After doing a bit of digging, it doesn't appear the any of the tacid.org ip-space is blacklisted (one less battle I have to fight). Fortune 100? Nope. Just a small non-profit org in Tacoma, WA, that got their exchange box rooted. I'm still trying to figure out the full extent of the damage done, but this point, I believe 99.7% of the outbound mail is legit. In-bound is another story entirely, but that's my own private hell to deal with. Thanks all for the input ~Nick -----Original Message-----
From: Frank Bulk - iNAME <frnkblk@iname.com> Sent: Jul 5, 2008 1:21 PM To: 'Nick Shank' <nick@laststop.net>, nanog@nanog.org Subject: RE: tacid.org
Nick:
Leaving a domain and IP fallow for such a long time will end up looking like my garden did this year when I did the same thing -- overrun with weeds.
Sending a blanket e-mail to NANOG is not going to get the attention of those who manage the e-mail flow (unless you domain belonged to a Fortune 100).
Just like I should have with my garden, rather than replant among the weed seeds and spend 99% of my time pulling weeds, I would recommend sowing a new field by moving your outbound e-mail server(s) to some fresh address space (different /24 to be sure, ideally another section of SWIPed space) and start monitoring your outgoing servers logs. You'll need to work with each MTA that blocks your e-mail and ask them to delist you from whatever block (domain or domain reputation) that they have. At the same time, systematically go to every RBL that tracks by domain name and check the status of your domain and request delisting as necessary.
Regards,
Frank
-----Original Message----- From: Nick Shank [mailto:nick@laststop.net] Sent: Thursday, July 03, 2008 5:51 AM To: nanog@nanog.org Subject: tacid.org
Greetings, My name is Nick, and I have inherited admin duties for tacid.org. For an un-known amount of time (A month or more?) mail.tacid.org has been an open-relay, and sending out large amounts of spam. This should now be fixed. If anyone is having issues with this domain still, please contact me off list. Thank you, Nick
On Sun, Jul 6, 2008 at 11:09 AM, Nick Shank <nick@laststop.net> wrote:
After doing a bit of digging, it doesn't appear the any of the tacid.org ip-space is blacklisted (one less battle I have to fight). Fortune 100? Nope. Just a small non-profit org in Tacoma, WA, that got their exchange box rooted. I'm still trying to figure out the full extent of the damage done, but this point, I believe 99.7% of the outbound mail is legit. In-bound is another story entirely, but that's my own private hell to deal with.
This in no way is a negative assumption on your skills. There is some important information missing from the above details. You wrote that your Exchange box was rooted, but you didn't indicate what you did to resolve that. I'm not looking for the details of what you did, just an overall statement about how you rectified it. You also indicate that you are still assessing the full extent of the damage, is that to the Exchange box or to the IP space? Thanks, -Jim P.
On Jul 6, 2008, at 11:55 AM, Jim Popovitch wrote:
some important information missing from the above details. You wrote that your Exchange box was rooted, but you didn't indicate what you did to resolve that. I'm not looking for the details of what you did, just an overall statement about how you rectified it. You also
Can you please take this to a mailing list which cares about mail servers? I can think of nearly 50 without trying. Thanks. -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness
participants (3)
-
Jim Popovitch
-
Jo Rhett
-
Nick Shank