Android, AT&T unable to post

Instead of emailing or messaging the Admins or Mods with technical support questions or comments about the site, we prefer you check here to see if someone else has had the same difficulty or has made the same suggestion. What you're after might have already been posted and addressed here or within the FAQ. If not, please post a detailed description of the problem/suggestion and someone from the HST team will address your needs shortly. If you can't login/post and are unable to reset your password on your own, you may contact us directly.
User avatar
frediver
Topix Regular
Posts: 268
Joined: Sat Jan 13, 2007 11:15 pm
Experience: N/A
Location: n.cal

Android, AT&T unable to post

Post by frediver »

I get a header that says by address is blocked by your anti-spam service?
I checked the listed fixes but nothing easy works, my setup is as advised
by the fixes.
I just find it odd that HST is the only forum I have ever had any difficulty
with. Even using my main laptop I have minor linking/reading issues when
I try to open a link to a instant notification thread message.
User avatar
ERIC
Your Humble Host & Forums Administrator
Your Humble Host & Forums Administrator
Posts: 3254
Joined: Fri Oct 28, 2005 9:13 am
Experience: Level 4 Explorer
Location: between the 916 and 661

Re: Android, AT&T unable to post

Post by ERIC »

frediver wrote:I get a header that says by address is blocked by your anti-spam service?
I checked the listed fixes but nothing easy works, my setup is as advised
by the fixes.
I just find it odd that HST is the only forum I have ever had any difficulty
with. Even using my main laptop I have minor linking/reading issues when
I try to open a link to a instant notification thread message.
Interesting. First I've heard of this issue. Is it a new issue? Can you please take a screenshot and post it? It may be a result of the pop-up window feature for new PM messages.
New members, please consider giving us an intro!
Follow us on Twitter @HighSierraTopix. Use hashtags #SIERRAPHILE #GotSierra? #GotMountains?
Follow us on Facebook: https://www.facebook.com/HighSierraTopix
User avatar
frediver
Topix Regular
Posts: 268
Joined: Sat Jan 13, 2007 11:15 pm
Experience: N/A
Location: n.cal

Re: Android, AT&T unable to post

Post by frediver »

Sorry can't I fixed that issue, It was just a warning from hotmail asking if the message was a safe site, Said it did not appear that this site was safe, click to see or mark mark as safe, I did.
But HST was the only from site that ever prompted that message.
I still have the spam site message on my cell blocking my address. I do use SMTP and TLS.
User avatar
AlmostThere
Topix Addict
Posts: 2724
Joined: Wed Jun 24, 2009 4:38 pm
Experience: Level 4 Explorer

Re: Android, AT&T unable to post

Post by AlmostThere »

I have that issue but it is intermittent.

Sent from my HTC Glacier using Tapatalk 2
User avatar
ERIC
Your Humble Host & Forums Administrator
Your Humble Host & Forums Administrator
Posts: 3254
Joined: Fri Oct 28, 2005 9:13 am
Experience: Level 4 Explorer
Location: between the 916 and 661

Re: Android, AT&T unable to post

Post by ERIC »

Are you both using Tapatalk to access?
New members, please consider giving us an intro!
Follow us on Twitter @HighSierraTopix. Use hashtags #SIERRAPHILE #GotSierra? #GotMountains?
Follow us on Facebook: https://www.facebook.com/HighSierraTopix
User avatar
ERIC
Your Humble Host & Forums Administrator
Your Humble Host & Forums Administrator
Posts: 3254
Joined: Fri Oct 28, 2005 9:13 am
Experience: Level 4 Explorer
Location: between the 916 and 661

Re: Android, AT&T unable to post

Post by ERIC »

I've attached the screenshot that Frediver provided. In this case, it appears your phone may be infected with a trojan and was automatically added (so not added by a person) to the list because of that infection.

Generally speaking, for those having this issue on a regular computer, you might consider downloading a free copy of Malwarebytes http://www.malwarebytes.org/" onclick="window.open(this.href);return false; to see if you can rid yourself of it. If using an iOS or Android phone, try Avast Antivirus, Antivirus Free by AVG, or Lookout Mobile Security.

Here's the info I was able to retrieve from Composite Blocking List (CBL) for your issue, Frediver:
IP Address 198.***.***.** is listed in the CBL. It appears to be infected with a spam sending trojan or proxy.

It was last detected at 2012-11-02 17:00 GMT (+/- 30 minutes), approximately 22 hours, 30 minutes ago.

This IP is infected with, or is NATting for a machine infected with Win32/Zbot (Microsoft).

This was detected by observing this IP attempting to make contact to a Zeus Command and Control server, with contents unique to Zeus C&C command protocols.

Zbot is known by other names: Wsnpoem (Symantec) and most commonly as Zeus.

Zbot/Zeus is a banking trojan, and specializes in stealing personal information (passwords, account information, etc) from interactions with banking sites through the use of "formgrabs".

To find these infections, search for TCP/IP connections going to IP address 87.255.51.229 or (less often) 82.165.47.44, usually destination port 80 or 443, but you should look for all ports. This detection corresponds to a connection at 2012-11-02 17:21:10 (GMT - this timestamp is believed accurate to within one second).

These infections are rated as a "severe threat" by Microsoft. It is a trojan downloader, and can download and execute ANY software on the infected computer.

You will need to find and eradicate the infection before delisting the IP address.

We strongly recommend that you DO NOT simply firewall off connections to the sinkhole IP addresses given above. Those IP addresses are of sinkholes operated by malware researchers. In other words, it's a "sensor" (only) run by "the good guys". The bot "thinks" its a command and control server run by the spambot operators but it isn't. It DOES NOT actually download anything, and is not a threat. If you firewall the sinkhole addresses, your IPs will remain infected, and they will STILL be delivering your users/customers personal information, including banking information to the criminal bot operators.

If you do choose to firewall these IPs, PLEASE instrument your firewall to tell you which internal machine is connecting to them so that you can identify the infected machine yourself and fix it.

We are enhancing the instructions on how to find these infections, and more information will be given here as it becomes available.

Virtually all detections made by the CBL are of infections that do NOT leave any "tracks" for you to find in your mail server logs. This is even more important for the viruses described here - these detections are made on network-level detections of malicious behaviour and may NOT involve malicious email being sent.

This means: if you have port 25 blocking enabled, do not take this as indication that your port 25 blocking isn't working.

The links above may help you find this infection. You can also consult Advanced Techniques for other options and alternatives. NOTE: the Advanced Techniques link focuses on finding port 25(SMTP) traffic. With "sinkhole malware" detections such as this listing, we aren't detecting port 25 traffic, we're detecting traffic on other ports. Therefore, when reading Advanced Techniques, you will need to consider all ports, not just SMTP.

Pay very close attention: Most of these trojans have extremely poor detection rates in current Anti-Virus software. For example, Ponmocup is only detected by 3 out of 49 AV tools queried at Virus Total.

Thus: having your anti-virus software doesn't find anything doesn't prove that you're not infected.

While we regret having to say this, downloaders will generally download many different malicious payloads. Even if an Anti-Virus product finds and removes the direct threat, they will not have detected or removed the other malicious payloads. For that reason, we recommend recloning the machine - meaning: reformatting the disks on the infected machine, and re-installing all software from known-good sources.
WARNING: If you continually delist 198.***.***.** without fixing the problem, the CBL will eventually stop allowing the delisting of 198.***.***.**.

If you have resolved the problem shown above and delisted the IP yourself, there is no need to contact us.

Click on this link to delist 198.***.***.**.
Attachments
screenshot
screenshot
New members, please consider giving us an intro!
Follow us on Twitter @HighSierraTopix. Use hashtags #SIERRAPHILE #GotSierra? #GotMountains?
Follow us on Facebook: https://www.facebook.com/HighSierraTopix
User avatar
frediver
Topix Regular
Posts: 268
Joined: Sat Jan 13, 2007 11:15 pm
Experience: N/A
Location: n.cal

Re: Android, AT&T unable to post

Post by frediver »

I tried the suggested fixes and they did not work.
I loaded up avast and ran it, zip.
I tried de-listing after running avast, zip
Ha-ha, is that a web address next to the warning above ??
User avatar
AlmostThere
Topix Addict
Posts: 2724
Joined: Wed Jun 24, 2009 4:38 pm
Experience: Level 4 Explorer

Re: Android, AT&T unable to post

Post by AlmostThere »

I've had the issue through the browser on the smartphone too, on a different forum. It isn't consistent enough that I've worried about it.

I doubt my phone is infected - the majority of the time, things work fine on both forums.
User avatar
ERIC
Your Humble Host & Forums Administrator
Your Humble Host & Forums Administrator
Posts: 3254
Joined: Fri Oct 28, 2005 9:13 am
Experience: Level 4 Explorer
Location: between the 916 and 661

Re: Android, AT&T unable to post

Post by ERIC »

Yes, that's your IP. I blocked it out for privacy.

Got your email. I'm really not sure what to tell you. I know you said you do not have any issues with any of the other forums you visit, however, I also find it equally peculiar that AT&T is apparently the only ISP (mobile or land-based) having an issue with this site. Also, why would spamhaus.org list your IP and maybe one or two others members' on HST, and nobody else? I'll be interested to see what Samsung/AT&T come back with that says that the issue is on our end. I just searched around the internet for any services that might be blocking/blacklisting this domain or its IP address, and could find none.

If you haven't already, I would forward what I quoted above to AT&T customer support.
New members, please consider giving us an intro!
Follow us on Twitter @HighSierraTopix. Use hashtags #SIERRAPHILE #GotSierra? #GotMountains?
Follow us on Facebook: https://www.facebook.com/HighSierraTopix
User avatar
AlmostThere
Topix Addict
Posts: 2724
Joined: Wed Jun 24, 2009 4:38 pm
Experience: Level 4 Explorer

Re: Android, AT&T unable to post

Post by AlmostThere »

I have Tmobile... Not sure that says anything. It's likely related to a particular bank of IP addresses.
Post Reply

Who is online

Users browsing this forum: No registered users and 13 guests