive:  http://archives.gnatbox.com/gb-users/



**********************************************************************

This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.	

**********************************************************************

------------------------------------------------------
To unsubscribe:           gb-users-unsubscribe_at_gta_dot_com
For additional commands:         gb-users-help_at_gta_dot_com
Archive:  http://archives.gnatbox.com/gb-users/
[ Search for messages with a similar subject]
<Prev in Thread] Current Thread [Next in Thread>
  • [gb-users] RE: {Spam?} [gb-users] gb-users list being marked as spam, Martin Hepworth <=
Previous by Date:  [gb-users] gb-users list being marked as spam, Don Drake
Next by Date:  [gb-users] Opening port 8080, Rick Jones
Previous by Thread:  [gb-users] gb-users list being marked as spam, Don Drake
Next by Thread:  [gb-users] Opening port 8080, Rick Jones
Indexes:  [Date] [Thread] [All Lists] [Home]
Global Technology Associates, Inc