lbl.lagengymnastik.dk

16 views
Skip to first unread message

Henrik, of the deceased lbl.lagengymnastik.dk

unread,
Jan 23, 2007, 11:01:21 AM1/23/07
to
LBL.lagengymnastik.dk RBL stopped operations in March 2004.

At that time the entire database was cleared and no hosts would return
a postive.

Today i got a call from my DNS operator, who told me that LBL - after
almost three years - still gets a lot of lookups and we therefore
decided to choosed the Osirusoft solution.
This is very very regrettable but it seems to be the only way to get
people to stop using lbl.lagengymnastik.dk

You should - honestly - bitch-slap those bastards who still uses
lbl.lagengymnastik.dk.
I can only regret this, but that appears to be the only way.

So please stop using lbl.lagengymnastik.dk!
For questions and info please mail 'lbl (dot) lagengymnastik (at) gmail
(dot) com'.

Kind Regards
Henrik

--
Comments posted to news.admin.net-abuse.blocklisting
are solely the responsibility of their author. Please
read the news.admin.net-abuse.blocklisting FAQ at
http://www.blocklisting.com/faq.html before posting.

Jem Berkes

unread,
Jan 23, 2007, 1:07:33 PM1/23/07
to
> You should - honestly - bitch-slap those bastards who still uses
> lbl.lagengymnastik.dk.
> I can only regret this, but that appears to be the only way

dnsstuff.com still queries it, perhaps that is generating a chunk of the
lookups you are observing?

Henrik, of the deceased lbl.lagengymnastik.dk

unread,
Jan 23, 2007, 4:17:31 PM1/23/07
to

Jem Berkes skrev:

> > You should - honestly - bitch-slap those bastards who still uses
> > lbl.lagengymnastik.dk.
> > I can only regret this, but that appears to be the only way
>
> dnsstuff.com still queries it, perhaps that is generating a chunk of the
> lookups you are observing?

I wasn't aware of that. This could be the case. Anyway they shouldn't
be testing against a discharded RBL so i have just contacted them.
Thank you for putting this to my attention :)

Kind regards
Henrik

Al

unread,
Jan 24, 2007, 4:24:19 PM1/24/07
to
On Jan 23, 3:17 pm, "Henrik, of the deceased lbl.lagengymnastik.dk"

<lbl.lagengymnas...@gmail.com> wrote:
> Jem Berkes skrev:
>
> > > You should - honestly - bitch-slap those bastards who still uses
> > > lbl.lagengymnastik.dk.
> > > I can only regret this, but that appears to be the only way
>
> > dnsstuff.com still queries it, perhaps that is generating a chunk of the
> > lookups you are observing?I wasn't aware of that. This could be the case. Anyway they shouldn't

> be testing against a discharded RBL so i have just contacted them.
> Thank you for putting this to my attention :)

I heard from DNSStuff.com today, who said that they would be removing
the LBL from the list of DNSBLs queried, tomorrow (Thursday, January
25th).

Regards,
Al Iverson

--
Al Iverson -- www.aliverson.com
Visit my blog at www.spamresource.com

Laurence F. Sheldon, Jr.

unread,
Jan 24, 2007, 8:14:02 PM1/24/07
to
Al wrote:

> On Jan 23, 3:17 pm, "Henrik, of the deceased lbl.lagengymnastik.dk"
> <lbl.lagengymnas...@gmail.com> wrote:
>
>>Jem Berkes skrev:
>>
>>
>>>>You should - honestly - bitch-slap those bastards who still uses
>>>>lbl.lagengymnastik.dk.
>>>>I can only regret this, but that appears to be the only way
>>
>>>dnsstuff.com still queries it, perhaps that is generating a chunk of the
>>>lookups you are observing?I wasn't aware of that. This could be the case. Anyway they shouldn't
>>
>>be testing against a discharded RBL so i have just contacted them.
>>Thank you for putting this to my attention :)
>
>
> I heard from DNSStuff.com today, who said that they would be removing
> the LBL from the list of DNSBLs queried, tomorrow (Thursday, January
> 25th).

It would be interesting to see a report showing the effect of that change.
--
Requiescas in pace o email

Ex turpi causa non oritur actio

http://members.cox.net/larrysheldon/

Henrik, of the deceased lbl.lagengymnastik.dk

unread,
Jan 25, 2007, 6:35:42 PM1/25/07
to
On 25 Jan., 02:14, "Laurence F. Sheldon, Jr." <LarryShel...@cox.net>
wrote:
> Al wrote:

> > I heard from DNSStuff.com today, who said that they would be removing
> > the LBL from the list of DNSBLs queried, tomorrow (Thursday, January
> > 25th).

> It would be interesting to see a report showing the effect of that change.

Some 20-25% of the mails that i have received since initiating the
wildcard-block is from people who have seen on DNSStuff.com that their
IP is blocked (another 20-25% is from people who have seen the same on
mxtoolbox.com).
I expect those kind of mails to reduced greatly when first DNSStuff.com
has removed lbl.lagengymnastik.com from their service (i haven't heard
anything from mxtoolbox.com though).

Kind regards
Henrik

Matthias Leisi

unread,
Jan 26, 2007, 7:37:19 AM1/26/07
to

Jem Berkes wrote:
>> You should - honestly - bitch-slap those bastards who still uses
>> lbl.lagengymnastik.dk.
>> I can only regret this, but that appears to be the only way
>
> dnsstuff.com still queries it, perhaps that is generating a chunk of the
> lookups you are observing?

I tipped off robtex.com which removed it as well.

-- Matthias

--
http://www.dnswl.org/ - Protect against false positives

Johann Steigenberger

unread,
Jan 26, 2007, 12:13:46 PM1/26/07
to
In article <1169732695.8...@k78g2000cwa.googlegroups.com>,
lbl.lagen...@gmail.com says...

>
>Some 20-25% of the mails that i have received since initiating the
>wildcard-block is from people who have seen on DNSStuff.com that their

I also assume DNSSTUFF is the reason so many people are doing querys to
invalid zones at the blacklists out there.

Why?

Instead of telling their visitors what the primary dns is, they should tell
them what the zones of the blacklists are.

By telling them what the primary dns is, we have no longer to wonder about
wrong querys like:

1.2.3.4.dnsbl-mirrors.uceprotect.net

After all i have heared from other blacklist operators you *all* get such
"Poweruser-Requests" to invalid zones. Say thanks to DNSSTUFF :-(

Furthermore they have been approved, that they have not even knowlege of the
policies of blacklists, but think they must comment on them like:
SHOULD NOT BE USED.

For e.g.:

Their suggestions about UCEPROTECT are pure unlogic :-)

Level 1 (which lists single IPs only) is without any suggestion.

But:

Level 2 (which lists /24 Nets by at least 3 single IPs in Level 1 within 7
days)
Lets look what DNSSTUFF says to this: [should not be used] ????
On looking for reasons:
NEVER BLOCK WITH: BLARSBL, FIVETENIGNORE, FIVETENSRC, JAMMDNSBL, SPAMBAG,
SPEWS, UCEPROTECTL2 (these block large IP ranges)

A /24 is a *BIG* netrange? :-) This *really* disqualifies them.

They also had a similair suggestion on our:

Level 3 (which lists /16 Nets by at least 513 IPs in Level 1)
in December 2006, before we told them that at least 513 IPs must be in
Level 1 within 7 days to trigger a Level 3 Listing. :-)

After that they removed their Level 3 suggestion, telling us they were sorry
but they did not know about our listing policy.

You all can approve that Level 2 suggestion is still there :-)
I also wrote them about, that this is pure unlogic, but no reaction since 2
weeks now.

UCEPROTECT is nothing you can compare with BLARS:-)
Most of our users are using us, because of our accuracy.

Interesting is also that Level 2 did originally list a /24 on 2 listed IPs in
Level 1, but DNSSTUFF did not flag it as "SHOULD NOT BE USED" for 3 years.

But by changing that to: Level 2 lists a /24 on 3 listed IPs in Level 1,
DNSSTUFF did flag us as: "SHOULD NOT BE USED".

Not realizing that this change makes it more unlike to get third parties
involved in a blocking, should tell you what to think about them.

It is also complete bullshit what they are telling aubout Mathews SORBS:
NEVER BLOCK WITH: MAPS-DUL, SORBS-DUHL (these knowingly list IPs that do not
meet listing criteria).

Which listing criterias ???
They have been approved to not even read policies of blacklists before
publishing bullshit about them.

On the other hand, DNSSTUFF has other list on their lookup page which lists
entire countrys, (complete CHINA or complete Korea) but you will not read
[SHOULD NOT BEU USED] or "THESE ARE LISTING BIG NETWORKS" there.

That all shows me that DNSSTUFF has no idea of effective blacklisting and
therefore: Possibly DNSSTUFF should not be used :-)
At least we have removed all links to them from our websites.

Robtex.com did IMHO a very better job, and they outperform DNSSTUFF wideley.

Instead of giving useless suggestions DNSSTUFF should remove the display of
the primary dns servers from their lookup page and tell people to read policies
of any blacklist, before using it.

Johann Steigenberger

--
Project UCEPROTECT-Network: Join now - It's free - It's consequent
Together we can stop all spammers on this planet!
http://www.uceprotect.net

Jem Berkes

unread,
Jan 26, 2007, 1:32:23 PM1/26/07
to
> I also assume DNSSTUFF is the reason so many people are doing querys
> to invalid zones at the blacklists out there.
>
> Why?
>
> Instead of telling their visitors what the primary dns is, they should
> tell them what the zones of the blacklists are.
>
> By telling them what the primary dns is, we have no longer to wonder
> about wrong querys like:

You have a good point there, I never thought of it that way but yeah -
where is the dnsbl zone itself? Would make more sense than listing the SOA
nameserver.

> It is also complete bullshit what they are telling aubout Mathews
> SORBS: NEVER BLOCK WITH: MAPS-DUL, SORBS-DUHL (these knowingly list
> IPs that do not meet listing criteria).
>
> Which listing criterias ???

I never did understand that either. I think dul.dnsbl.sorbs.net is a very
useful list for its intended use. Why single out these for "never block"?

--
Jem Berkes
www.sysdesign.ca

Matthew Sullivan

unread,
Jan 26, 2007, 11:30:43 PM1/26/07
to
Jem Berkes wrote:
>
>> It is also complete bullshit what they are telling aubout Mathews
>> SORBS: NEVER BLOCK WITH: MAPS-DUL, SORBS-DUHL (these knowingly list
>> IPs that do not meet listing criteria).
>>
>> Which listing criterias ???
>
> I never did understand that either. I think dul.dnsbl.sorbs.net is a very
> useful list for its intended use. Why single out these for "never block"?
>

Owner of said site was listed (still is?) and he did not meet the
delisting criteria. So rather than actually doing something
constructive he decided on the path of telling lies. (which he didn't
just stop at the DNSStuff site, IIRC he also posted to a mailing list
called Zorch).

Regards,

Mat

Johann Steigenberger

unread,
Jan 27, 2007, 7:16:16 PM1/27/07
to
In article <epdr1b$p96$1...@nemesis.sorbs.net>, usene...@sorbs.net says...

>Owner of said site was listed (still is?) and he did not meet the
>delisting criteria. So rather than actually doing something
>constructive he decided on the path of telling lies. (which he didn't
>just stop at the DNSStuff site, IIRC he also posted to a mailing list
>called Zorch).

This is exactley what i suspected.
DNSSTUFF does not approve what they are told by any lamerz out there.
By following fraudulent claims, and publishing the lies they were told,
they disqualify themself to be a trusted source of information.

Additional their clueless listing of the SOA records of RBLs instead of the
zones makes them directly guilty for invalid and useless requests.

I think blacklist operators should no longer tolerate that behavior.

Johann Steigenberger

--
Project UCEPROTECT-Network: Join now - It's free - It's consequent
Together we can stop all spammers on this planet!
http://www.uceprotect.net

--

Henrik, of the deceased lbl.lagengymnastik.dk

unread,
Jan 31, 2007, 11:00:03 PM1/31/07
to
On Jan 25, 2:14 am, "Laurence F. Sheldon, Jr." <LarryShel...@cox.net>
wrote:

> It would be interesting to see a report showing the effect of that change.

And a little more indepth statistics:

Number of mails (not counting replies to my replies from the
initiating mails nor regarding other issues than removal from LBL):

lbl.lagengymnastik postmaster
JAN 23: 12 2
JAN 24: 82 1
JAN 25: 20 1
JAN 26: 4 0
JAN 27: 1 0
JAN 28: 1 0
JAN 29: 0 0
JAN 30: 0 0

lbl.lagengymnastik = lbl (dot) lagengymnastik (at) gmail (dot) com
postmaster = postmaster (at) lagengymnastik (dot) dk

A couple of comments to the mails:

Most people actually understod my reasonning for doing what i did and
some even thanked me for pointing out, that their mailserver config
needed a review.

Most of the mails wasn't a result of people actually receiving
bounces, but because people noted listings on blacklist-checkers like
those found on dnsstuff.com and mxtoolbox.com.

More than 15% of the people who wrote wasn't quite sure how a DNSBL
actually worked, though they worked as administrators on mailservers.

Only two people even mentioned the word "legal" (one from USA and one
from Italy).

One person found that the website http://lbl.lagengymnastik.dk/ was
written in an offensive language.

One person even found the wildcard-block, was a enourmusly funny thing
to do...

Have a nice day :)

Kind regards
Henrik

Reply all
Reply to author
Forward
0 new messages