RE: IP-Echelon Compliance
Hi All, Please feel free to get in touch with us to request changes. Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/> If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html <http://copyright.gov/onlinesp/list/a_agents.html> Cheers, Seth
Seth Arnold <seth@ip-echelon.com> writes:
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/>
Are you serious? You receive spam and then you go to a link provided by the spammer, entering your contact information into a web form? I don't think so... Take it with their upstream abuse contact instead. Bjørn
So even when they give an avenue to resolve the issue, people still complain... *sigh* ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com ----- Original Message ----- From: "Bjørn Mork" <bjorn@mork.no> To: nanog@nanog.org Sent: Tuesday, October 13, 2015 4:03:45 AM Subject: Re: IP-Echelon Compliance Seth Arnold <seth@ip-echelon.com> writes:
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/>
Are you serious? You receive spam and then you go to a link provided by the spammer, entering your contact information into a web form? I don't think so... Take it with their upstream abuse contact instead. Bjørn
On 13 October 2015 at 16:17, Mike Hammett <nanog@ics-il.net> wrote:
So even when they give an avenue to resolve the issue, people still complain... *sigh*
IP-Echelon used a faulty automated script to harvest abuse addresses and then expect everyone else to use a manual process to fix their errors, including a captcha. Where do we send the bill for labour? The ranges that we receive complaints from are totally unrelated to us. Have never been owned by us or any entity related to us. Is not even registred in the same country. Are not numerically close to any of our IP ranges. The ranges usually have a valid abuse address in whois and it is not ours. It is a bit of mystery how they came up with our abuse address. My conclusion is that I have zero obligations to tell anyone that I received an abuse report that is not for anything my users did. Especially not after already contacting the sender and they continue to send wrong reports. So I can just discard it. And with it I can discard all the reports that _are_ for our own users, because why is it my responsibility to write a filter? If they send me accurate information, I may want to consider forwarding the stuff, but if they are lazy, why would I not also choose the lazy way out? Adding IP-Echelon to the spam filter is very easy. Finding our ranges is extremely easy. You will find a complete list here and many other places: https://stat.ripe.net/as60876#tabId=routing. Someone from IP-Echelon is reading this, so go remove any prefixes not on that list. If you do not, then you choose to be lazy and thereby choose to be filtered as spam. Regards, Baldur
On Tue, Oct 13, 2015 at 09:17:14AM -0500, Mike Hammett wrote:
So even when they give an avenue to resolve the issue, people still complain... *sigh*
"Handing over more information" to unrepentant, chronic, systemic spammers (who also happen to be engaged in massive abuse of the DMCA) is not in any sense a "resolution". ---rsk
At least, we tried contacting you many times, but you ignored all our requests. Still receiving thousands of e-mails not related to our IPs on daily basis. On 13.10.2015 at 00:04 Seth Arnold wrote:
Hi All,
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/>
If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html <http://copyright.gov/onlinesp/list/a_agents.html>
Cheers, Seth
Hi Fred, I can’t find your name, email address or the domain-name from your email in our mailboxes. If you send the request via this webform or via email to the address specified in the notice, we’ll absolutely jump on it and respond ASAP. I can’t monitor this thread further but please reach out via the channels described so we can help. Cheers, Seth
On Oct 13, 2015, at 2:10 AM, Fred Hollis <fred@web2objects.com> wrote:
At least, we tried contacting you many times, but you ignored all our requests.
Still receiving thousands of e-mails not related to our IPs on daily basis.
On 13.10.2015 at 00:04 Seth Arnold wrote: Hi All,
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/>
If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html <http://copyright.gov/onlinesp/list/a_agents.html>
Cheers, Seth
WAIT WAIT - I know the solution to all of this. Let's pass a law that requires everyone to fill out a form to buy a device with a MAC address. Make them wait 10 days to verify the buyer has never committed a digital crime. While law enforcement puts it in a pile forms and pretends they can verify through the process of piling and ignoring it. 10 days later, If law enforcement doesn't call - the store can then call the buyer and tell them they can pick up their new potential crime committing internet device. Oh Gee, I see here that I have been living in California too long. Bob Evans CTO BTW, from this thread, I just learned that responding the way the spam email states doesn't make it possible communicate with company personnel - you must first fill out an application and register to communicate ? A kind or opt-in-proof. We get these emails.... 99% of the time its the same IP address subnets of wi-fi in hotels or schools. They are always 12 hours late and often older - days late - hotel guests customers have checked out or closed their hacked laptop after their lunch meeting. What's a busy hotel staff suppose to do track down a guest MAC addresses - hire better firewall companies to block specific port traffic because of its potential use? Thought that ol' bit-torrent stuff flips ports whenever it needs too ?
Hi Fred,
I canât find your name, email address or the domain-name from your email in our mailboxes.
If you send the request via this webform or via email to the address specified in the notice, weâll absolutely jump on it and respond ASAP.
I canât monitor this thread further but please reach out via the channels described so we can help.
Cheers, Seth
On Oct 13, 2015, at 2:10 AM, Fred Hollis <fred@web2objects.com> wrote:
At least, we tried contacting you many times, but you ignored all our requests.
Still receiving thousands of e-mails not related to our IPs on daily basis.
On 13.10.2015 at 00:04 Seth Arnold wrote: Hi All,
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/>
If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html <http://copyright.gov/onlinesp/list/a_agents.html>
Cheers, Seth
On 10/13/2015 11:30 AM, Bob Evans wrote:
WAIT WAIT - I know the solution to all of this. Let's pass a law that requires everyone to fill out a form to buy a device with a MAC address. Make them wait 10 days to verify the buyer has never committed a digital crime. While law enforcement puts it in a pile forms and pretends they can verify through the process of piling and ignoring it. 10 days later, If law enforcement doesn't call - the store can then call the buyer and tell them they can pick up their new potential crime committing internet device.
Background checks are great and all, but really what we need to do is restrict the ability of criminals to access illegal information, and we also need to get high-powered crime devices off of our streets. To that end, we're currently working on drafting new legislation which we're calling the "Personal Access To Restricted Information Over Telecommunications Act" (PATRIOT Act) that will give the government the ability to remove illegal information from the internet, monitor global internet access so we can detect criminal activity, and also streamline the process for dealing with offenders. In talking with our intelligence and police services, we've found that there are several key areas that can be improved to be able to deal with threats faster and more efficiently. For example, "due process" is quite slow, requiring the gathering of something I believe is called "evidence", and we are currently examining ways to simply make it "process". This will give our law enforcement the tools that they desperately want. On the hardware level, we need to get rid of all devices with more than 1 USB port. No one other than a criminal needs more than 1 external hard drive. This will inconvenience a very small number of people who also use USB ports for devices such as keyboards, mice and printers, but we commissioned a study that said the impact should be minor. We recommend that those affected by this change look at alternatives such as "PS2". The government computing infrastructure has been using this standard for several years now with great success. Limiting USB ports on a device introduces another problem -- the "USB hub loophole", which we will address with future legislation. We will need to work with the ATF and Homeland Security to identify the best way to deal with this issue. We will probably need to bring in CIA and NSA as well, to monitor the production and sale of these devices both abroad and domestically. We are also in talks at the UN to introduce a new, multinational, multilateral civilian oversight committee to monitor and regulate the international trade of these dangerous items. However, we are having difficulties getting some member states to accept the inspection requirements, and talks are ongoing. Next, we're going to limit the general availability of network connections to no more than 32kbit/sec in either direction. Faster network connections will be available, but you will have to register with the government and pay for a tax stamp. This ensures that criminals can't misuse high-speed network connections, unless they can afford to pay $200. Finally, we are going to introduce a total digital-crime-device ban to help tackle the problem in high-crime areas. We are going to give states and municipalities the ability to make "digital-free zones" where the possession of digital crime devices is prohibited. This will result in the complete elimination of digital crimes committed in public areas such as schools and movie theaters, because it will be double-illegal to commit crimes there.
RoFLx1000 Srysly! Cluebat who are these people again and why does anyone need them ? #Sigh -- Jason Hellenthal JJH48-ARIN On Oct 13, 2015, at 09:52, seth@ip-echelon.com wrote: Hi Fred, I can’t find your name, email address or the domain-name from your email in our mailboxes. If you send the request via this webform or via email to the address specified in the notice, we’ll absolutely jump on it and respond ASAP. I can’t monitor this thread further but please reach out via the channels described so we can help. Cheers, Seth
On Oct 13, 2015, at 2:10 AM, Fred Hollis <fred@web2objects.com> wrote:
At least, we tried contacting you many times, but you ignored all our requests.
Still receiving thousands of e-mails not related to our IPs on daily basis.
On 13.10.2015 at 00:04 Seth Arnold wrote: Hi All,
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/>
If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html <http://copyright.gov/onlinesp/list/a_agents.html>
Cheers, Seth
jeezus folk! http://www.procmail.org/
On Wed, Oct 14, 2015 at 12:12:29PM +0200, Randy Bush wrote:
jeezus folk!
I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services. A much better move would be to identify the network block emitting this abuse and block/drop all packets from it at the perimeter of the network or in the firewall(s). After all, spammers frequently engage in other forms of abuse, so it would probably be best to simply remove them from your view of the Internet. ---rsk
On 10/14/2015 03:37 AM, Rich Kulawiec wrote:
On Wed, Oct 14, 2015 at 12:12:29PM +0200, Randy Bush wrote:
jeezus folk!
I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services. A much better move would be to identify the network block emitting this abuse and block/drop all packets from it at the perimeter of the network or in the firewall(s). After all, spammers frequently engage in other forms of abuse, so it would probably be best to simply remove them from your view of the Internet.
---rsk
+1 -- I've taken the approach in my edge network to block spammers and SSH abusers completely, on the theory that people will have multiple bad habits. I collect between 1000 and 2000 spam messages during each cycle, then add the worst offenders to my netblocks. I don't recommend this approach for services that have a number of different customers; for enterprise networks, though, judicious use of ACLs can relieve a lot of headaches and clogging traffic. Running multiple mail servers, one for incoming sales and one for general use, lets you tailor the blocks so that relatively few people have to deal with the sludge.
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time? randy
On Wed, 14 Oct 2015 14:20:39 +0200, Randy Bush said:
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time?
I suppose it would be bad form to suggest hiring somebody from <insert favorite crime cartel> with a Louisville Slugger to perform percussive maintenance on the offending party?
looks like ip-echelon's MX's are: 67.43.171.100 - 67.43.171.96/27 67.43.165.163 - 67.43.165.160/27 203.122.134.3 - 122-134-3.dsl.connexus.net.au. ? you could presumably just iptables away (or postfix reject) from those, and then there's this: ;; ANSWER SECTION: ip-echelon.com. 300 IN TXT "v=spf1 include:mailgun.org ~all" ip-echelon.com. 300 IN TXT "v=spf1 include:mail.zendesk.com ?all" ip-echelon.com. 300 IN TXT "v=spf1 ptr:ip-echelon.com ip4:67.43.171.96/27 ip4:67.43.165.160/27 ip4:203.122.134.0/28 include:_spf.google.com ~all" ip-echelon.com. 300 IN TXT "MS=ms85153493" joy. messy :( On Wed, Oct 14, 2015 at 10:36 AM, <Valdis.Kletnieks@vt.edu> wrote:
On Wed, 14 Oct 2015 14:20:39 +0200, Randy Bush said:
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time?
I suppose it would be bad form to suggest hiring somebody from <insert favorite crime cartel> with a Louisville Slugger to perform percussive maintenance on the offending party?
Am 14.10.2015 um 18:49 schrieb Christopher Morrow <morrowc.lists@gmail.com>:
looks like ip-echelon's MX's are: 67.43.171.100 - 67.43.171.96/27 67.43.165.163 - 67.43.165.160/27 203.122.134.3 - 122-134-3.dsl.connexus.net.au. ?
In or near these ranges, I see 67.43.171.121 (monthly magnitude 5.5) 67.43.165.164 (same monthly magnitude) These two IPs also have roughly equivalent magnitude histories over the past six months. (Magnitude: mag 10 = „all email in the world as observed in this particular system“, magnitude 5.5 is already pretty big, but may be vastly different depending on the recipient) — Matthias
You guys aren't devious enough. These guys are in violation of CAN-SPAM. To the tune of exceeding the statutory maximum $1,000,000 per ISP last *month* for some of you, much less in the statute of limitations period. You could probably point to refusal to remove as justifying the triple damages claim. Everyone on this list just earned your companies $3 million. Call your attorneys. George William Herbert Sent from my iPhone On Oct 14, 2015, at 5:20 AM, Randy Bush <randy@psg.com> wrote:
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time?
randy
Some people here just strive to be dicks... ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com ----- Original Message ----- From: "George Herbert" <george.herbert@gmail.com> To: "Randy Bush" <randy@psg.com> Cc: "North American Network Operators' Group" <nanog@nanog.org>, "Rich Kulawiec" <rsk@gsp.org> Sent: Wednesday, October 14, 2015 1:19:00 PM Subject: Re: IP-Echelon Compliance You guys aren't devious enough. These guys are in violation of CAN-SPAM. To the tune of exceeding the statutory maximum $1,000,000 per ISP last *month* for some of you, much less in the statute of limitations period. You could probably point to refusal to remove as justifying the triple damages claim. Everyone on this list just earned your companies $3 million. Call your attorneys. George William Herbert Sent from my iPhone On Oct 14, 2015, at 5:20 AM, Randy Bush <randy@psg.com> wrote:
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time?
randy
On Wed, Oct 14, 2015 at 11:19:00AM -0700, George Herbert wrote:
These guys are in violation of CAN-SPAM.
They're also in violation of the DMCA itself. 17 USC 512 includes this requirement for those filing DMCA notifications: (vi) A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed. (See https://www.law.cornell.edu/uscode/text/17/512 for full text.) It's obvious from the comments in this thread there are no attempts whatsoever to ensure that the information in these notifications is accurate, that they're sending these notifications to operations under the jurisdiction of US law, and that they're sending them to the relevant/correct operations. ---rsk
Minimal? Probably 22LR. I prefer 458SOCOM though. As Bob Evans notes, there may be some waiting periods, serial numbers, and background checks involved. :) On Wed, Oct 14, 2015 at 8:20 AM, Randy Bush <randy@psg.com> wrote:
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time?
randy
pretty certain that the list ought not be pushing for bodily harm to individuals... it's fair to say: "trash all their mail" or "block their mailservers at the edge" but calling out hits .. not cool. On Wed, Oct 14, 2015 at 4:43 PM, Andrew Kirch <trelane@trelane.net> wrote:
Minimal? Probably 22LR. I prefer 458SOCOM though. As Bob Evans notes, there may be some waiting periods, serial numbers, and background checks involved. :)
On Wed, Oct 14, 2015 at 8:20 AM, Randy Bush <randy@psg.com> wrote:
http://www.procmail.org/ I wouldn't necessarily recommend that approach. There is no obligation for victims of spammers to continue providing Internet services to them, including SMTP services.
computers are cheap. my time is finite and i value it highly. what is the minimal action i can take to see that idiots do not take my time?
randy
While you are at it you might want to stop sending DMCA notices to Canadian ISPs. The DMCA does not apply in Canada. If your clients wish to litigate against individual residential customers in Canada, you will first need to obtain a court order requiring handover of data, on a case-by-case basis. Just because the IP blocks in question are in ARIN space does not mean they are subject to the DMCA. http://www.theglobeandmail.com/technology/tech-news/court-tells-teksavvy-to-... On Tue, Oct 13, 2015 at 7:52 AM, <seth@ip-echelon.com> wrote:
Hi Fred,
I can’t find your name, email address or the domain-name from your email in our mailboxes.
If you send the request via this webform or via email to the address specified in the notice, we’ll absolutely jump on it and respond ASAP.
I can’t monitor this thread further but please reach out via the channels described so we can help.
Cheers, Seth
On Oct 13, 2015, at 2:10 AM, Fred Hollis <fred@web2objects.com> wrote:
At least, we tried contacting you many times, but you ignored all our requests.
Still receiving thousands of e-mails not related to our IPs on daily basis.
On 13.10.2015 at 00:04 Seth Arnold wrote: Hi All,
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ < http://www.ip-echelon.com/isp-notice-management/>
If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html < http://copyright.gov/onlinesp/list/a_agents.html>
Cheers, Seth
While you are at it you might want to stop sending DMCA notices to Canadian ISPs. The DMCA does not apply in Canada. If your clients wish to litigate against individual residential customers in Canada, you will first need to obtain a court order requiring handover of data, on a case-by-case basis.
Well said, the 500 or so a day that get filtered into my deleted items folder are mildly annoying, and all our IP ranges are APNIC (not America!). DCMA does not extend outside of the USA, no matter how much spam you send. If you want someone to do something that applies to other countries spend some time bothering to find out what the relevant laws are in those countries.
As a recipient of their stuff, it would be nice if IP Echelon even followed the information registered with the US Copyright Office for such notices. We paid $80 to let everyone know where notices should be sent. matthew black First Amendment: speaking for myself and not my employer! -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Seth Arnold Sent: Monday, October 12, 2015 3:05 PM To: nanog@nanog.org Subject: RE: IP-Echelon Compliance Hi All, Please feel free to get in touch with us to request changes. Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ <http://www.ip-echelon.com/isp-notice-management/> If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html <http://copyright.gov/onlinesp/list/a_agents.html> Cheers, Seth
I'm still.amazed that my name servers are performing bit torrent... According to ip-echelon. On Oct 13, 2015 12:14 PM, "Matthew Black" <Matthew.Black@csulb.edu> wrote:
As a recipient of their stuff, it would be nice if IP Echelon even followed the information registered with the US Copyright Office for such notices. We paid $80 to let everyone know where notices should be sent.
matthew black First Amendment: speaking for myself and not my employer!
-----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Seth Arnold Sent: Monday, October 12, 2015 3:05 PM To: nanog@nanog.org Subject: RE: IP-Echelon Compliance
Hi All,
Please feel free to get in touch with us to request changes.
Expedited processing of your requests is offered through the Notice Recipient Management for ISPs section of our website located here: http://www.ip-echelon.com/isp-notice-management/ < http://www.ip-echelon.com/isp-notice-management/>
If you are in the U.S., please also ensure that your change is reflected in the records of the US Copyright Office: http://copyright.gov/onlinesp/list/a_agents.html < http://copyright.gov/onlinesp/list/a_agents.html>
Cheers, Seth
participants (21)
-
Andrew Kirch
-
Baldur Norddahl
-
Bjørn Mork
-
Bob Evans
-
Christopher Morrow
-
Christopher Morrow
-
Eric Kuhnke
-
Fred Hollis
-
George Herbert
-
Jason Hellenthal
-
Matthew Black
-
Matthias Leisi
-
Mike Hammett
-
Peter Kristolaitis
-
Randy Bush
-
Rich Kulawiec
-
Seth Arnold
-
seth@ip-echelon.com
-
Stephen Satchell
-
Tony Wicks
-
Valdis.Kletnieks@vt.edu