[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: New Mail Address (long)

To: Richard Klappal <klappal@xnet.com>
Subject: RE: New Mail Address (long)
From: Ron Wickersham <rjw@alembic.com>
Date: Mon, 11 Oct 2004 23:46:08 -0700 (PDT)
Cc: droege@snapmail.us, tass@listserv.wwa.com
In-reply-to: <NKEMLCNBEGCACOFCLPDFOEPPDBAA.klappal@xnet.com>
References: <NKEMLCNBEGCACOFCLPDFOEPPDBAA.klappal@xnet.com>
Sender: owner-tass@listserv.wwa.com

hi Richard and Tom,

Summary:
i don't believe that Tom has anything to worry about regarding snapmail.us.

-ron

###

Explanation:

the message Tom sent to the list just following yours has the following
header:

Received: from [129.250.36.57] (helo=dfw-smtpin5.email.verio.net)
  by dfw-listserv1.email.verio.net with esmtp id 1CHA5g-0006YU-9U
  for tass@listserv.wwa.com; Tue, 12 Oct 2004 00:00:32 +0000
Received: from [69.36.45.91] (helo=crackle.snapmail.us)
  by dfw-smtpin5.email.verio.net with esmtp id 1CHA5f-0003aU-RH
  for tass@listserv.wwa.com; Tue, 12 Oct 2004 00:00:31 +0000
Received: from www.snapmail.us (localhost [127.0.0.1])
  by crackle.snapmail.us (Postfix) with SMTP
  id 53CF9150177; Mon, 11 Oct 2004 19:03:13 -0500 (CDT)
Received: from 66.32.215.229 (SquirrelMail authenticated user droege)
  by www.snapmail.us with HTTP; Mon, 11 Oct 2004 19:03:13 -0500 (CDT)
  Message-ID: <16815.66.32.215.229.1097539393.squirrel@www.snapmail.us>

note that snapmail has included Tom's ip address in the message-id.  this
goes beyond what many mail agents provide, so even if the header lines
are munged off, the message-id still provides the originating host.  if
the message contained spam (which Tom's machine isn't doing) you could
still trace the message back to the originating host.

the next Received: entry is just localhost at snapmail.us.   but the
one above show the ip address for crackle.snapmail.us.    i entered
69.36.45.91 in the SORBS database check and it is
"Not Included in the Database".

now if you check Tom's host ip 66.32.215.229, then it is indeed present
in the SORBS database as
"Dynamic IP Space (LAN, Cable, DSL & Dial Ups)
Netblock:	66.32.0.0/16 (66.32.0.0-66.32.255.255)
Record Created:	Mon Nov 24 13:20:00 2003 GMT
Record Updated:	Mon Nov 24 13:20:00 2003 GMT".

on their main web page (us server) they publish that in addition to
bocking known spammers, open relays, trojans, etc., SORBS "more recently
made the move to preemptively list all dynamically allocated IP address
space".    note that the record hasn't been updated since it was created
in Nov 2003, so Tom's ip address isn't listed due to any bad activity
it is simply listed because the entire netblock is dynamically assigned
to customer's hosts.   the address that is contained in the SORBS database
doesn't have anything to do with snapmail, it belongs to mindspring.net:

rjw@libcat:~# whois -h whois.arin.net 66.32.in-addr.arpa

OrgName:    EarthLink Network, Inc.
OrgID:      ERAD
Address:    1375 PECHTREE ST, LEVEL A
City:       ATLANTA
StateProv:  GA
PostalCode: 30309
Country:    US

NetRange:   66.32.0.0 - 66.32.255.255
CIDR:       66.32.0.0/16
NetName:    EARTHLINKDSL-2BLK
NetHandle:  NET-66-32-0-0-1
Parent:     NET-66-0-0-0-0
NetType:    Direct Allocation
NameServer: ITCHY.MINDSPRING.NET
NameServer: SCRATCHY.MINDSPRING.NET
Comment:
RegDate:    2000-10-13
Updated:    2002-10-30

TechHandle: DAE4-ARIN
TechName:   Domain Administrator, Administrator
TechPhone:  +1-404-815-0770
TechEmail:  arinpoc@corp.earthlink.net

OrgAbuseHandle: ABUSE60-ARIN
OrgAbuseName:   ABUSE TEAM
OrgAbusePhone:  +1-404-815-0770
OrgAbuseEmail:  abuse@abuse.earthlink.net

OrgTechHandle: ELNK-ORG-ARIN
OrgTechName:   EarthLink, Inc.
OrgTechPhone:  +1-404-815-0770
OrgTechEmail:  arin_tech@lists.corp.earthlink.net

# ARIN WHOIS database, last updated 2004-10-11 19:10

so fortunately Tom doesn't have anything to worry about with regards to
mail from snapmail.us.  they appear to be very responsible about spam.

-ron

--
/~\  The ASCII Ribbon Campaign
\ /    No HTML/RTF in email
 X     No Word docs in email
/ \  Respect for open standards

On Mon, 11 Oct 2004, Richard Klappal wrote:

> Date: Mon, 11 Oct 2004 18:49:30 -0500
> From: Richard Klappal <klappal@xnet.com>
> To: droege@snapmail.us, tass@listserv.wwa.com
> Subject: RE: New Mail Address
>
> Unfortunately, you come up as residing in a block of blacklisted IP
> addresses by SORBS.  Apparently snapmail doesn't enforce things very well.
>
> You may have difficulties getting thru some firewalls depending on how
> system managers believe the believe the abuser databases.
>
> Richard
>
>
> -----Original Message-----
> From: owner-tass@listserv.wwa.com [mailto:owner-tass@listserv.wwa.com]On
> Behalf Of droege@snapmail.us
> Sent: Monday, 11 October, 2004 12:56
> To: tass@listserv.wwa.com
> Subject: New Mail Address
>
>
> I evaluated 7 different services and ended up with this one since it
> allowed me to set a large type face and still read messages.  This is
> important to me since I have limited vision. It is amazing that these mail
> services are in such a primitive state of development.  This one, for
> example, meets most of my needs but I was not able tom pay them with a
> credit card.  They wanted me to do things (sign up for PayPal) which I did
> not want to do.
>
> In any case, I now have what I hope will be a permanent e-mail address.
>
> Tom Droege
>
>
> __________ NOD32 1.891 (20041011) Information __________
>
> This message was checked by NOD32 antivirus system.
> http://www.nod32.com
>
>
>

References:
- RE: New Mail Address
  - From: "Richard Klappal" <klappal@xnet.com>

Prev by Date: Re: New Mail Address
Next by Date: No Subject
Prev by thread: Re: New Mail Address
Next by thread: No Subject
Index(es):
- Date
- Thread