Spam Cannibal DNSBL?

[nobaloney]

That's correct.

Note I'm still using it myself, and may continue to use it, but I think it's too aggressive for some folk.

Jeff

 

[tlchost]

Any Spamcannibal whitelists yet? Major ISPs etc.

By the lack of response, I guess not. Jeff must be out of town or something....I had a very large bid for a domain name lost because the guy's email got rejected by Spamcannibal.

I asked this....will ask again, hoping someone has already done it

So, for us to remove it(spamcannibal) now we should comment out these lines in excim.conf?

deny message = Email blocked by SPAMCANNIBAL - to unblock see http://www.example.com/blocked.html
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = bl.spamcannibal.org

Then restart exim ?

Thanks

 

[rohit]

Yes, please comment those lines and then restart exim

 

[nobaloney]

Thom, please look at the top post on this page. Look at the first two words.

That was my answer to how to shut off SpamCannibal.

I think you may have missed it because it ended up on a separate page.

(I post in my siglines when I'm on vacation.)

Jeff

 

[tlchost]

Thom, please look at the top post on this page. Look at the first two words.

That was my answer to how to shut off SpamCannibal.

I think you may have missed it because it ended up on a separate page.

Ah...now that you've explained it...makes sense ... thanks.

 

[eger]

Just an update that Spam Cannibal is still blindly blacklisting large email providers. This time hotmail @ 65.54.246.174 (bay0-omc2-s38.bay0.hotmail.com). This one was caught by a friend of mine which I will be removing this blacklist.

Click for WhoisIP: 65.54.246.174  US	US
 	bay0-omc2-s38.bay0.hotmail.com

spam source
see
65.54.246.79
65.54.246.99
65.54.246.176
65.54.246.207
65.54.246.213

whois:

Whois response for: 65.54.246.174  US	US
  bay0-omc2-s38.bay0.hotmail.com

OrgName:    Microsoft Corp 
OrgID:      MSFT
Address:    One Microsoft Way
City:       Redmond
StateProv:  WA
PostalCode: 98052
Country:    US

NetRange:   65.52.0.0 - 65.55.255.255 
CIDR:       65.52.0.0/14 
NetName:    MICROSOFT-1BLK
NetHandle:  NET-65-52-0-0-1
Parent:     NET-65-0-0-0-0
NetType:    Direct Assignment
NameServer: NS1.MSFT.NET
NameServer: NS5.MSFT.NET
NameServer: NS2.MSFT.NET
NameServer: NS3.MSFT.NET
NameServer: NS4.MSFT.NET
Comment:    
RegDate:    2001-02-14
Updated:    2004-12-09

Seems pretty irresponsible to blacklist such a large provider like hotmail. Being a web-based mail client, how much spam can really be generated from it? I wonder if it is spam with forged @hotmail.com and spam cannibal is listing the forged domains MX?

 

[nobaloney]

We no longer recommend using SpamCannibal; it's not included in SpamBlocker3.

Jeff

 

[eger]

Arrggghhh. I just upgraded my exim to the newest stable available at directadmin and it was 2.1.1 and included spamcannibal!!

Got a false positive within 2 days of upgrading and figured it out... I think there should be a minor update for 2.X to remove it...

 

[eger]

For anyone interested in knowing, they are now blocking gmail:

2008-04-11 08:31:20 H=rn-out-0910.google.com [64.233.170.191] F=<[email protected]> rejected RCPT <[email protected]>: Email blocked by SPAMCANNIBAL - to unblock see http://www.example.com/

The previous false positive was a business email hosting service called mailtrust:

2008-04-09 15:32:27 H=smtp138.iad.emailsrvr.com [207.97.245.138] F=<[email protected]> rejected RCPT <[email protected]>: Email blocked by SPAMCANNIBAL - to unblock see http://www.example.com/

Way to go Spam Cannibal...

 

[Tristan]

I don't like Spam Cannibal either, but blocking Gmail isn't that strange in the light of the recent Gmail CAPTCHA hack.

 

[fmortara]

I have commented the lines in the exim.conf file.
But if I update DA they will no update the exim.conf file?

PS, sorry for my english..

 

[fmortara]

Why for a spam message received exim sends a rejection email? Would not it be properly a filter that does not warn the spammers of the existence of the email?
Like Spamassassin?

 

[nobaloney]

Exim doesn't send a rrejection. It refuses to accept the email; the sending server notifies the sender that the email has been rejected. This is proper protocol according to relevant RFCs; mailservers are required to be responsible for all email they get; they should either deliver the email, or report it's undeliverability. Otherwise an innocent sender will never know his email is being rejected.

Jeff