I am for naming the companies that extort for via RBLs. Spamming is so wide spread even the domain name company Godaddy leveraged it as a profit center. Godaddy, in it's early beginnings. Years ago. I know from experience that this happens....Godaddy demanded money from me for spamming. I had to pay $150 or $250 ? I had several domains with them that were not even being used, beyond a webpage placeholder and I ran my own DNS server for my domains. After paying, they released my domain to function again. They claimed and promised they would provide the proof "after I paid"... employees and all kinds of lines about why they could not show you until after you paid. I paid and Godaddy suddenly lost the proof. I am sure it was part of a profit center as I know others that had this happen with Godaddy. Think about it Godaddy didnt even provide me a service using an IP address of theirs. It was the domain they held hostage with their DNS server. There should be a class action against them - just to expose it - (people never get the real money the lawyers do in a class action). Now that they are public some lawyer should look into the records and find all the extortion money gathered years ago. Contact those domain owners at the time. Would surprise me if the RBL owners were ex Godaddy employees that saw this leverage opportunity. Thank You Bob Evans CTO
Would you mind naming the company so that they can be publicly shamed? That is nothing sort of extortion.
On Mar 19, 2017 10:36 PM, "Justin Wilson" <lists@mtin.net> wrote:
Then you have the lists which want money to be removed. I have an IP that was blacklisted by hotmail. Just a single IP. I have gone through the procedures that are referenced in the return e-mails. No response. My next step says something about a $2500 fee to have it investigated. I know several blacklists which are this way. Luckily, many admins do not use such lists.
Justin Wilson j2sw@mtin.net
--- http://www.mtin.net Owner/CEO xISP Solutions- Consulting â Data Centers - Bandwidth
http://www.midwest-ix.com COO/Chairman Internet Exchange - Peering - Distributed Fabric
On Mar 12, 2017, at 9:10 PM, Bob Evans <bob@FiberInternetCenter.com> wrote:
Pete's right about how IPs get put on the lists. In fact, let us not forget that these lists were mostly created with volunteers - some still today. Many are very old lists. Enterprise networks select lists by some sort of popularity / fame - etc.. Like how they decide to install 8.8.8.8 as first - its easy and they think its better than their local ISP they pay.... yet they always call the ISP about slowness when 8.8.8.8 is for consumers and doesn't always resolve quickly. It's a tough sale.
Once had a customer's employee abuse their mail server - it made some lists. Customer complained our network is hosting spammers and sticking them in the middle of a problem that is our networks. Hard win. Took us months to get that IP off lists. That was one single IP. We did not allow them to renew their contract once the term was over. Now, they suffer with comcast for business. ;-)
Thank You Bob Evans CTO
On Sun, 12 Mar 2017, Pete Baldwin wrote:
So this is is really the question I had, and this is why I was wanting to start a dialog here, hoping that it wasn't out of line for the list. I don't know of a way to let a bunch of operators know that they should remove something without using something like this mailing list. Blacklists are supposed to fill this role so that one operator doesn't have to try and contact thousands of other operators individually, he/she just has to appeal to the blacklist and once delisted all should be well in short order.
In cases where companies have their own internal lists, or only update them a couple of times a year from the major lists, I don't know of another way to notify everyone.
I suspect you'll find many of the private "blacklistings" are hand maintained (added to as needed, never removed from unless requested) and you'll need to play whack-a-mole, reaching out to each network as you find they have the space blocked on their mail servers or null routed on their networks. I doubt your message here will be seen by many of the "right people." How many company mail server admins read NANOG? How many companies even do email in-house and have mail server admins anymore? :)
Back when my [at that time] employer was issued some of 69/8, I found it useful to setup a host with IPs in 69/8 and in one of our older IP blocks, and then do both automated reachability testing and allow anyone to do a traceroute from both source IPs simultaneously, keeping the results in a DB. If you find there are many networks actually null routing your purchased space, you might setup something similar.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________