Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Opportunity of an active UDP against ono.com and auna.com ?

0 views

Skip to first unread message

Xavier Roche

unread,

Nov 2, 2005, 12:51:20 PM11/2/05

CC: auna.com / ono.com newsmasters & postmasters, FU2:
news.admin.net-abuse.usenet

[ Sorry for my poor english ]

These two domains have been the source of massive Usenet spam for
*months*, without any reply from their respective newsmasters.
Absolutely no action was taken to stop, or even limit the outgoing spam
from these two servers, despite several mail complaints.

The auna.com domain is notably used to send "dvd100.net" spam, and the
ono.com server used to promote "make money fast" schemes. Currently,
most spam is cancelled using cleaning bots, but this solution is not a
long-term solution.

After an overview on fr.usenet.abus.d, we think that these two domains
should be eligible for a temporary active UDP, that could help to catch
the attention of their newsmasters.
This UDP would be maintained until proper acknowledgement is made from
the respective newsmasters showing that:
- newsmasters/abuse desk is still active
- action is taken against abusing custommers

Is this the correct way to go ?

Example of recent flood coming from these two domains:

Recent example of flood coming from ono.com:
--------------------------------------------

Xavier

unread,

Nov 2, 2005, 2:24:47 PM11/2/05

In article <dkauap$6lo$1...@news.httrack.net>,
Xavier Roche <xro...@free.fr.NOSPAM.invalid> wrote:

> After an overview on fr.usenet.abus.d, we think that these two domains
> should be eligible for a temporary active UDP, that could help to catch
> the attention of their newsmasters.

Agreed. Does someone have direct contact with auna/ono staff ?

--
Xavier Humbert - groumpf.org newsmaster

Message has been deleted

Xavier Roche

unread,

Nov 4, 2005, 5:23:53 PM11/4/05

Xavier Roche wrote:
> The auna.com domain is notably used to send "dvd100.net" spam

The flood continues, without any reponse from auna.com newsmasters.

auna.com is now under full active UDP, until proper acknowledgement is
made from the respective newsmasters.

David Ritz

unread,

Nov 5, 2005, 1:35:53 AM11/5/05

-----BEGIN PGP SIGNED MESSAGE-----

In article <dkauap$6lo$1...@news.httrack.net>,
Xavier Roche <xro...@free.fr.NOSPAM.invalid> wrote:

XR> These two domains have been the source of massive Usenet spam
XR> for *months*, without any reply from their respective
XR> newsmasters. Absolutely no action was taken to stop, or even
XR> limit the outgoing spam from these two servers, despite several
XR> mail complaints.

XR> The auna.com domain is notably used to send "dvd100.net" spam,
XR> and the ono.com server used to promote "make money fast"
XR> schemes. Currently, most spam is cancelled using cleaning bots,
XR> but this solution is not a long-term solution.

XR> After an overview on fr.usenet.abus.d, we think that these two
XR> domains should be eligible for a temporary active UDP, that
XR> could help to catch the attention of their newsmasters. This UDP
XR> would be maintained until proper acknowledgement is made from
XR> the respective newsmasters showing that: - newsmasters/abuse
XR> desk is still active - action is taken against abusing
XR> custommers

XR> Is this the correct way to go ?

Both of these ISPs are well known for exhibiting massive clue
impairment. I doubt there's much hope of ever hammering a clue
through to them. To my mind, there is little use for either,
beyond the borders of Spain. They would both do well, to
establish themselves as an intranet, with no connection to the
outside world.

In the case of ONO.COM, they've already gone through a formal UDP
process, in June, 2002, with regard to the large numbers of open
proxies operating on their lusers' Windoze boxes. Please see
<http://tinyurl.com/bplwg>.

As an alternative to an active UDP, have you attempted to reach
the appropriate contacts at ONO.COM's and AUNA.NET's upstream news
peers? Passive UDPs, such as de-peering, are often an even more
effective tool in dealing with the clue devoid.

I will note, there is mighty sparse data available in
nana.sightings, regarding any of this spamming activity. Having a
publicly accessible history of what you describe as ongoing abuse,
would be most helpful, were this discussion to deserve further
consideration.

- --
David Ritz <dritz+...@suespammers.org>
"This isn't a win/lose kind of thing. If there's a UDP, we all lose.
If the abuse stops, we all win." - Jeremy Nixon

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.2 (Build 2425)
Comment: PGP Public Keys: <http://dritz.mako.ath.cx/keys.txt>

iQCVAwUBQ2xSwqdkAgrqVVPRAQGCoAP8CYOs9wIlxnK2AEbCQAOBEuw1NzBSbOmk
WBsBwvfuAPbNs9d5G3WTYiIZ1+rVZqhr9jPOLwQEslpI0UYA7DRtp3f214Gm/Lqa
ut+/1H6T/plAOaTzgJf9LudBZu1oqqWsBOpfgEfV40c1OqBEeqgtSBf0dQx0qWBD
Au1DbptxQ10=
=WbVh
-----END PGP SIGNATURE-----

Xavier Roche

unread,

Nov 5, 2005, 3:27:13 AM11/5/05

Hi,

David Ritz wrote:
> In the case of ONO.COM, they've already gone through a formal UDP
> process, in June, 2002, with regard to the large numbers of open
> proxies operating on their lusers' Windoze boxes. Please see
> <http://tinyurl.com/bplwg>.

Did the UDP caught the attention of the newsmaster ? After several mails
two months ago, I just couldn't get any reply from newsmaster and/or
abuse desk (even an automated one)
The ono.com newsserver was a big spam source ; but appently the spam
threshold has decreased.

> As an alternative to an active UDP, have you attempted to reach
> the appropriate contacts at ONO.COM's and AUNA.NET's upstream news
> peers? Passive UDPs, such as de-peering, are often an even more
> effective tool in dealing with the clue devoid.

I just contacted two of their peers (teleglobe.net and news.espanix.net)
to inform them of the problem ; but there might be other peers, too.
(By the way, the auna.com flood goes on)

Note: the current UDP contains the following pseudo-site in the path:
!UDP-AUNA-COM

0 new messages