On 4/1/2008 5:43 PM, Arvid Ephraim Picciani wrote:
and another mail false positive:
2.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?91.151.146.244>]
1.1 RCVD_IN_SORBS_WEB RBL: SORBS: sender is a abuseable web server
[91.151.146.244 listed in dnsbl.sorbs.net]
again a perfectly valid login into gmail.
So if you want to damage an ISP you're going to run some open proxys on dynips
and voila the next user having that ip gets blocked. i dont get it.
how does this apparantely infected source relate to gmail?
http://www.spamhaus.org/query/bl?ip=91.151.146.244
http://cbl.abuseat.org/lookup.cgi?ip=91.151.146.244&.submit=Lookup
It was detected at 2008-04-01 15:00 GMT (+/- 30 minutes), approximately
3 hours ago.
if you hit that IP via HTTP you reach some home router web interface.
good thing its listed - who knows how many infected boxes sit behind
that toy.
Its a valid bot infected botnet IP.
If this a false positive - pls re-check the meaning of "false positive"
