a customer of chello.be has been repeating a dns dynamic update against my zone every four minutes since october 20. chello's abuse reporting channel is no doubt full of spam reports. their noc no doubt doesn't care about end-user problems. i nmap'd the offending box: Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-11-05 17:24 GMT Interesting ports on cable-62-205-122-245.upc.chello.be (62.205.122.245): (The 1638 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 9/tcp open discard 13/tcp open daytime 21/tcp open ftp 25/tcp open smtp 37/tcp filtered time 53/tcp open domain 111/tcp open rpcbind 113/tcp filtered auth 135/tcp filtered msrpc 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 515/tcp open printer 548/tcp open afpovertcp 1024/tcp open kdm 1025/tcp open NFS-or-IIS 1026/tcp filtered LSA-or-nterm 8009/tcp open ajp13 8080/tcp open http-proxy 10000/tcp open snet-sensor-mgmt and i connected to every one of those services that i had a client for, and sent mail to the postmaster (using telnet and the @[] notation), but i think i have not done enough to set off any kind of intrusion detection systems. what's a socially acceptable way to be rude enough to make these people pay attention to me? i'm asking not just for this host -- i'm hoping there's a "community standard" i can follow, and recommend that others follow. the box is raw debian. in fact its hostname (according to its exim and bind) is "debian". i don't think anybody's reading its "postmaster" mailbox. i do not think there is any evil intent in the updates they won't stop sending me, but they're filling my logs and i don't want to firewall them.