Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Blocked at level 3

1 view
Skip to first unread message

mzan...@gmail.com

unread,
Oct 2, 2008, 9:43:48 AM10/2/08
to
Hello,

I�m the responsible for the netblock 200.26.189.0/24, that netblock
were announced using the ASN of my connection provider (IFX). We
acquire our own netblock just to prevent being blacklisted by sharing
the netblock with other users / providers out of our control. We don�t
do spam nor allow it from our netblock, so, what should I do? I shall
run with the same luck that my service provider just because I use the
same ASN?. What happens with all those providers who announces their
block without their own ASN?.

I�m not responsible for any other blocks announced with that ASN, We
work really hard to prevent spam from our netblock, the blocking
method you are using is poor realistic.

Your blocking system should find the minimal organization unit
(individual, group or enterprise) responsible for sending spam and
block them, We only have a commercial relationship with our connection
provider, We don�t share human resources nor bussiness ideology with
them, just the ASN, We are not they. An ASN number could be shared by
a lot of small services providers, but that doesn�t means they are
comploting for sending spam.

I hope you understand my point of view.

Thanks
Mart�n Zanlongo

--
Comments posted to news.admin.net-abuse.blocklisting
are solely the responsibility of their author. Please
read the news.admin.net-abuse.blocklisting FAQ at
http://www.blocklisting.com/faq.html before posting.

Seth

unread,
Oct 2, 2008, 3:38:59 PM10/2/08
to
In article <1decee05-cab1-4a89...@l64g2000hse.googlegroups.com>,

<mzan...@gmail.com> wrote:
>Hello,
>
>I�m the responsible for the netblock 200.26.189.0/24,

200/8 (some say /6) has a very bad reputation.

> that netblock were announced using the ASN of my connection provider
>(IFX).

What is IFX's spam reputation?

> We acquire our own netblock just to prevent being blacklisted by
>sharing the netblock with other users / providers out of our control.

A /24 in a bad neighborhood doesn't suffice for that.

> We don�t
>do spam nor allow it from our netblock, so, what should I do?

You might ask the _customer_ of the blocking provider to request they
let your mail through. (If the blocking provider's customer doesn't
want your mail, why are you sending it?)

> I shall run with the same luck that my service provider just because
>I use the same ASN?

Mostly, yes.

>. What happens with all those providers who announces their
>block without their own ASN?.

Lots of them are lumped together for reputation purposes.

>I�m not responsible for any other blocks announced with that ASN, We
>work really hard to prevent spam from our netblock, the blocking
>method you are using is poor realistic.

Their network, their rules.

>Your blocking system should find the minimal organization unit
>(individual, group or enterprise) responsible for sending spam and
>block them,

That's more expensive. Why should they spend their money to make you
happy?

> We only have a commercial relationship with our connection
>provider,

That is, you provide money (sustenance) to a spam-friendly
organization, helping keep them in business?

>I hope you understand my point of view.

Sure. But it won't help you.

Get a relay host someplace with a better reputation (and keep it
clean, becuase the way that place got its better reputation was by
killing spammers). See about deducting the cost of that from the
amount you pay to your current (spam-friends) provider.

Seth

E-Mail Sent to this address will be added to the BlackLists

unread,
Oct 2, 2008, 4:05:55 PM10/2/08
to
mzan...@gmail.com wrote:
> Subject: Blocked at level 3

I going to guess that you are referring to UceProtect's DNSbl,
and not one of the other ASN DNSbls.


> I�m the responsible for the netblock 200.26.189.0/24,


> that netblock were announced using the ASN of my
> connection provider (IFX).
> We acquire our own netblock just to prevent being
> blacklisted by sharing the netblock with other users
> / providers out of our control.

> We don�t do spam nor allow it from our netblock, so,


> what should I do?
> I shall run with the same luck that my service
> provider just because I use the same ASN?.

For people using ASN DNSbls, yes. {That is their purpose.}
e.g. 101.164.123.200.AS16814.ascc.dnsbl.bit.nl -> 127.0.0.2


> What happens with all those providers who announces their
> block without their own ASN?.

The originating domain uses a private ASN (64512 � 65534)
for the BGP session with their upstream;
Then the upstream replaces the private ASN with its own ASN
when the upstream advertises the prefix, to the rest of
the world the upstream is the originating ASN.


> I�m not responsible for any other blocks announced with that


> ASN, We work really hard to prevent spam from our netblock,
> the blocking method you are using is poor realistic.

If is the other way around, your upstream? ISP is being held
responsible for all IPs announced through their ASN.

Re: "Your", this is a Usenet news group
News.Admin.Net-Abuse.Blocklisting. N.A.N-A.Bl is not
UceProtect (although they sometimes post here).


> Your blocking system should find the minimal organization
> unit (individual, group or enterprise) responsible for
> sending spam and block them,

I think that is about what UceProtect's Level 2 does?

There are DNSbls based on single IPs, CIDRs, ASNs,
ISPs, Countries, Regions, ... that list IPs for a wide
variety of reasons;
From trojan or bot net activity, open proxies,
unsecured services, emitting spam, Dynamically assigned,
shouldn't be sending messages, ...
to those responsible for the IP are a Specific ISP,
getting services from specific ISP, are in a specific
country, or get IPs from a Specific Regional Internet Registry.


> We only have a commercial relationship with our

> connection provider, We don�t share human resources


> nor bussiness ideology with them, just the ASN,
> We are not they.

Anyone who uses a ASN DNSbl obviously doesn't care.


> An ASN number could be shared by a lot of small services

> providers, but that doesn�t means they are comploting


> for sending spam.
>
> I hope you understand my point of view.

Not hard to understand, like most who find their
(or their customers) messages getting rejected
you aren't happy about it (no one ever is).
{I'm guessing that is what is happening here?
Although it could be, blocking from posting to blogs,
or something else.}

I suspect many that use normal ASN DNSbls
&/or UceProtect's level 3, disagree with your opinion(s)
on how best to protect their assets, from messages, packets,
... they don't want.

--
E-Mail Sent to this address <Blac...@Anitech-Systems.com>
will be added to the BlackLists.

Claus v. Wolfhausen

unread,
Oct 3, 2008, 10:18:46 PM10/3/08
to
In article <1decee05-cab1-4a89...@l64g2000hse.googlegroups.com>,
mzan...@gmail.com says...

>I´m not responsible for any other blocks announced with that ASN, We
>work really hard to prevent spam from our netblock, the blocking
>method you are using is poor realistic.


UCEPROTECT-Network calculates listings based on the informations we get by BGP.

If you are impacted by an incompetent or negligent uplink we recommend that you
contact you RIR and request your own AS-Number.

After you got your own ASN announce your networks yourself by BGP and make sure
your upstream is no longer announcing them as theirs.

Doing so will lead to your networks and ranges will fall out of UCEPROTECT
Level 3 within 24 hours after you have started announcing by BGP.

--
Claus von Wolfhausen
UCEPROTECT-Projektleitung
http://www.uceprotect.net

Carl Byington

unread,
Oct 6, 2008, 12:19:52 PM10/6/08
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 04 Oct 2008 02:18:46 +0000, Claus v. Wolfhausen wrote:

[snip]


> UCEPROTECT-Network calculates listings based on the informations we get
> by
> BGP.

How do you handle bgp aggregation?


> If you are impacted by an incompetent or negligent uplink we recommend
> that you contact you RIR and request your own AS-Number.

> After you got your own ASN announce your networks yourself by BGP and
> make
> sure your upstream is no longer announcing them as theirs.

Many upstreams will automatically aggregate the customer announcements
into their larger announcement.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFI6VubL6j7milTFsERAvrxAJsF8/vcQOXLpKu+IFOShzhOiaT/SwCfRSVx
K4VHcJRZeqNE+DfA93lzwug=
=oOfZ
-----END PGP SIGNATURE-----

Shmuel (Seymour J.) Metz

unread,
Oct 6, 2008, 1:16:18 PM10/6/08
to
In <1decee05-cab1-4a89...@l64g2000hse.googlegroups.com>, on
10/02/2008
at 01:43 PM, mzan...@gmail.com said:

>Iïm the responsible for the netblock 200.26.189.0/24, that netblock were


>announced using the ASN of my connection provider (IFX).

As such, you are affected by your provider's reputation. That is as it
should be.

>We acquire our own netblock just to prevent being blacklisted by
>sharing the netblock with other users / providers out of our control.

Your connectivity will always be affected by the reputation of your
provider.

>so, what should I do?

Find a better provider.

>What happens with all those providers who announces their
>block without their own ASN?.

Their connectivity is linked to their providers' behavior.

>Iïm not responsible for any other blocks announced with that ASN,

The people blocking you are not responsible for your choice of provider.

>the blocking method you are using is poor realistic.

No. They are responsible for their own users' connectivity, not to yours.
If their principals and users are happy then they are doing their job
realistically, regardless of how it affects you.

>Your blocking system should find the minimal organization unit
>(individual, group or enterprise) responsible for sending spam and block
>them,

No. Their[1] blocking system should do whatever works for them, their
principals and their users. They have no obligation to cut holes in their
lists for your convenience.

>We only have a commercial relationship with our connection
>provider,

Which is more of a relationship than you have with the people blocking
you. You are asking them to incur additional expenses and risks for your
benefit. Why should they?

>I hope you understand my point of view.

We understand your point of view, but it is based on what you want rather
than on what is in the interests of those whose behavior you want to
change. If a broader granularity reduces their costs or reduces their
risks, why should they use a finer granularity? Have you offered them
reimbursement for the additional overhead? Have you posted a bond to
reimburse them should your provider switch a spammer into the IP space
you're using? You are the one that wants them to change; it is up to you
to give them an incentive large enough to make a change reasonable FROM
THEIR PERSPECTIVE.

[1] This is just a newsgroup, not a remove contact for any DNSBL or
its users. Most of us (TINU) are not affiliated with either,
although we (TINW) might[2] be able to offer useful advice.

[2] It's up to you to figure out which advice is useful. Trust but
verify.

--
Shmuel (Seymour J.) Metz, truly insane Spews puppet
<http://patriot.net/~shmuel>

I reserve the right to publicly post or ridicule any abusive
E-mail. Reply to domain Patriot dot net user shmuel+news to contact
me. Do not reply to spam...@library.lspace.org

0 new messages