LISTSERV 16.0 - MSUNAG Archives

Subscriber's Corner

Email Lists

MSUNAG Archives

MSUNAG@LIST.MSU.EDU

View:

Message:

[

First

Last

]

By Topic:

[

First

Last

]

By Author:

[

First

Last

]

Font:

Proportional Font

		LISTSERV at MSU
		MSUNAG Home
		MSUNAG September 2003

Subject:

Re: Another AOL spam block message

From:

"Russell J. Lahti" <[log in to unmask]>

Reply-To:

MSU Network Administrators Group <[log in to unmask]>

Date:

Tue, 2 Sep 2003 15:44:25 -0400

Content-Type:

text/plain

Parts/Attachments:

text/plain (151 lines)

More than likely individual systems that have had
security problems that have allowed it to become
an open relay/proxy at some point in time.  Many
viruses are in circulation that open up http
and socks proxies on random ports that allow for
remote abuse.  For example, here is a list of
IP addresses at MSU that have made it into
DSBL for running an open relay/proxy (multihop in
some cases):

35.9.98.20     openrelay.msu.edu
35.9.5.100     Host not found.
35.9.5.26      pilot06.cl.msu.edu
35.9.5.23      pilot03.cl.msu.edu
35.9.5.32      pilot12.cl.msu.edu
35.9.5.24      pilot04.cl.msu.edu
35.9.5.29      pilot09.cl.msu.edu
35.8.163.65    infos.ent.msu.edu
35.9.5.33      pilot13.cl.msu.edu
35.9.5.38      pilot18.cl.msu.edu
35.8.152.77    sol.bch.msu.edu
35.9.5.35      pilot15.cl.msu.edu
35.9.5.21      pilot01.cl.msu.edu
35.9.5.30      pilot10.cl.msu.edu
35.9.5.28      pilot08.cl.msu.edu
35.9.5.27      pilot07.cl.msu.edu
35.9.5.40      pilot20.cl.msu.edu
35.9.6.36      list1.cl.msu.edu
35.8.3.158     barnes.cl.msu.edu
35.9.5.25      pilot05.cl.msu.edu
35.11.14.217   Host not found.
35.8.138.21    bailey.grounds.msu.edu
35.8.74.49     Host not found.
35.11.11.172   drakesa1.user.msu.edu
35.12.228.34   sagitario.egr.msu.edu
35.12.228.22   erl.egr.msu.edu
35.8.4.18      capa1.nscl.msu.edu
35.11.186.169  cholujni.user.msu.edu
35.11.128.248  gastonkr.user.msu.edu
35.11.108.150  Host not found.
35.11.174.67   user-a4c974.user.msu.edu
35.11.243.45   user-c17701.user.msu.edu
35.11.136.221  user-b5d908.user.msu.edu
35.11.186.136  hurleyk2.user.msu.edu
35.11.221.144  user-e117e8.user.msu.edu
35.11.17.82    Host not found.
35.8.73.91     Host not found.
35.11.185.214  growstac.user.msu.edu
35.11.157.137  user-289e7e.user.msu.edu
35.11.188.47   Host not found.
35.11.202.237  user-ae18d6.user.msu.edu
35.11.96.78    Host not found.
35.11.223.124  user-1ef1ad.user.msu.edu
35.11.100.134  Host not found.
35.11.131.75   dudleym7.user.msu.edu
35.11.129.220  user-ff6e44.user.msu.edu
35.11.129.170  user-fb88bf.user.msu.edu
35.11.182.74   user-a48cbb.user.msu.edu
35.11.26.64    Host not found.
35.11.25.200   Host not found.
35.11.189.137  ealytene.user.msu.edu
35.11.15.131   Host not found.
35.11.204.6    lasordac.user.msu.edu
35.11.129.27   user-40142c.user.msu.edu
35.11.22.219   mazoraar.user.msu.edu
35.11.216.44   frazeeni.user.msu.edu
35.11.129.202  user-ce580e.user.msu.edu
35.11.147.34   garciaez-2.user.msu.edu
35.11.186.174  user-7e8ba5.user.msu.edu
35.11.108.153  Host not found.
35.11.134.25   user-3c083c.user.msu.edu
35.11.134.40   user-3cef1c.user.msu.edu
35.11.182.87   user-6cfa87.user.msu.edu
35.11.193.30   soriano1.user.msu.edu
35.11.217.5    user-9e792e.user.msu.edu
35.11.157.133  user-e197eb.user.msu.edu
35.11.157.199  user-d9a330.user.msu.edu
35.11.136.25   user-9b8fe4.user.msu.edu
35.9.136.134   eb3238p01.dhcp.egr.msu.edu
35.11.221.98   user-3a1153.user.msu.edu
35.11.97.215   Host not found.
35.11.243.119  user-3f1f9a.user.msu.edu
35.11.221.51   user-ecc099.user.msu.edu
35.8.140.60    Host not found.
35.11.215.210  Host not found.
35.8.73.54     clear.msu.edu
35.11.17.216   sonjiwon-2.user.msu.edu
35.11.97.17    Host not found.
35.9.86.101    httest.msufgp.msu.edu
35.11.100.246  Host not found.
35.8.27.38     jbpc.cem.msu.edu
35.11.98.41    Host not found.
35.11.98.4     Host not found.
35.10.239.31   fw-136.user.msu.edu
35.9.5.5       idmail.cl.msu.edu
35.9.5.41      pilot21.cl.msu.edu
35.9.5.31      pilot11.cl.msu.edu
35.9.5.39      pilot19.cl.msu.edu
35.9.5.48      pilot28.cl.msu.edu
35.9.5.47      pilot27.cl.msu.edu
35.9.5.44      pilot24.cl.msu.edu
35.8.179.21    beal.cpp.msu.edu
35.8.96.163    Host not found.
35.10.216.132  Host not found.
35.11.98.7     Host not found.
35.8.133.160   olympus.bus.msu.edu
35.8.240.113   ap-12.com.msu.edu
35.8.240.8     www.com.msu.edu
35.11.97.93    Host not found.
35.11.98.25    Host not found.
35.11.182.108  alvare20.user.msu.edu
35.11.136.50   ceokari.user.msu.edu
35.11.184.142  holmesd6.user.msu.edu
35.10.63.135   Host not found.
35.11.200.217  hollada7.user.msu.edu
35.12.26.81    pm854-29.dialip.mich.net
35.11.243.38   user-b58c92.user.msu.edu
35.11.200.191  cheejohn.user.msu.edu
35.11.245.183  user-968ba5.user.msu.edu


Note that almost every single one of these listings
means that the IP has been abusable by third parties for
any number of tasks and probably was abused in order to
make it into the list (and may still be open to abuse.)
Details for each IP can be looked up on:

http://dsbl.org/listing

AOL does its own relay / proxy testing.  And uses
its own blacklist to deny mail.  You may also want to
make sure that clients aren't trying to send mail with
the outgoing mailserver of openrelay.msu.edu, which is
on almost every single blacklist out there.

Hope this helps.

-Russell


Joseph Deming wrote:

> I have this problem occurring from one of my workstations.  It happens
> repeatedly when sending from the same computer.  Doug and others have
> verified (by sending test e-mails) that MSU has not been blocked as a
> whole and it seems unlikely that any portion of MSU has been blocked.
> More likely, individual computers have been added to their blocked IP
> list.  In our case, it was the one computer on my network that managed
> to get a virus during the recent onslaught.  This computer was
> mass-mailing for a few hours one day and likely that was why it was
> blocked.

Top of Message | Previous Page | Permalink