Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Spam. Again.. -- and blocking net blocks?

  • From: Michael.Dillon
  • Date: Tue Dec 10 10:39:15 2002

> Problem:
> For some reason, spews has decided to now block one of our /19.. Ie no 
mail
> server in the /19 can send mail.

> Questions:
> 1) How do we smack some sense into spews?

Make it easy for them to identify the fact that your downstream ISP 
customer has allocated that /32 to a separate organisation. This is what 
referral whois was supposed to do but it never happened because 
development of the tools fizzled out. 

If SPEWS could plug guilty IP addresses into an automated tool and come up 
with an accurate identification of which neighboring IP addresses were 
tainted and which were not, then they wouldn't use such crude techniques. 

Imagine a tool which queries the IANA root LDAP server for an IP address. 
The IANA server refers them to ARIN's LDAP server because this comes from 
a /8 that was allocated to ARIN. Now ARIN's server identifies that this 
address is in your /19 so it refers SPEWS to your own LDAP server. Your 
server identifies your customer ISP as the owner of the block, or if your 
customer has been keeping the records up to date with a simple LDAP 
client, your server would identify that the guilty party is indeed only on 
one IP address. 

Of course, this won't stop SPEWS from blacklisting you. But it enables 
SPEWS to quickly identify the organization (your customer ISP) that has a 
business relationship with the offender so that SPEWS is more likely to 
focus their attentions on these two parties.

> 2) Does anyone else see a HUGE problem with listing a /19 because there 
is
> one /32 of a spam advertised website?  When did this start happening?

It's a free country, you can't stop people like the SPEWS group from 
expressing their opinions. As long as people are satisfied with crude 
tools for mapping IP address to owner, this kind of thing will continue to 
happen.

--Michael Dillon





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.