Bill, It appears that 155.229.2.2 (postal.atlanta.net) may be blackholed. We were getting used to relay spam until a couple weeks ago when we worked in some sendmail filters to block use as a relay... -Dorn 32% traceroute 155.229.2.2 traceroute to 155.229.2.2 (155.229.2.2), 30 hops max, 40 byte packets 1 cisco5-160 (128.9.160.5) 1.655 ms 1.577 ms 1.511 ms 2 ln-gw32 (128.9.32.1) 2.283 ms 1.669 ms 1.558 ms 3 f1.border1.lax1.genuity.net (198.32.146.18) 3.674 ms 3.695 ms 3.444 ms 4 core1.sjc1.genuity.net (207.240.0.9) 15.563 ms 16.552 ms 15.574 ms 5 f12.border1.sjc1.genuity.net (207.240.1.34) 15.412 ms 15.767 ms 15.624 ms 6 207.240.24.62 (207.240.24.62) 15.962 ms 16.109 ms 19.516 ms 7 * * * 8 * * 207.240.24.62 (207.240.24.62) 17.361 ms !H 9 * * * 10 * 207.240.24.62 (207.240.24.62) 17.361 ms !H * 11 * * 207.240.24.62 (207.240.24.62) 18.26 ms !H 12 * * * 13 * * * 14 * 207.240.24.62 (207.240.24.62) 17.682 ms !H * 15 207.240.24.62 (207.240.24.62) 16.796 ms !H * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 207.240.24.62 (207.240.24.62) 18.063 ms !H * * 26 207.240.24.62 (207.240.24.62) 31.012 ms !H * 16.813 ms !H 33% -- --bill -----End of forwarded message-----
Bill,
It appears that 155.229.2.2 (postal.atlanta.net) may be blackholed. We were getting used to relay spam until a couple weeks ago when we worked in some sendmail filters to block use as a relay...
-Dorn
I have no idea why you took this to NANOG but since you did, I'll tell you publically that what happened was that the problem was name service rather than mail relaying: ;; ANSWERS: softcell.com. 172800 NS NNTP.ATLANTA.NET. softcell.com. 172800 NS POSTAL.ATLANTA.NET. ;; ADDITIONAL RECORDS: NNTP.ATLANTA.NET. 172800 A 155.229.2.177 POSTAL.ATLANTA.NET. 172800 A 155.229.2.2 The domain contacts at Atlanta.NET did not answer their mail. If you can let me know that this pure-spam organization is no longer a customer and that you are not helping them to send me trash by selling them name service I will remove the blocks instantaneously. Sorry to bother NANOG with this. (Can we take it offline?)
I heard that www.isn.com sold them the PC they used to write the spam email. Shouldn't they be blocked too?
It appears that 155.229.2.2 (postal.atlanta.net) may be blackholed.
you publically that what happened was that the problem was name service rather than mail relaying:
let me know that this pure-spam organization is no longer a customer and that you are not helping them to send me trash by selling them name service I will remove the blocks instantaneously.
participants (3)
-
dorn@atl.eni.net
-
jon@branch.net
-
Paul A Vixie