If this is an open WiFi hotspot, why can’t you allow basic web browsing, POP/IMAP, and SMTP port 587 but not 25, and block everything else?
I often find that at hotpots I can’t use telnet, SSH, Winbox, etc. Probably can’t connect to destination port 25 either. Heck, most regular ISPs block destination port 25. Open Internet should not apply to a coffee shop hotspot, I don’t think you are required to transport anything and everything in that situation. From: Eric Kuhnke Sent: Wednesday, April 27, 2016 8:58 PM To: [email protected] Subject: Re: [AFMUG] abuse reports on customer IPs If it is a customer that operates a open public wifi AP like a coffee shop, bar, restaurant, there is not a lot that you can do. Customer won't stop running open wifi, people won't stop bringing in infected laptops. No way to find out who has the infected laptops/devices. One possible solution if sufficient ARIN IP space is available is to put all such customers in their own special swamp netblock as static assignments. Consider that block forever sullied. On Wed, Apr 27, 2016 at 6:54 PM, That One Guy /sarcasm <[email protected]> wrote: I know its bad practice, I normally enjoy turning customers off, it makes me feel godlike and powerful, alot of times when i get to shut one off i go upstairs and drag mu woman from her bed by her hair to the kitchen to make me a sammich. but for whatever reason i like this customer On Wed, Apr 27, 2016 at 5:31 PM, Eric Kuhnke <[email protected]> wrote: Spam and botnet activity is far more harmful to the health of your network and the IP reputation of your netblocks than anything DMCA related. torrents and DMCA notifications don't hurt the network. Knowingly leaving something that is a repository of virii/worms/trojans online is just bad practice. On Wed, Apr 27, 2016 at 7:09 AM, That One Guy /sarcasm <[email protected]> wrote: We have a particular customer, We have been getting tons of abuse reports on their static IP, I assume we will never be able to wash this sullied IP clean. Theyre not really doing any harm to our network, or impacting others on the network, they are in full breach of our TOS, thats for sure. suprisingly, its primarily spam and botnet activity, but no DMCA. Is there any liability on us as an ISP to not address this affirmatively with the customer. Im going to contact them, may offer a leased fortigate UTM option. But if there isnt a resolution, other than their static IP residing on every blacklist can we get nailed? Its a good customer, pays their bill on time, worked with us through a service issue without the usual "gimme discounts and free shit or im going elsewhere" I dont want to HAVE to disconnect them if im not required to and theyre not impacting others if they cant or wont resolve the issues -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team. -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
