Hello Barry,
Thanks for your blog.
I plan to block some ports on our router, which are shown in your blog.
> Step 1 on the list …. Deploy Exploitable Port Filtering on the edge of
> your network ….
>
Some of our routers use Linux as the operating system, so I plan to use
nftables to make some
21, 2023 at 8:00 AM wrote:
>
>> Message: 19
>> Date: Mon, 20 Mar 2023 16:24:09 -0400
>> From: ay...@august.tw
>> To: Collider
>> Cc: nanog@nanog.org
>> Subject: Re: Spamhaus flags any IP announced by our ASN as a
>> crim
;
> >
> > Regards
> > George
> >
> > On Tue, Mar 21, 2023 at 8:00 AM wrote:
> >
> >> Message: 19
> >> Date: Mon, 20 Mar 2023 16:24:09 -0400
> >> From: ay...@august.tw
> >> To: Collider
> >> Cc: nanog@nan
by
one or more network operators... single routing policy"
Regards
George
On Tue, Mar 21, 2023 at 8:00 AM wrote:
Message: 19
Date: Mon, 20 Mar 2023 16:24:09 -0400
From: ay...@august.tw
To: Collider
Cc: nanog@nanog.org
Subject: Re: Spamhaus flags any IP announced by our ASN as a
crimina
00
> From: ay...@august.tw
> To: Collider
> Cc: nanog@nanog.org
> Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal
> network
> Message-ID: <5b7ed1b1fbff65dfc63d188c2e1f9...@august.tw>
> Content-Type: text/plain; charset=UTF-8; format=flowed
>
>
Why not?
DUHL from sorbs is very similar to PBL from spamhaus.
A decade ago, when I was working on a mid size hosting company we used
duhl from sorbs as a way to force residential customers to use submission
instead of smtp to connect to the server. It proved more useful than any
documentation
. Spamhaus is not the only one providing easy tools to help organizations deploy “danger do not go there” list. Step 1 on the list …. Deploy Exploitable Port Filtering on the edge of your network ….Filtering Exploitable Ports and Minimizing Risk from the Internet and from Your Customerssenki.orgThe other
> Date: Mon, 20 Mar 2023 14:15:08 -0700
> From: Randy Bush
> Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal network
>
(...)
>
> we reject automagically on spamhaus, mail-abuse.org, and sorbs. really
> appreciate their services.
>
> randy
>
Sorbs? Really? *doh*
#m
this company(s) is in the business of spam. they're just trying to
game nanog. discussing further a waste of pixels.
ranady
On Mon, Mar 20, 2023 at 7:08 PM Brandon Zhi wrote:
>
> Our person in charge has consulted with their previous person in charge, and
> their response is this.
you are talking up the discussion with the wrong folks, really.
Please go see the spamhaus folk directly.
the email that
spamhouse thinks they're not doing it
On 2023年3月21日周二 上午5:15 Randy Bush wrote:
> >> I don't think any ISP would reject an IP that is on the Spamhaus
> >> list.
> > you, clearly, have been living under several rocks for a very long
> > time.
>
>> I don't think any ISP would reject an IP that is on the Spamhaus
>> list.
> you, clearly, have been living under several rocks for a very long
> time.
we reject automagically on spamhaus, mail-abuse.org, and sorbs. really
appreciate their services.
randy
third parties, IP
>hijacking, and malicious path prepending.
>
>Given this history, it is not surprising that Spamhaus would blacklist IP
>addresses associated with their ASN. In my opinion, such action is
>well-justified.
>
>Best regards,
>August Yang
>
>On 2023-03-20
Several Huize ASNs, e.g. AS47158 and AS141011, were revoked due to RIR
policy violations, which include prohibited sharing of ASNs with third
parties, IP hijacking, and malicious path prepending.
Given this history, it is not surprising that Spamhaus would blacklist
IP addresses associated
Why do two different companies with what should be independent networks share
an AS number?
On 20 March 2023 18:20:08 UTC, Aaron Wendel wrote:
>The solution to your problem is to terminate the customer causing the abuse,
>in this case 62yun.com. Once you do that I'm sure Spamhaus wil
The solution to your problem is to terminate the customer causing the
abuse, in this case 62yun.com. Once you do that I'm sure Spamhaus will
stop listing all your IPs.
Aaron
On 3/20/2023 6:54 AM, Brandon Zhi wrote:
It seems you've reached the point that they ignore specific
Brandon Zhi writes:
> Well, those prefixes are not for their VPS hosting service (which cause a
> lot of complaint). Just like there are many IP addresses under the
> telecommunication company, the entire ASN cannot be "blocked" just because
> there is a complaint on one IP address
April came
On Mon, Mar 20, 2023 at 7:56 AM Brandon Zhi wrote:
> Well, those prefixes are not for their VPS hosting service
> (which cause a lot of complaint). Just like there are many IP
> addresses under the telecommunication company, the entire
> ASN cannot be "blocked" just because there is a complaint
>
gt;
>> <https://www.linkedin.com/company/midwest-internet-exchange>
>> <https://twitter.com/mdwestix>
>> The Brothers WISP <http://www.thebrotherswisp.com/>
>> <https://www.facebook.com/thebrotherswisp>
>> <https://www.youtube.com/channel/UCXSd
d as a bad actor.
We all have a role to play keeping our networks clean and positive members
of the internet community.
Might be time to have your customer / partner clean up their actions in
response to complaints or ensure that you don’t need a good reputation with
spamhaus to operate.
Regards
LwntZg>
> --
> *From: *"Brandon Zhi"
> *To: *"Christopher Morrow"
> *Cc: *nanog@nanog.org
> *Sent: *Monday, March 20, 2023 9:43:19 AM
> *Subject: *Re: Spamhaus flags any IP announced by our ASN as a criminal
> network
>
&
n Zhi"
To: "Christopher Morrow"
Cc: nanog@nanog.org
Sent: Monday, March 20, 2023 9:43:19 AM
Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal network
Yes, for those prefixes are used to hosting service have been listed for a long
time. However, for those new prefixes tha
20, 2023 at 9:51 AM Brandon Zhi wrote:
>
> > I don't think any ISP would reject an IP that is on the Spamhaus list.
>
> you, clearly, have been living under several rocks for a very long time.
>
On Mon, Mar 20, 2023 at 9:51 AM Brandon Zhi wrote:
> I don't think any ISP would reject an IP that is on the Spamhaus list.
you, clearly, have been living under several rocks for a very long time.
- Original Message -
From: "Brandon Zhi"
To: "Tim Burke"
Cc: nanog@nanog.org
Sent: Monday, March 20, 2023 6:54:41 AM
Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal network
It seems you've reached the point that they ignore specific pre
ey have been
handling them (their head said their team is not good at English and so
they did not reply emails)
For me, I cannot reply to all emails for them, since I don't have that much
time. I also need to work for my company.
> As I understand it, most things at Spamhaus are manual determ
Have you received complaints from Spamhaus in the past? If so, have you acted
on them in a timely manner?
Based on my past experiences, Spamhaus is rather gracious at first, but if you
ignore them, they will start blocking you en masse. About 10 years ago, I
worked for a datacenter/NSP
tering.
>>> I would like to ask if this is manually set by Spamhaus or is the system
>>> misjudgment? Has anyone encountered the same situation as us?
As I understand it, most things at Spamhaus are manual determinations.
You click on "show details" and they give you a li
afaik, spamhaus starts to mark a whole AS as criminal, if there is to
much abuse.
It seems you've reached the point that they ignore specific prefixes and
set every prefix you are advertising as criminal.
Am 19.03.2023 um 06:35 schrieb Brandon Zhi:
However, for those prefixes
https
covered that any IP address announced by our ASN is
>> blacklisted by Spamhaus, even if we only announced it but not use it.
>>
>> I would like to ask if this is manually set by Spamhaus or is the system
>> misjudgment? Has anyone encountered the same situation as us?
>
;
> We recently discovered that any IP address announced by our ASN is
> blacklisted by Spamhaus, even if we only announced it but not use it.
>
> I would like to ask if this is manually set by Spamhaus or is the system
> misjudgment? Has anyone encountered the same situation as us?
>
Hello guy,
We recently discovered that any IP address announced by our ASN is
blacklisted by Spamhaus, even if we only announced it but not use it.
I would like to ask if this is manually set by Spamhaus or is the system
misjudgment? Has anyone encountered the same situation as us?
Best
Linford
The Spamhaus Project
https://www.spamhaus.org
> On 23 Jul 2021, at 09:08, Siyuan Miao wrote:
>
> Hi All,
>
> One of our ASNs has been listed in the Spamhaus ASN-DROP list before it was
> assigned to us.
>
> We emailed them last year but didn't get a res
om:* NANOG on behalf of
> Siyuan Miao
> *Sent:* Friday, July 23, 2021 12:38:16 PM
> *To:* North American Network Operators' Group
> *Subject:* Spamhaus ASN-DROP list
>
> Hi All,
>
> One of our ASNs has been listed in the Spamhaus ASN-DROP list before it
> was assigned to
It's ASN, not IPv4 prefix.
From: NANOG On Behalf Of Suresh
Ramasubramanian
Sent: Friday, July 23, 2021 3:21 PM
To: Siyuan Miao ; North American Network Operators' Group
Subject: Re: Spamhaus ASN-DROP list
This is probably an ex afrinic stolen block?
In which case it's for afrinic to sort
This is probably an ex afrinic stolen block?
In which case it’s for afrinic to sort out and reclaim
--srs
From: NANOG on behalf of Siyuan
Miao
Sent: Friday, July 23, 2021 12:38:16 PM
To: North American Network Operators' Group
Subject: Spamhaus ASN-DROP list
Hi All,
One of our ASNs has been listed in the Spamhaus ASN-DROP list before it was
assigned to us.
We emailed them last year but didn't get a response. Could anyone from
Spamhaus contact us off the list?
Best Regards,
Siyuan
and legality of Spamhaus vs. unfounded accusations
by Elad Cohen
PHISHING ALERT
This email has been sent from an account outside of the BAE Systems network.
Be aware that this could be a phishing attempt. For more guidance, search
"phishing email" on Connect. If you think this is
> https://www.scribd.com/document/445894312/Spamhaus-Illegal-Private-Data-Violation
>
> <https://www.scribd.com/document/445894312/Spamhaus-Illegal-Private-Data-Violation>
You keep claiming that they receive this data in an illegal way, yet have not
substantiated that claim with any a
> From: dimit...@outlook.com
> To: nanog@nanog.org
> Subject: Looking for Spamhaus contact
> Date: Mon, 29 Aug 2016 16:35:45 +0200
>
> Hi,
>
>
> Could somebody from Spamhaus contact me offlist?
>
> I've run in the case "[CIDR] conflicts with other PBL mas
Hi,
Could somebody from Spamhaus contact me offlist?
I've run in the case "[CIDR] conflicts with other PBL master records" where the
whole range previously seems to have belonged to another ISP who has returned
the range to RIPE. However they still have it liste
On 16/10/2015 22:07, Jason Baugher wrote:
I felt I should mention, Spamhaus was quick to respond to my email and gave
me excellent information on what was triggering the blacklisting.
Can you please share about it?
Eliezer
>WAIT A MINUTE! "CBL" is not "Spamhaus", is it?!
>
>http://www.abuseat.org/
Yes, it is. Informally it was for a very long time via the Spamhaus
XBL. Now it's explicit.
There's not much practical difference, and the same people are running
it.
R's,
John
I felt I should mention, Spamhaus was quick to respond to my email and gave
me excellent information on what was triggering the blacklisting.
On Thu, Oct 15, 2015 at 1:29 PM, Larry Sheldon <larryshel...@cox.net> wrote:
> On 10/15/2015 13:27, Larry Sheldon wrote:
>
>> On 10/15
On 10/15/2015 00:27, Jason Baugher wrote:
Sorry to clutter up this list with an email issue, but hopefully someone is
here from Spamhaus that can contact me off-list. I have a customer whose IP
keeps getting listed in the CBL, and even after doing packet captures of
everything in and out
On 10/15/2015 12:32, Larry Sheldon wrote:
On 10/15/2015 00:27, Jason Baugher wrote:
Sorry to clutter up this list with an email issue, but hopefully
someone is
here from Spamhaus that can contact me off-list. I have a customer
whose IP
keeps getting listed in the CBL, and even after doing
On 10/15/2015 13:27, Larry Sheldon wrote:
On 10/15/2015 12:32, Larry Sheldon wrote:
On 10/15/2015 00:27, Jason Baugher wrote:
Sorry to clutter up this list with an email issue, but hopefully
someone is
here from Spamhaus that can contact me off-list. I have a customer
whose IP
keeps getting
I managed to read through there and miss it, I'll never know.
On Thu, Oct 15, 2015 at 12:32 PM, Larry Sheldon <larryshel...@cox.net>
wrote:
> On 10/15/2015 00:27, Jason Baugher wrote:
>
>> Sorry to clutter up this list with an email issue, but hopefully someone
>>
Sorry to clutter up this list with an email issue, but hopefully someone is
here from Spamhaus that can contact me off-list. I have a customer whose IP
keeps getting listed in the CBL, and even after doing packet captures of
everything in and out of their network, I still can't find a reason
- Original Message -
From: Jaren Angerbauer jarenangerba...@gmail.com
To: nanog@nanog.org nanog@nanog.org
Cc:
Sent: Friday, July 31, 2015 2:28 PM
Subject: Re: Working with Spamhaus
Hi,
As for SORBS, I'm not aware of anyone that uses it these days because of
the extortion thing
- Original Message -
From: Randy randy_94...@yahoo.com
To: Jaren Angerbauer jarenangerba...@gmail.com; nanog@nanog.org
nanog@nanog.org
Cc:
Sent: Friday, July 31, 2015 9:53 PM
Subject: Re: Working with Spamhaus
- Original Message -
From: Jaren Angerbauer jarenangerba
It's what they call a free country
Those that don't use it don't use it, and those who do are free to do so
--srs
On 31-Jul-2015, at 4:56 PM, Ricky Beam jfb...@gmail.com wrote:
On Fri, 31 Jul 2015 17:28:34 -0400, Jaren Angerbauer
jarenangerba...@gmail.com wrote:
I work for Proofpoint --
From: Ricky Beam jfb...@gmail.com
Sent: Thursday, July 30, 2015 6:41 PM
To: Michael O Holstein
Subject: Re: Working with Spamhaus
On Thu, 30 Jul 2015 09:59:55 -0400, Michael O Holstein
michael.holst...@csuohio.edu wrote:
100 spammy messages isn't enough to get you in trouble, as long
As for SORBS, I'm not aware of anyone that uses it these days
many folk do
randy
On Sat, 01 Aug 2015 04:48:11 +0900, Randy Bush said:
As for SORBS, I'm not aware of anyone that uses it these days
many folk do
Many of them your competitors? :) (Sorry, couldn't resist :)
pgpO2jdXrpYvy.pgp
Description: PGP signature
Hi,
As for SORBS, I'm not aware of anyone that uses it these days because of
the extortion thing and the rather ..ahem .. eccentric nature of it's
owner.
and
I see you've never had the pleasure of dealing with SORBS. All it takes is
*ONE* message - EVER - to be instantly, and forever,
On Fri, Jul 31, 2015 at 5:28 PM, Jaren Angerbauer
jarenangerba...@gmail.com wrote:
I work for Proofpoint -- we acquired SORBS back in 2011. There is
delisting (via SORBS support ticket). Additionally, there is NO CHARGE to
be delisted.
Hi Jaren,
The big problem I remember with SORBS from my
On Fri, 31 Jul 2015 valdis.kletni...@vt.edu wrote:
On Sat, 01 Aug 2015 04:48:11 +0900, Randy Bush said:
As for SORBS, I'm not aware of anyone that uses it these days
many folk do
Many of them your competitors? :) (Sorry, couldn't resist :)
Is that to be encouraged?
:)
On Fri, 31 Jul 2015 17:28:34 -0400, Jaren Angerbauer
jarenangerba...@gmail.com wrote:
I work for Proofpoint -- we acquired SORBS back in 2011.
Hint: The Internet has a LONG memory.
The liberal and numerous dropping of for free makes me laugh. You knew
the tainted nature of what you were
a day, and 100 spammy messages
isn't enough to get you in trouble, as long as it stops there.
We have a /16 where most of our stuff lives and have moved things around a bit
.. Spamhaus was pretty easy to deal with, as were the other major players (MS,
Google, AOL, Yahoo) by just filling out
If you implement SPF / DKIM / DMARC / ADSP, force your customers to
relay their mail through something you control, and show them you are
serious about stopping the spam they may work with you then. Otherwise,
they just assume you're a spam house.
Would be nice to have an RBL service that attended NANOG meetings.
Would make for a more trusted RBL we can tell customers to make use.
Spamhaus ever attend a NANOG meetings ?
Thank You
Bob Evans
CTO
On Tue, Jul 28, 2015 at 11:41:08PM -0600, Bryan Tong wrote:
Yes that is part
to make use. Spamhaus ever attend a NANOG meetings ?
Thank You Bob Evans CTO
- --
Paul Ferguson
PGP Public Key ID: 0x54DC85B2
Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iF4EAREIAAYFAlW5DBsACgkQKJasdVTchbIznQD/ac
—srs
On 29-Jul-2015, at 10:06 AM, Bob Evans b...@fiberinternetcenter.com wrote:
Would be nice to have an RBL service that attended NANOG meetings.
Would make for a more trusted RBL we can tell customers to make use.
Spamhaus ever attend a NANOG meetings ?
Thank You
Bob Evans
CTO
. Spamhaus ever attend a NANOG meetings ? Thank You
Bob Evans CTO
- --
Paul Ferguson
PGP Public Key ID: 0x54DC85B2
Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iF4EAREIAAYFAlW5C
I see that point - however, spamhaus has become a haus-hold word these
days and everyone runs into these issuesits not malware or bots we
block from a network level blackhole. Yet it is basic network operations
these days to have to deal with someone complaining about their hacked
mail server
rsync spamhaus and grep for mentions of your ASN, get ISP feedback
loops etc.
On a larger topic - NANOG and M3AAWG (also RIPE and M3AAWG’s summer meeting in
Europe) really ought to collocate or at least be back to back in the same city
somewhere down the line - maybe with a day’s worth of joint
On Wed, 29 Jul 2015, Bob Evans wrote:
Would be nice to have an RBL service that attended NANOG meetings.
Would make for a more trusted RBL we can tell customers to make use.
How do you know they don't? Most of them keep a low profile due to things
like
On Wed, 29 Jul 2015, Bob Evans wrote:
I see that point - however, spamhaus has become a haus-hold word these
days and everyone runs into these issuesits not malware or bots we
block from a network level blackhole. Yet it is basic network operations
these days to have to deal with someone
On 7/29/2015 00:58, Larry Sheldon wrote:
On 7/29/2015 00:37, Matt Palmer wrote:
I suspect that http://www.spamhaus.org/query/ip/199.87.233.245 may be
part
of it (although it indicates a /21 blocked, not a /17).
And the removal instructions for that range (SBL) seems crystal clear to
me, but
On 07/28/2015 08:06 PM, Bryan Tong wrote:
Hello All,
SpamHaus has done us the favor of blacklisting all of our prefixes due to
the issues with handful of IPs from customers we have removed from our
network.
They are now being unresponsive on helping us get these listings removed
and we have
On 7/29/2015 00:37, Matt Palmer wrote:
I suspect that http://www.spamhaus.org/query/ip/199.87.233.245 may be part
of it (although it indicates a /21 blocked, not a /17).
And the removal instructions for that range (SBL) seems crystal clear to
me, but long experience teaches that what is
Yes Larry,
I have followed those instructions without a response.
So I was curious what to do when no response is given. I will wait longer
and see. Sorry if anything I have done has upset you.
Thanks
On Wed, Jul 29, 2015 at 12:03 AM, Larry Sheldon larryshel...@cox.net
wrote:
On 7/29/2015
decent history of what Spamhaus has been doing. Note the
(escalation) entries in there, which indicates a lack of interest on
esited.com's part in fixing any of the problems.
- Matt
On Tue, Jul 28, 2015 at 11:39 PM, Bryan Tong cont...@nullivex.com wrote:
I wouldnt have such a disheartened attitude if they would have been
specific or given time to comply.
eSited LLC
(701) 390-9638
Hi Brian,
eSited has 37 unresolved spam listings with Spamhaus, all documented
and some
Hello!
Completely agree with Larry. I'm enough big hosting provider and we
have multiple spam issues every day. But we fix they ASAP before any
folks from SpamHaus become angry :)
So we still have 1-2 abuses from SpamHaus every few weeks. But we
resolve they in few hours and we haven't any
On 7/28/2015 22:06, Bryan Tong wrote:
If anyone has any advice on how to deal with these people. Please let me
know here or off list.
Based on years of experience, the very best way is don't. Don't
profit from spam, and as a result don't deal with Spamhaus at all.
--
sed quis custodiet
Hello,
Yes I have followed all of the procedures. I will continue to wait to see
if there is any change.
Thanks
On Tue, Jul 28, 2015 at 9:53 PM, Larry Sheldon larryshel...@cox.net wrote:
On 7/28/2015 22:39, Bryan Tong wrote:
Well,
I wouldnt have such a disheartened attitude if they would
...@nullivex.com
Date: 07/28/2015 8:06 PM (GMT-07:00)
To: nanog@nanog.org
Subject: Working with Spamhaus
Hello All,
SpamHaus has done us the favor of blacklisting all of our prefixes due to
the issues with handful of IPs from customers we have removed from our
network.
They are now being
to work pretty hard to get a /17 listed.
Don't profit from spam, and as a result don't deal with Spamhaus at all.
Yep.
Some days NANOG sounds like NANA-E.
--
sed quis custodiet ipsos custodes? (Juvenal)
Yes that is part of it.
There are other blocks they listed as well.
On Tue, Jul 28, 2015 at 11:37 PM, Matt Palmer mpal...@hezmatt.org wrote:
On Tue, Jul 28, 2015 at 11:13:02PM -0500, Larry Sheldon wrote:
On 7/28/2015 22:57, Bryan Tong wrote:
Yes I have followed all of the procedures. I
@nanog.org
Subject: Working with Spamhaus
Hello All,
SpamHaus has done us the favor of blacklisting all of our prefixes due to
the issues with handful of IPs from customers we have removed from our
network.
They are now being unresponsive on helping us get these listings removed
and we have a lot
On Tue, Jul 28, 2015 at 11:13:02PM -0500, Larry Sheldon wrote:
On 7/28/2015 22:57, Bryan Tong wrote:
Yes I have followed all of the procedures. I will continue to wait to see
if there is any change.
Would you please send me the address range in question--I would like to see
what they told
On 7/28/2015 22:39, Bryan Tong wrote:
Well,
I wouldnt have such a disheartened attitude if they would have been
specific or given time to comply.
I find listing an entire /17 without cause or a report to back it up an
unjust action.
Have you tried the widely known services they provide?
Hello All,
SpamHaus has done us the favor of blacklisting all of our prefixes due to
the issues with handful of IPs from customers we have removed from our
network.
They are now being unresponsive on helping us get these listings removed
and we have a lot of legitimate customers who
On 7/28/2015 22:57, Bryan Tong wrote:
Yes I have followed all of the procedures. I will continue to wait to see
if there is any change.
Would you please send me the address range in question--I would like to
see what they told you to do.
--
sed quis custodiet ipsos custodes? (Juvenal)
profit from spam, and as a result don't deal with Spamhaus at all.
Yep.
-Dan
there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated in
advance.
We use Spamhaus DROP (not the BGP version: our software asks a human to
review each
On Sun, May 17, 2015 at 7:50 AM, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated in
advance
How much false positives (i.e. blackholing traffic users want to reach)?
On 18.05.15 21:04, Marco d'Itri wrote:
On May 17, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your
21:04, Marco d'Itri wrote:
On May 17, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated
On May 17, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated in
advance.
We use Spamhaus
Howdy!
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated in
advance.
Thank You,
Mike
--
Mike Lyon
408-621-4826
mike.l
On Aug 21, 2014, at 12:51 PM, Tarko Tikan ta...@lanparty.ee wrote:
hey,
My home IP is in both the PBL and the SORBS DUL and I have no trouble
using ebay or paypal.
Thanks for confirmation.
Given that the problem range is in Estonia, I expect that it's some
combination of abuse from
hey,
Yeah - funny…it's been years since I heard of specific Estonian issues (and
caveat - I am estonian and know
Tarko). Back in 2007 there were plenty of problems but many have been cleaned
up. Some took a few years.
Still waiting for examples. I can say for sure that none of the major
hey,
For a while now, we have been getting complains from our broadband
customers about not being able to reach ebay.com/paypal.com
We have nailed it down to some small prefixes and they are all listed in
SORBS DUHL / Spamhaus PBL and have been listed for ages. These are
indeed dynamic IP
/ Spamhaus PBL and have been listed for ages. These are indeed
dynamic IP pools and should not send any email (not that SMTP has anything to
do with HTTP).
For some reason, it looks like ebay/paypal is now blocking HTTP access based
on these blacklists.
That seems really unlikely
That seems really unlikely. If they were blocking access purely due to it
being from dynamically assigned ranges,
someone else would have noticed.
My home IP is in both the PBL and the SORBS DUL and I have no trouble
using ebay or paypal.
Given that the problem range is in Estonia, I expect
hey,
Can you share the data that makes you think it's the former?
I can't say I'm absolutely sure, hence the question to wider audience.
But I can say that it's only subset of prefixes that are blocked
What I can do, is provide some blocked IPs as example:
90.190.226.239
90.191.156.199
hey,
My home IP is in both the PBL and the SORBS DUL and I have no trouble
using ebay or paypal.
Thanks for confirmation.
Given that the problem range is in Estonia, I expect that it's some
combination of abuse from the specific range and general issues with
traffic from Estonia.
What
1 - 100 of 359 matches
Mail list logo
