GreyListing Whitelist IP Ranges

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

GreyListing Whitelist IP Ranges

Post by ^DooM^ » 2006-12-05 22:01

I thought it would be a good idea to all post IP's that we have added (Commercial like ISP's and problem servers, not personal) to our greylist/whitelist and that I would try to maintain a list here to help eliminate delays due to greylisting and incompatible sending servers or multiple MTA's on different IP's.

Here is a list I have compiled so far that includes the list bazporter posted.

Code: Select all

207.171.168.* - Amazon.com (common pool)
207.171.180.* - Amazon.com (common pool)
207.171.187.* - Amazon.com (common pool)
207.171.188.* - Amazon.com (common pool)
207.171.190.* - Amazon.com (common pool)
204.107.120.* - Ameritrade (no retry)
205.188.139.136 - AOL Outgoing Mail Server
205.188.139.137 - AOL Outgoing Mail Server
205.188.144.207 - AOL Outgoing Mail Server
205.188.144.208 - AOL Outgoing Mail Server
205.188.156.66 - AOL Outgoing Mail Server
205.188.157.33 - AOL Outgoing Mail Server
205.188.157.34 - AOL Outgoing Mail Server
205.188.157.35 - AOL Outgoing Mail Server
205.188.157.36 - AOL Outgoing Mail Server
205.188.157.37 - AOL Outgoing Mail Server
205.188.157.38 - AOL Outgoing Mail Server
205.188.157.39 - AOL Outgoing Mail Server
205.188.157.40 - AOL Outgoing Mail Server
205.188.157.41 - AOL Outgoing Mail Server
205.188.157.42 - AOL Outgoing Mail Server
205.188.159.7 - AOL Outgoing Mail Server
64.12.137.1 - AOL Outgoing Mail Server
64.12.137.2 - AOL Outgoing Mail Server
64.12.137.3 - AOL Outgoing Mail Server
64.12.137.4 - AOL Outgoing Mail Server
64.12.137.5 - AOL Outgoing Mail Server
64.12.137.6 - AOL Outgoing Mail Server
64.12.137.7 - AOL Outgoing Mail Server
64.12.137.8 - AOL Outgoing Mail Server
64.12.137.9 - AOL Outgoing Mail Server
64.12.137.10 - AOL Outgoing Mail Server
64.12.137.11 - AOL Outgoing Mail Server
64.12.138.201 - AOL Outgoing Mail Server
64.12.138.202 - AOL Outgoing Mail Server
64.12.138.203 - AOL Outgoing Mail Server
64.12.138.204 - AOL Outgoing Mail Server
64.12.138.205 - AOL Outgoing Mail Server
64.12.138.206 - AOL Outgoing Mail Server
64.12.138.207 - AOL Outgoing Mail Server
64.12.138.208 - AOL Outgoing Mail Server
66.100.210.82 - Appscorp.net (Groupwise)
217.158.50.178 - AXKit mailing list (unique sender per attempt)
65.82.241.160 - BellSouth.net (Groupwise)
64.125.132.254 - collab.net (unique sender per attempt)
64.125.133.202 - collab.net (unique sender per attempt)
68.15.115.88 - cox.com (Groupwise)
216.157.204.5 - crt.net (Groupwise)
127.0.0.1 - Private network (Do not delay)
192.168.* - Private network (Do not delay)
66.135.197.* - Ebay (common pool)
66.135.209.* - Ebay (for time critical alerts)
216.239.32.* - gmail.com (common pool)
216.239.56.* - gmail.com (common pool)
64.233.162.* - gmail.com (common pool)
64.233.170.* - gmail.com (common pool)
64.233.182.* - gmail.com (common pool)
64.233.184.* - gmail.com (common pool)
66.249.82.* - gmail.com (common pool)
72.14.204.* - gmail.com (common pool)
204.60.8.162 - greywolftech.com (Groupwise)
12.107.209.244 - kernel.org (unique sender per mail)
66.27.51.218 - ljbtc.com (Groupwise)
64.124.204.39 - moveon.org (unique sender per attempt)
84.45.71.76 - MyFujiMail server (bad 451 handling)
213.136.52.31 - Mysql.com (unique sender)
211.29.132.* - optusnet.com.au (wierd retry pattern and more than one sender)
66.206.22.82 - PLEXOR
66.206.22.83 - PLEXOR
66.206.22.84 - PLEXOR
66.206.22.85 - PLEXOR
207.115.63.* - Prodigy (broken software that retries continually)
205.206.231.* - SecurityFocus.com (unique sender per attempt)
205.211.164.50 - sentex.ca (common pool)
64.7.153.18 - sentex.ca (common pool)
195.238.2.105 - skynet.be (wierd retry pattern, common pool)
195.238.2.124 - skynet.be (wierd retry pattern, common pool)
195.238.3.12 - skynet.be (wierd retry pattern, common pool)
195.238.3.13 - skynet.be (wierd retry pattern, common pool)
63.82.37.110 - SLmail
209.132.176.174 - sourceware.org (unique sender per mail)
12.5.136.141 - Southwest Airlines (unique sender, no retry)
12.5.136.142 - Southwest Airlines (unique sender, no retry)
12.5.136.143 - Southwest Airlines (unique sender, no retry)
12.5.136.144 - Southwest Airlines (unique sender, no retry)
63.169.44.143 - Southwest Airlines (unique sender, no retry)
63.169.44.144 - Southwest Airlines (unique sender, no retry)
209.104.63.* - Ticketmaster (poor retry config)
195.235.39.19 - Tid InfoMail Exchanger v2.20
66.162.216.166 - twtelecom.net (Groupwise)
66.89.73.101 - xo.com (Groupwise)
66.163.187.* - Yahoo Groups servers (common pool, no retry)
66.218.66.* - Yahoo Groups servers (common pool, no retry)
66.218.67.* - Yahoo Groups servers (common pool, no retry)
66.218.69.* - Yahoo Groups servers (common pool, no retry)
66.94.237.* - Yahoo Groups servers (common pool, no retry)
216.136.226.* - Yahoo Mail servers (common pool, no retry)
216.155.201.64 - Yahoo Mail servers (common pool, no retry)
216.155.201.65 - Yahoo Mail servers (common pool, no retry)
212.23.2.21 - Zen Internet (common Pool)
212.23.8.67 - Zen Internet (common Pool)
212.23.3.20 - Zen Internet (common Pool)
212.23.3.27 - Zen Internet (common Pool)
212.23.8.62 - Zen Internet (common Pool)
212.23.3.142 - Zen Internet (common Pool)
212.23.3.141 - Zen Internet (common Pool)
212.23.3.140 - Zen Internet (common Pool)
68.168.78.176 - Adelphia.net (Unique IP Common Pool)
68.168.78.177 - Adelphia.net (Unique IP Common Pool)
68.168.78.178 - Adelphia.net (Unique IP Common Pool)
68.168.78.179 - Adelphia.net (Unique IP Common Pool)
68.168.78.137 - Adelphia.net (Unique IP Common Pool)
68.168.78.175 - Adelphia.net (Unique IP Common Pool)
68.168.78.44 - Adelphia.net (Unique IP Common Pool)
68.168.78.180 - Adelphia.net (Unique IP Common Pool)
68.168.78.181 - Adelphia.net (Unique IP Common Pool)
68.168.78.182 - Adelphia.net (Unique IP Common Pool)
68.168.78.183 - Adelphia.net (Unique IP Common Pool)
68.168.78.184 - Adelphia.net (Unique IP Common Pool)
68.168.78.185 - Adelphia.net (Unique IP Common Pool)
68.168.78.186 - Adelphia.net (Unique IP Common Pool)
68.168.78.187 - Adelphia.net (Unique IP Common Pool)
68.168.78.188 - Adelphia.net (Unique IP Common Pool)
68.168.78.189 - Adelphia.net (Unique IP Common Pool)
68.168.78.190 - Adelphia.net (Unique IP Common Pool)
68.168.78.191 - Adelphia.net (Unique IP Common Pool)
68.168.78.192 - Adelphia.net (Unique IP Common Pool)
68.168.78.193 - Adelphia.net (Unique IP Common Pool)
68.168.78.194 - Adelphia.net (Unique IP Common Pool)
68.168.78.195 - Adelphia.net (Unique IP Common Pool)
68.168.78.196 - Adelphia.net (Unique IP Common Pool)
68.168.78.197 - Adelphia.net (Unique IP Common Pool)
68.168.78.198 - Adelphia.net (Unique IP Common Pool)
68.168.78.199 - Adelphia.net (Unique IP Common Pool)
68.168.78.200 - Adelphia.net (Unique IP Common Pool)
68.168.78.201 - Adelphia.net (Unique IP Common Pool)
68.168.78.202 - Adelphia.net (Unique IP Common Pool)
68.168.78.203 - Adelphia.net (Unique IP Common Pool)
68.168.78.204 - Adelphia.net (Unique IP Common Pool)
68.168.78.205 - Adelphia.net (Unique IP Common Pool)
68.168.78.206 - Adelphia.net (Unique IP Common Pool)
68.168.78.207 - Adelphia.net (Unique IP Common Pool)
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

User avatar
danny6167
Senior user
Senior user
Posts: 472
Joined: 2007-02-07 15:24
Location: Western Australia
Contact:

Post by danny6167 » 2007-11-28 05:46

Are there any services that provide this as a download able text file.
If not i could set up a web site that allows people to submit non grey list friendly servers so we can keep them in one easy to access place.

Would any one be interested?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-28 10:52

Hey Danny,

I started to work on that very idea after i put this post up but been a bit busy lately to work on it :)

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-28 11:26

Yes this is exactly what I ment :)

So how is the process going so far?

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-28 11:29

What would be good though is something like the following:
if there ´d be a server which is updated regularly and an option in hmail or a script that allows user to update his or her greylisting table according this online table. What do you think

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-28 11:34

The problem with a system like this if it was made public is there would be no way (That I can currently think of) to do either of the following.

1) Easily verify that the servers being entered are broken/missbehaving

2) that the person submitting the entry wasn't a spammer just listing his servers to bypass peoples greylisting.

So I kinda gave up on developing it :)

User avatar
danny6167
Senior user
Senior user
Posts: 472
Joined: 2007-02-07 15:24
Location: Western Australia
Contact:

Post by danny6167 » 2007-11-28 12:22

Well with all anti spam measures we could have a capata or what ever the hell they call it and an QA group to verify the entry's before they become active on the list.

We could ask that they provide information like the email domain that the server handles and where they found the information of the mail server pool.

Also one idea is having a account required to add entrys witch yould require account activation by email.

Although this would require people to view and do some amount of verification of the entry's.

If some people would like to volunteer to be on the QA team i will start the project.

User avatar
danny6167
Senior user
Senior user
Posts: 472
Joined: 2007-02-07 15:24
Location: Western Australia
Contact:

Post by danny6167 » 2007-11-28 12:36

^DooM^ wrote:The problem with a system like this if it was made public is there would be no way (That I can currently think of) to do either of the following.

1) Easily verify that the servers being entered are broken/missbehaving

2) that the person submitting the entry wasn't a spammer just listing his servers to bypass peoples greylisting.

So I kinda gave up on developing it :)

Could we some how force a NDR? that might help verify if it is greay listing friendy
[Destiny = Desternation] [Desternation = Last Stop] [Last Stop = Death]
So you destiny doesn't really matter, its what you do before you get there.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-28 13:02

No You can't make another email server send you a message. Some servers may produce an NDR but that is not exactly accurate :) You can't go and ask the admin "Hey mate I have been told your email servers are broken, is that true" You will most likely be ignored.

I'll help out if you can come up with a decent design and solution to the above issues..

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-28 17:21

First why do we let everybody publish their whitelist? We just want to bulid a list containing commun for everybody IPs which are like google yahoo etc.. afterwards if I got some customers that I´m expecting mail from then I simply add em to my private list?

The idea is even if an IP from an institute from Sweden for instance is not a spam IP anyway I probably won´t get huge amount of e-mails from this IP therefore makes no sense for me to put it on my list. So better they send it again and the performance of the list is still high.

Another thing is hack protection. For example eventhough I´ve set an e-mail server where no one is allowed to send spam it´s obvious that the probability of it´s being hacked and used for spam is way more than google´s. Consequently if we make a public whitelist then there should be a scoring system as well.

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-28 20:02

This just seems like a fruitless job to me guys.

We may as well just keep adding to the list above and write an import script so people can add the records.

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-28 21:23

So what do you mean does it worth to try or not? Do we do or not? I'm in a contradiction with your two sentences :)

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-28 21:51

I mean it seems like a lot of effort for little gain to build a website dedicated to faulty mail servers :)

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-28 23:51

Come on man it doesn't have to be a website, an addition to this forum DB should be enough.

I would gladly do it but I don't know php... But if there is a will to develope a larger application in asp.net then I would again gladly try to give my best ;)

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-30 01:32

There maybe a button in hMailServer or an add-on like 'syncronize whitelist' and it automatically writes to the hMail DB whitelist table?

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-30 10:57

Maybe also a check box for update automatically? Come on guys...

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-30 16:11

This seems a little specialist. Integrating this into hmail would not be a great idea. A better solution would be a script using the COM API that is scheduled with a cron job to auto download, parse and import.

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-30 21:22

Sure, so what should the table contain?
index, IP range, description?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-11-30 21:46

It doesn't except an IP range only IP's with wildcard unfortunately as shown in the list above which means you have to list every server pretty much.

If you are talking about a structure for a database then I would add the following.

UniqueID - (int(10) unsigned (Auto Increment))
IP - varchar(64)
Owner - varchar(128)
Comment - (text)
DateAdded - (datetime)
Active (tinyint(1) unsigned)

That should cover all bases.

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-11-30 22:54

What about splitting IP in 4 columns? would that be helpfull?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-12-01 00:56

No that would mean more work for the script/SQL server

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-01 11:31

Ok then here we go:

Code: Select all

USE [DB_NAME]
GO
/****** Object:  Table [dbo].[prefix_Whitelist]    Script Date: 12/01/2007 10:29:46 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
SET ANSI_PADDING ON
GO
CREATE TABLE [dbo].[prefix_Whitelist](
	[prefix_ID] [int] IDENTITY(1,1) NOT NULL,
	[prefix_IP] [varchar](64) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL,
	[prefix_owner] [nvarchar](128) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
	[prefix_comment] [varchar](max) COLLATE SQL_Latin1_General_CP1_CI_AS NULL,
	[prefix_dateAdded] [datetime] NOT NULL CONSTRAINT [DF_prefix_Whitelist_prefix_dateAdded]  DEFAULT (getdate()),
	[prefix_activeLED] [bit] NOT NULL CONSTRAINT [DF_prefix_Whitelist_prefix_activeLED]  DEFAULT ((1)),
 CONSTRAINT [PK_prefix_Whitelist] PRIMARY KEY CLUSTERED 
(
	[prefix_ID] ASC
)WITH (PAD_INDEX  = OFF, STATISTICS_NORECOMPUTE  = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS  = ON, ALLOW_PAGE_LOCKS  = ON) ON [PRIMARY]
) ON [PRIMARY]

GO
SET ANSI_PADDING OFF

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-12-01 12:19

I am not entirely sure why you have written that?

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-01 14:01

Heheeh me neither.
Ain't you gonna add it?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-12-01 20:09

Add it to what?

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-01 20:34

I donno you tell me :) maybe to this forum? or in comunity part?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-12-01 21:36

As I said doing this seems like a lot of effort for little gain. If you want to build a website or database for these whitelisted mail servers then by all means be my guest. I personally think its a waste of time. Would be just as easy to add the list to a CSV file for download.

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-02 00:28

Man if you say so then let's do it so and write those in a csv, or if u have an asp.net 2.0 base I can code it and u host?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-12-02 03:34

Nope i only use PHP :) never been a fan of asp.

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-02 11:37

:) so let´s do this CSV file

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-02 11:38

I have never done that though, is it simply coma seperated text file?

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Post by ^DooM^ » 2007-12-02 13:18

Yes.

Kaan1983
Senior user
Senior user
Posts: 595
Joined: 2007-01-30 16:26
Location: TÜRKIYE

Post by Kaan1983 » 2007-12-02 18:29

Ok I did the file but how and where should I send it and how are we gonna improve it?

tkron
New user
New user
Posts: 7
Joined: 2007-10-18 01:41

Post by tkron » 2008-01-09 06:29

i tried creating a script for the grey listing whitelist in MSSQL it did not appear in the list with the others manually entered in hms.

any suggestions? thats alot of manual adding

Post Reply