nanog mailing list archives
Re: SpamHaus Drop List
From: Steve Linford <linford () spamhaus org>
Date: Fri, 24 Aug 2007 09:42:30 +0000
On 24 Aug 2007, at 01:49, Derek wrote:
hjan wrote:My experience is not specific to the DROP list but regarding the RBL/Zen service I have found the 'moderators' of the lists can abuse their power and unable to provide any proof to their entries.Does anyone use spamhaus drop list ? http://www.spamhaus.org/drop/index.lasso I'm glad to listen opinions or experience. Regards, Gianluca
A quick search in our removals archive brings up the particular listing Derek's experience relates to: SBL53319
In April Derek was hosted on Intercage (aka Atrivo, aka US-based home of malware, DNS exploits, malware C&Cs and botnet spam cannons). Intercage/Atrivo is a /20 used predominantly by serious crime gangs from the Ukraine and Russia, the /20 is firewalled to hell and back by those who know about it. Amongst all the East European cyber-crime gangs stuffed into that /20 there's the rare legitimate customer like Derek dotted about here and there, they can be counted literally on one hand.
In contacting our team about the SBL listing, Derek googled a bit for "Spamhaus" and read a posting by a ROKSO spammer claiming we were child molesters, nazis and members of the KKK, and unfortunately Derek fully believed it, so he contacted our removals team from that perspective... Advisably not the best way to have a constructive dialogue with our team.
SBL Removals declined to provide Derek with proof of the cyber-crimes being committed by the gangs on Intercage, since Derek did not provide his FBI badge number.
With over 100 SBL listings all for malware, botnet C&Cs, phishing and carding cyber-crime, as well as being closely connected with RBN (Russian Business Network), Intercage (216.255.176.0/20) is indeed currently on the SBL and is in our DROP list:
http://www.spamhaus.org/sbl/sbl.lasso?query=SBL53319
But when your on the wrong side of the fence it is very annoying, if one of the moderators has a beef with your provider - look out!Derek
In this particular case, I think it's fair to say that Spamhaus "has a beef" with Derek's provider. So do all of the internet's security firms.
Steve Linford The Spamhaus Project http://www.spamhaus.org
Current thread:
- Re: SpamHaus Drop List, (continued)
- Re: SpamHaus Drop List Marco d'Itri (Aug 23)
- Re: SpamHaus Drop List Sean Donelan (Aug 23)
- Re: SpamHaus Drop List Peter Dambier (Aug 23)
- Re: SpamHaus Drop List Al Iverson (Aug 23)
- Re: SpamHaus Drop List Paul Vixie (Aug 23)
- Re: SpamHaus Drop List Sean Donelan (Aug 23)
- Re: SpamHaus Drop List Paul Vixie (Aug 24)
- Re: SpamHaus Drop List Sean Donelan (Aug 24)
- Re: SpamHaus Drop List Paul Vixie (Aug 23)
- Re: SpamHaus Drop List Steve Linford (Aug 24)