flashproxy-reg-email detected as Kelihos botnet spam by the CBL (Composite Blocking List)
Since about 2015-12-01, the email that flashproxy-reg-email sends triggers a false-positive detection in the CBL (Composite Blocking List) which causes other email sent from the same IP address to be rejected by some recipients (including riseup.net). Shortly after flashproxy-reg-email running, the lookup page says something along the lines of: IP Address x.x.x.x is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet. It was last detected at 2015-12-07 03:00 GMT (+/- 30 minutes), approximately 3 hours, 30 minutes ago. This IP is infected (or NATting for a computer that is infected) with the kelihos spambot. In other words, it's participating in a botnet. Everything about Kelihos and botnets is false; through experiments and interaction with a CBL operator we isolated the cause to flashproxy-reg-email's messages.
An example of a bounce message caused by this error is: SMTP error from remote mail server after RCPT TO:...@riseup.net: host mx1.riseup.net [126.96.36.199]: 550 5.7.1 Service unavailable; client [x.x.x.x] blocked using zen.spamhaus.org
We should do something to avoid these false detections if possible.