On 8/30/2002 at 8:25 PM, nanog@vo.cnchost.com wrote:
On 04:36 PM 8/30/02, John M. Brown wrote:
Jason at XO's security/abuse staff. Very helpful chap
Indeed he is. Which is why I'm totally mystified about why rfc-ignorant insists that my domain doesn't have a working abuse address. I would privately email the admin at rfc-ignorant about this problem, but, well.... (see below)
jc
I don't think rfc-ignorant.org tests entries at a later time, ever. I have brought the concentric.net case to their attention today. Speaking of Concentric domains: cnc.net has not had a working abuse@ address for several YEARS, and I have brought that to Concentric's attention, oh, 3-4 years ago? I consider this a reckless way of operating: some people have interpreted RFC822 in such a way that you only have to accept mail to "postmaster@FQDN" if you actually accept any mail for the domain at all. I wonder who's smart idea within Concentric it was to use cnc.net for a bazillion FQDN's and in-addr.arpa records, but create an MX record for the domain and not accept postmaster and abuse@cnc.net . If I wouldn't know better (the whole incompetent vs. malevolent logic), I'd outright describe this as being "evasive". Speaking of evading: I wish to remind the readers of this thread (a subset of NANOG readers) that the good deeds of a few cannot make up for the colossal, corrupt policy failures of a bankrupt organization as a whole, or else I wouldn't currently be in possession of about 90 complaints (and corresponding 90 auto-replies, with exactly ZERO human-generated replies) from xo.com regarding spam-spewing factories of crime in their IP space, with such complaints sent to them in the short, short period of the last 2.5 months, based on an amazingly small swath of IP space at the receiving end of this Internet crime. Examples of XO customers who can't tell right from wrong, and "220 DO ME HARD" from "550 NO TRESPASSING, CRIMINAL SCUM", and who continue to criminally trespass onto other people's property after being told to stay away: Sep 9 08:13:25 sonet sendmail[895]: IAA00895: from=<Reply@ContentWatch.com>, size=0, class=0, pri=0, nrcpts=0, proto=SMTP, relay=gw.iaccess.com [64.221.226.129] Sep 9 02:19:51 saturn sendmail[5229]: NOQUEUE: ruleset=check_relay, arg1=lsv-004.cynergen.net, arg2=66.239.204.53, relay=lsv-004.cynergen.net [66.239.204.53], reject=550 no access for OIN - Spammers must die. Sep 9 00:35:21 saturn sendmail[1729]: NOQUEUE: ruleset=check_relay, arg1=host28.anglcorp.com, arg2=67.105.80.91, relay=host28.anglcorp.com [67.105.80.91], reject=550 no access for list-washing twits at anglcorp.com - Spammers must die. Sep 8 00:13:57 saturn sendmail[12484]: NOQUEUE: ruleset=check_relay, arg1=lsv-001.cynergen.net, arg2=66.239.204.50, relay=lsv-001.cynergen.net [66.239.204.50], reject=550 no access for OIN - Spammers must die. Sep 7 20:58:36 saturn sendmail[6541]: NOQUEUE: ruleset=check_relay, arg1=host24.anglcorp.com, arg2=67.105.80.87, relay=host24.anglcorp.com [67.105.80.87], reject=550 no access for list-washing twits at anglcorp.com - Spammers must die. Sep 7 16:26:39 sonet sendmail[11480]: NOQUEUE: ruleset=check_relay, arg1=lsv-002.cynergen.net, arg2=66.239.204.51, relay=lsv-002.cynergen.net [66.239.204.51], reject=550 no access for OIN - Spammers must die. Sep 7 05:01:49 saturn sendmail[2655]: FAA02655: <X>... User unknown - user never existed - single-opt-in is spam - and Spammers must die. Sep 7 05:01:49 saturn sendmail[2655]: FAA02655: from=<102338940173691-7090200001-X?X@bounce.tilw.net>, size=0, class=0, pri=0, nrcpts=0, proto=SMTP, relay=ul1.tilw.net [209.164.4.171] Sep 6 20:55:27 saturn sendmail[14573]: NOQUEUE: ruleset=check_relay, arg1=lsv-001.cynergen.net, arg2=66.239.204.50, relay=lsv-001.cynergen.net [66.239.204.50], reject=550 no access for OIN - Spammers must die. Sep 5 20:10:41 sonet sendmail[18779]: UAA18779: from=<reply@contentwatch.com>, size=0, class=0, pri=0, nrcpts=0, proto=SMTP, relay=host228.iaccess.com [64.221.226.228] (may be forged) Sep 5 18:44:45 saturn sendmail[9560]: NOQUEUE: ruleset=check_relay, arg1=lsv-002.cynergen.net, arg2=66.239.204.51, relay=lsv-002.cynergen.net [66.239.204.51], reject=550 no access for OIN - Spammers must die. Sep 5 14:30:19 saturn sendmail[26113]: NOQUEUE: ruleset=check_relay, arg1=thething.emailfactory.com, arg2=64.35.34.30, relay=thething.emailfactory.com [64.35.34.30], reject=550 NO TRESPASSING for emailfactory.com/newc.com - Spammers must die. Sep 4 16:20:57 saturn sendmail[817]: NOQUEUE: ruleset=check_relay, arg1=lsv-001.cynergen.net, arg2=66.239.204.50, relay=lsv-001.cynergen.net [66.239.204.50], reject=550 no access for OIN - Spammers must die. There is no doubt in my mind that XO is fully aware of the criminal trespass committed by their customers, and continues to aid and abet these criminal activities on a daily basis by knowingly and willingly providing service and /dev/null'ing complaints about them - kinda like Sprintlink/Sprint aiding and abetting their criminals^Wcustomers while committing acts of forgery, false declaration of goods, false declaration of goods in interstate and international commerce, criminal impersonation, falsification of business records and business and wire fraud across state lines - only more passively. I could point the finger in almost any direction from here.
From UnSavvy to APiss&Pee. From Uh-Oh!Net to Clueless&Witless. From FraudLynx to VeryUglio, From Exorcism to Worldcunt. The bigger, the more bankrupt, the more aiding and abetting.
It's 5pm: do you know who you work for? -- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath