[Rack] Fwd: Possible Spam Abuse Report - noisebridge.net - 75.101.62.88

Dr. Jesus j at hug.gs
Wed Jan 12 09:27:28 UTC 2011


root at r00ter:~# pfctl -s rules | grep 109
block return quick on sis1 inet from 172.30.1.109 to any

On Wed, Jan 12, 2011 at 1:25 AM, Dr. Jesus <j at hug.gs> wrote:
> $ nmblookup -A 172.30.1.109
> Looking up status of 172.30.1.109
>        OPTIMUSRHYME    <00> -         B <ACTIVE>
>        WORKGROUP       <00> - <GROUP> B <ACTIVE>
>        OPTIMUSRHYME    <20> -         B <ACTIVE>
>        WORKGROUP       <1e> - <GROUP> B <ACTIVE>
>
>        MAC Address = 00-26-B6-25-EB-98
>
> $ ouilookup 00-26-B6
> 00-26-B6   (hex)                Askey Computer
> 0026B6     (base 16)            Askey Computer
>                                10F,NO.119,CHIENKANG RD,CHUNG-HO
>                                TAIPEI  235
>                                TAIWAN, REPUBLIC OF CHINA
>
>
> On Wed, Jan 12, 2011 at 1:20 AM, Andy Isaacson <adi at hexapodia.org> wrote:
>> Another one.  (Right now!)
>>
>> On Wed, Jan 12, 2011 at 01:15:37AM -0800, do-not-reply at junkemailfilter.com wrote:
>>> This is an automated email abuse report from the folks at junkemailfilter.com for an email message received from IP address [75.101.62.88] on Wed, 12 Jan 2011 01:15:37 -0800.
>>>
>>> We hope this information will help you in determining the source of the problem and shut it down. The original message is attached in MIME format with complete headers. For more information about this standardized abuse report format [ARF] please visit http://www.mipassoc.org/arf/ If you would prefer abuse reports in text format let us know.
>>>
>>> If you have any questions or feedback about this abuse report or are interested in learning about our spam filtering technology feel free to contact us. If this is not spam please accept our apologies and let us know so we can fix the problem. Pay close attention to the REASON listed.
>>> Marc Perkel - Fearless Leader
>>> Junk Email Filter dot com
>>> http://www.junkemailfilter.com
>>> errors at junkemailfilter.com
>>>
>>> * Date:    Wed, 12 Jan 2011 01:15:37 -0800
>>> * From:    "Pfizer Company" <roqyh9216 at noisebridge.net>
>>> * Subject: Dear onnolly -80% now
>>> * Host:    nat-sonicnet.noisebridge.net [75.101.62.88]
>>> * Reason:  MULTI-BLACKLIST - [S=9 -  rep.mailspike.net cbl.abuseat.org truncate.gbudb.net] -  OurBl BlList - X=einstein H=nat-sonicnet.noisebridge.net [75.101.62.88] HELO=[noisebridge.net] F=[roqyh9216 at noisebridge.net] T=[onnolly at nwmangum.com] S=[Dear onn
>>>
>>> For more information about these abuse reports: http://wiki.junkemailfilter.com/index.php/Spam_abuse
>>> To test or be removed from our blacklist: http://ipadmin.junkemailfilter.com/remove.php?ip=75.101.62.88
>>>
>>> ======== Original Headers ========
>>>
>>> Received: from nat-sonicnet.noisebridge.net ([75.101.62.88] helo=noisebridge.net)
>>>       by einstein.junkemailfilter.com with esmtp (Exim 4.72)
>>>       id 1Pcwno-0001hq-Kz on interface=64.71.167.93
>>>       for onnolly at nwmangum.com; Wed, 12 Jan 2011 01:15:37 -0800
>>> Received: from OptimusRhyme (localhost [127.0.0.1])
>>>       by OptimusRhyme (8.13.4/8.13.4) with SMTP id 801c57b11CA08D0
>>>       for <onnolly at nwmangum.com>; Wed, 12 Jan 2011 01:15:35 -0800
>>>       (envelope-from roqyh9216 at noisebridge.net)
>>> Message-Id: <2011112115.55905C88E6B0E6A79FAD3 at OptimusRhyme>
>>> From: "Pfizer Company" <roqyh9216 at noisebridge.net>
>>> To: onnolly at nwmangum.com
>>> Date: Wed, 12 Jan 2011 01:15:35 -0800
>>> Mime-Version: 1.0
>>> Subject: Dear onnolly -80% now
>>> Content-Type: text/html; charset=windows-1251
>>> Content-Transfer-Encoding: 8bit
>>> X-Sender-Domain: noisebridge.net
>>> X-Spamfilter-host: einstein.junkemailfilter.com - http://www.junkemailfilter.com
>>> X-Mail-from: roqyh9216 at noisebridge.net
>>> X-Spam-Class: SPAM-HIGH-VERY - MULTI-BLACKLIST - [S=9 -  rep.mailspike.net cbl.abuseat.org truncate.gbudb.net] -  OurBl BlList - X=einstein H=nat-sonicnet.noisebridge.net [75.101.62.88] HELO=[noisebridge.net] F=[roqyh9216 at noisebridge.net] T=[onnolly at nwmangum.com] S=[Dear onnolly -80% now]
>>> X-Honeypot: Yes - MULTI-BLACKLIST - [S=9 -  rep.mailspike.net cbl.abuseat.org truncate.gbudb.net] -  OurBl BlList - X=einstein H=nat-sonicnet.noisebridge.net [75.101.62.88] HELO=[noisebridge.net] F=[roqyh9216 at noisebridge.net] T=[onnolly at nwmangum.com] S=[Dear onnolly -80% now]
>>> X-Abuse-email:
>>> X-Abuse-email: postmaster at noisebridge.net
>>> X-Sender-Host-Address: 75.101.62.88
>>> X-Sender-Host-Name: nat-sonicnet.noisebridge.net
>>> X-Original-helo: noisebridge.net
>>
>>
>>> From: Pfizer Company <roqyh9216 at noisebridge.net>
>>> To: onnolly at nwmangum.com
>>> Date: Wed, 12 Jan 2011 01:15:35 -0800
>>> Subject: Dear onnolly -80% now
>>> X-Mail-from: roqyh9216 at noisebridge.net
>>> X-Honeypot: Yes - MULTI-BLACKLIST - [S=9 -  rep.mailspike.net cbl.abuseat.org
>>>       truncate.gbudb.net] -  OurBl BlList - X=einstein
>>>       H=nat-sonicnet.noisebridge.net [75.101.62.88] HELO=[noisebridge.net]
>>>       F=[roqyh9216 at noisebridge.net] T=[onnolly at nwmangum.com] S=[Dear onnolly
>>>       -80% now]
>>> X-Abuse-email:
>>> X-Abuse-email: postmaster at noisebridge.net
>>>
>>>    Click here
>>>
>>>
>>
>> _______________________________________________
>> Rack mailing list
>> Rack at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/rack
>>
>



More information about the Rack mailing list