It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me). I'm wondering if anyone has had a run-in with them and how I can get my IP off. Thanks, Tom -- Tom Nielsen Neuro Logic Systems 805.389.5435 x18 www.neuro-logic.com
On Wednesday 21 January 2004 12:45 pm, Tom Nielsen wrote:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
I'm wondering if anyone has had a run-in with them and how I can get my IP off.
Thanks, Tom
Tom, the above is commonly known as MAPS, they are now a pay subscription RBL service. They block indv. IP's, dial-up lists (2 or 3 different RBL lists) http://mail-abuse.org/rbl/enduser.html The link above is a good place to start, has quite a bit of information. I ran their test on the neuro-logic ip and it came up clean. My guess is that someone in your network / CIDR is the spammer, and thus you are in the block list also. You should probably contact your upstream provider / send copy of blocked mail, etc. Hurricane Electric 216.218.128.0/17 perhaps. (I've had spam from the above in the past, I remember doing the lookup on Hurricane Electric) George -- Linux 2.6.1 #1 Fri Jan 16 09:28:12 EST 2004 i686 1:23pm up 1 day 22:12, 2 users, load average: 0.30, 0.16, 0.07
* Tom Nielsen;
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
If you are in one of those lists chances are you will be on others as well like www.sorbs.net. Also checking www.senderbase.org can help. not to mention the ordbs.org which our maillist was also caught into :-( HTH -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer Please reply to the list; http://susefaq.sf.net Please don't put me in TO/CC. Nisi defectum, haud refiecendum
On Wednesday 21 January 2004 5:45 pm, Tom Nielsen wrote:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
I'm wondering if anyone has had a run-in with them and how I can get my IP off.
Thanks, Tom
Tom, I think that the idea is that some abuse comes from dynamic IP domains, hence it is pointless to block a single address, because by the time you do, you are punishing only the innocent, and the guilty can just login to another IP address in the range. Obviously, mail-abuse are not in a position to tell whether the IP block you are in is dynamically allocated. I hope you would agree that it is better to punish the guilty along with the innocent rather than just punish the innocent. The blocking itself is not global. It is other users and ISP's choosing to believe the mail-abuse listing in order to block spam, and those people accepting the risk of losing legitimate traffic for the greater good. So what this means is that you are using an IP address from a block where someone else is doing or has done abuse. It is about the company you keep [obviously not through choice]. This really is a matter for your ISP to enforce an Acceptable Use Policy [AUP] on all its users, for the benefit of the many. You should ideally take this up with the ISP and get them to deal with whoever is causing the problem. The problem could simply be win lusers running trojans and malware, but whatever it is, the ISP should act on its own initiative and not need prompting. Once the ISP has cleaned up its act, they should be able to de-list with mail-abuse.org - check their site for the procedure Check out the ISP's AUP - if their terms are not robust, or if they do not enforce it, then ultimately you must change ISP to one who is prepared to keep a clean house. Sorry to give a dismal story on this. We have such a limited handle on spamming, that I am pleased to see that IP blocks are blocked by other ISP's, so that pressure can be applied to the rogue ISP's who can't or won't deal with their customers - though obviously equally sorry to see you losing connectivity. All the best Vince LIttler
On Wed, 2004-01-21 at 10:50, Vince Littler wrote:
On Wednesday 21 January 2004 5:45 pm, Tom Nielsen wrote:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
I'm wondering if anyone has had a run-in with them and how I can get my IP off.
Thanks, Tom
Tom,
I think that the idea is that some abuse comes from dynamic IP domains, hence it is pointless to block a single address, because by the time you do, you are punishing only the innocent, and the guilty can just login to another IP address in the range. Obviously, mail-abuse are not in a position to tell whether the IP block you are in is dynamically allocated. I hope you would agree that it is better to punish the guilty along with the innocent rather than just punish the innocent.
I seem to recall that you work for a company like the one I mentioned. Please excuse me if you don't. I would agree that in this case it is better to have some innocent people on the list, BUT the problem that I have is all the loops, emails and justifications that I have to go through to get them to remove me from the list. It's not a simple phone call or email, but rather I've been convicted and have to prove my innocence beyond a reasonable doubt. That's my problem. The last time this happened they said I was on a dynamic IP. This goes to show me that they don't really know what they are doing because I've had the same IP for 5 years...and it's not going to change (I have a contract) unless I change services.
The blocking itself is not global. It is other users and ISP's choosing to believe the mail-abuse listing in order to block spam, and those people accepting the risk of losing legitimate traffic for the greater good.
Actually, it is on a wide range. I have an email from another company that told me (let me know if you want to see the proof) that they block ranges of IPs and then let those that are innocent, make their case.
So what this means is that you are using an IP address from a block where someone else is doing or has done abuse. It is about the company you keep [obviously not through choice].
I'm with Verizon DSL. Not a very small company here in the States. We have a business level DSL account (what ever the heck that means) and we get a static IP address. The company, mail-abuse.org, claims it's a dial up account...it's not. I've had the same IP for 5 years now.
This really is a matter for your ISP to enforce an Acceptable Use Policy [AUP] on all its users, for the benefit of the many. You should ideally take this up with the ISP and get them to deal with whoever is causing the problem. The problem could simply be win lusers running trojans and malware, but whatever it is, the ISP should act on its own initiative and not need prompting. Once the ISP has cleaned up its act, they should be able to de-list with mail-abuse.org - check their site for the procedure
See now, I have to disagree. When I check with mail-abuse.org, their comment was "our customer asked us to block your site"....no they didn't. Lockheed Martin did not say, please block NLS. It's a marketing issue. The sales guys at these companies can say, "we'll cut your spam - guaranteed". And they do. But only because they randomly block certain blocks of IPs that may have issues. This is not Verizon's problem, but mail-abuse.org's since I have no open email relay, I don't spam, I've had a static for the past 5 years that has never caused a problem. If they listed me, then it's mail-abuse.org's problem.
Check out the ISP's AUP - if their terms are not robust, or if they do not enforce it, then ultimately you must change ISP to one who is prepared to keep a clean house.
Sorry to give a dismal story on this. We have such a limited handle on spamming, that I am pleased to see that IP blocks are blocked by other ISP's, so that pressure can be applied to the rogue ISP's who can't or won't deal with their customers - though obviously equally sorry to see you losing connectivity.
Again...rouge ISP Verizon is not. It's one of the largest ISPs in the States...and they know this since they are located near San Francisco. My only issue, is that they do not make it easy to remove an IP from the list. That's it. If I could easily call and talk to someone and have my IP removed, I would not have a problem. Now what I'm in the process of doing is getting an email from Lockheed Martin saying that my IP is acceptable and that I should be removed from the list. This is like working with credit bureaus over here. They put information on credit reports about you, but they don't take responsibility and try to blame the reporter....even though it's there fault. In closing, I'd like to state again that I think this is type of thing is a great idea, IF one doesn't have to go through endless efforts to get removed or put up with snotty, "holier than thou" customer service folks that, no matter what, think they are always right. Amen.
All the best
Vince LIttler
-- Tom Nielsen Neuro Logic Systems 805.389.5435 x18 www.neuro-logic.com
On Wed, 2004-01-21 at 12:31, pinto wrote:
On Wednesday 21 January 2004 19:50, Tom Nielsen wrote:
on a dynamic IP
~ maybe, a dynamic DNS Number was meant?
mail-abuse.org "thinks" it's a dynamic, dial-up account. It's not....it's static. This is why I have an issue. They shoot first and ask questions later. Thanks, Tom -- Tom Nielsen Neuro Logic Systems 805.389.5435 x18 www.neuro-logic.com
On Wed, 2004-01-21 at 11:50, Tom Nielsen wrote:
On Wed, 2004-01-21 at 10:50, Vince Littler wrote:
On Wednesday 21 January 2004 5:45 pm, Tom Nielsen wrote:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
Well, I sent them (mail-abuse.org) an email this morning and just got a response back. They apologized about the blocking and will pull my IP from their list. Now that's great customer service. In this case, I don't mind being added to a list once a year or so. That's it. -- Tom Nielsen Neuro Logic Systems 805.389.5435 x18 www.neuro-logic.com
Wed, 21 Jan 2004, by tom@neuro-logic.com:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
Just to get the facts straight: they (the blocklists) do not block anything themself. It is the choice of mailserver admins to use these blocklist to deny offenders access to their service. If you have a problem with (a) site(s) using a blocklist to deny you access I suggest you use a clean ISP for your mail. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SUSE 8.2 Kernel k_athlon-2.4.20 See headers for PGP/GPG info.
Theo v. Werkhoven wrote:
Wed, 21 Jan 2004, by tom@neuro-logic.com:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
Just to get the facts straight: they (the blocklists) do not block anything themself. It is the choice of mailserver admins to use these blocklist to deny offenders access to their service.
If you have a problem with (a) site(s) using a blocklist to deny you access I suggest you use a clean ISP for your mail.
Theo
Oh, you are soooooo wrong. You must work for this type of place. Let me set YOU straight. Take Lockheed Martin as my prime example. I managed to talk with one of the techs yesterday regarding this matter. (I'm lucky as they buy my equipment to use in their main facility). They subscribed to mail-abuse.org because they needed to dramatically decrease their spam. They were told they would see a difference...guarenteed. They did. They also found that there were some slight problems where they had false positives and guys like me were getting blocked. His comment was "we don't choose who we block, the company we use say they know where the problems are and they'll take care of it." He was also told that if there was a problem he, or someone in his department, would get our IP/name off the list. I didn't need this as mail-abouse.org was great in getting me off their list. I am also getting an email from LM as to the validity of my IP and organization. But LM doens't know who is on the list, just that the list will take care of their problems. I can go into my Sony example as well....but I won't as it is the same over there too. So, true, the blocklist does not do this themself, BUT the companies that use their services receive information weekly from the blocklisting companies to apply to their servers. So, "is it the drug dealers that are to blame...or the users??????" Let me say again, I like the idea of these companies IF and only IF, they act like mail-abuse.org and quickly and easily remove people from their list that are wrongly pinged. I had this problem with another company located in Europe somewhere, and they were a complete pain to work with. That put a bad taste in my mount. Cheers, Tom
Fri, 23 Jan 2004, by tom@neuro-logic.com:
Theo v. Werkhoven wrote:
Wed, 21 Jan 2004, by tom@neuro-logic.com:
It seems these guys are a spam blocker, but they block IPs. Instead of blocking problem IPs they block entire ranges of IPs and let legit folks fight to get their IP removed from the list (like me).
Just to get the facts straight: they (the blocklists) do not block anything themself. It is the choice of mailserver admins to use these blocklist to deny offenders access to their service.
If you have a problem with (a) site(s) using a blocklist to deny you access I suggest you use a clean ISP for your mail.
Theo
Oh, you are soooooo wrong. You must work for this type of place. Let me set YOU straight. Take Lockheed Martin as my prime example. I managed to [..]
I can go into my Sony example as well....but I won't as it is the same over there too.
I don't see you setting me straight here. You just prove my point. Instead of complaining to your ISP that they got themselfs on the blocklists you complain to the users of the RBLs. That's the completely wrong way of making the problem go-away.
So, true, the blocklist does not do this themself, BUT the companies that use their services receive information weekly from the blocklisting companies to apply to their servers. So, "is it the drug dealers that are to blame...or the users??????"
'Scuse me, but now the RBLs are the 'bad guys' instead of the spammers? It maybe so that IP addresses/ranges wind up on one of the lists by 'accident" from time to time, but knowing the criminal methods used by spammers these days to get their shite spread that's just too bad, but unavoidable. You have the responsibility *not* to be identified as a spammer supporter. You do that by *not* using a spammer supporting ISP.
Let me say again, I like the idea of these companies IF and only IF, they act like mail-abuse.org and quickly and easily remove people from their list that are wrongly pinged. I had this problem with another company located in Europe somewhere, and they were a complete pain to work with. That put a bad taste in my mount.
All the shite-sites that keep knocking on my mail port give me, and many others, a real bad taste in my mouth aswell. I'm just real glad that there are people out there who give a damn, and try to do something about the problem. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SUSE 8.2 Kernel k_athlon-2.4.20 See headers for PGP/GPG info.
participants (6)
-
George Auch -
pinto -
Theo v. Werkhoven -
Togan Muftuoglu -
Tom Nielsen -
Vince Littler