Verizon IP's and ARIN Records
ARIN has dropped all registry information for 206.46.0.0 - 255.255.0.0. This range includes our residential and business mail customers. We are aware of the issue and are addressing this NOW to have our ARIN records re-published again. We are not sure why this has happened at this time. Any sender verification that checks for PTR records will fail on outbound mail from Verizon Online. -------------------------- Dennis Dayman Verizon Internet Services Operations Security and Legal Compliance --------------------------
Based on this problem, completewhois has stopped listing 206.46.0.0/16 as a bogon (and actively having it blocked through dns for those using bogons.dnsiplists.completewhois.com for active blocking in email), this exception will last 48 hours. If you're using bogon lists in firewall with daily downloads of bogon ip block list, please make immediate download of currently available list or manually remove 206.46.0.0/16 from list of bogons and reinitialize your firewall. On Mon, 7 Jun 2004, Dennis Dayman wrote:
ARIN has dropped all registry information for 206.46.0.0 - 255.255.0.0. This range includes our residential and business mail customers. We are aware of the issue and are addressing this NOW to have our ARIN records re-published again. We are not sure why this has happened at this time. Any sender verification that checks for PTR records will fail on outbound mail from Verizon Online.
-------------------------- Dennis Dayman Verizon Internet Services Operations Security and Legal Compliance --------------------------
Based on this problem, completewhois has stopped listing 206.46.0.0/16 as a bogon (and actively having it blocked through dns for those using bogons.dnsiplists.completewhois.com for active blocking in email), this exception will last 48 hours. If you're using bogon lists in firewall with daily downloads of bogon ip block list, please make immediate download of currently available list or manually remove 206.46.0.0/16 from list of bogons and reinitialize your firewall.
On Mon, 7 Jun 2004, Dennis Dayman wrote:
ARIN has dropped all registry information for 206.46.0.0 - 255.255.0.0. This range includes our residential and business mail customers. We are aware of the issue and are addressing this NOW to have our ARIN records re-published again. We are not sure why this has happened at this time. Any sender verification that checks for PTR records will fail on
outbound
mail from Verizon Online.
-------------------------- Dennis Dayman Verizon Internet Services Operations Security and Legal Compliance --------------------------
ARIN is cracking down on IP Space that is or has been issued (legally) and have been found to have the contact records "out of date" or the e-mail addresses either don't work or their are mailboxes full and so on. You will see more and more of these allocations being removed for failing to act on network issue via their stated ARIN information. A good example was that fellow trying contact RoadRunner's network center. You should be able to do so from their ARIN information on record but... nope they let the numbers changes, e-mails fade and people come and go. More to come of this as Renewal Time is just around the corner. -Peter
ARIN is cracking down on IP Space that is or has been issued (legally) and have been found to have the contact records "out of date" or the e-mail addresses either don't work or their are mailboxes full and so on. You will see more and more of these allocations being removed for failing to act on network issue via their stated ARIN information.
ARIN actions are sometimes not totally predictable, but I've not seen them remove blocks just because contact info is out of date, in this case they will simply mark the ip block as invalid and remove dns servers. Unlike others I actually monitor this and what I have seen suggests the blocks are deleted ONLY if the original company actually does not exist and there exist legal documents to show that (i.e. court ordered liqudation or sometimes in cases of ip block actively being abuse after some investigation they would consider corporate registration data that shows company as being dead for several years to be enough). The other reasons are if ip block admin actually asked for ip block to be removed (sometimes if he's getting large space somewhere else instead). New this year are that ARIN is beginning to remove blocks when it has not been paid renewal fees for some years. This, I think, led to greatly increased (by order of 5) number active bogon routes out of ARIN's direct allocations blocks like 207/8, 209/8, 216/8, 64/8 now showing up at http://www.completewhois.com/bogons/active_bogons.htm When I saw how bad it has become, I've tried sending reports about active bogon routes manually to admins of the networks routing these blocks and this led to some of them routes getting removed (most are just old static routes still present in the routers although some are on purposely ignoring ARIN), but this manual process is time-consuming and for the future I hope to create automated system that will be able to send these reports once per month to admin contacts listed for ASNs routing these blocks (but the reports may not be as well targeted to proper people, when doing it manually I could sometimes enter correct contact when I knew which network it is, automated system will be harder to tune-in, especially given that ARIN contact data listed for ASN whois is also often enough out of data, especially for these old blocks). P.S. On topic to the original post, the Verizon block 206.46.0.0/16 being listed as active bogon on completewhois page (or any other route listed there) are not equivalent to bogon ip block list used for active filtering. The active list is created for monitoring purposes based on routeviews data based on bogon ip lists prior to when exceptions are applied (like current Verizon case), this is so I could monitor if situation has been resolved or not. Just FYI.
A good example was that fellow trying contact RoadRunner's network center. You should be able to do so from their ARIN information on record but... nope they let the numbers changes, e-mails fade and people come and go.
That is a problem with ARIN data that there is no validation of it, there was a policy proposal at ARIN (see http://www.arin.net/policy/2003_16.html) but it was killed (despite support of a lot of people on the meeting and despite that it was already a scaled down version of previous more radical anti-abuse and data validation proposals) so I'm not sure what will happen now. There was also another proposal http://www.arin.net/policy/2004_4.html that also tried to provide for better validity of whois data and it was also killed. Along the lines of killing every whois related proposal at last meeting same also will probably happen to my Whois AUP proposal http://www.arin.net/policy/2004_4.html (for history of this proposal see http://www.elan.net/~william/arin_whoisaup_history.htm) which provides for having a legal "note" that you should not improperly use data from whois queries (did you know ARIN is now the only whois registry that does not have AUP on how the data may or may not be used?), but for that if you dont want it to die you still have a chance to stop it if you voice your opinion and send private email in support of the proposal to petition@arin.net and also post confirmation of your support at ppml@arin.net But otherwise few people like myself trying to do anything about it I'm not sure what will need to happen for ARIN to understand that validity and security of whois data is important and people rely on that all the time and they can't just ignore these issues. Unfortunetly most people who actually use their data also the ones who really dont have time or interest to participate in ARIN political process and as such are not heard at all. -- William Leibzon Elan Networks william@elan.net
on Tue, Jun 08, 2004 at 01:00:55AM -0700, william(at)elan.net wrote:
I'm not sure what will need to happen for ARIN to understand that validity and security of whois data is important and people rely on that all the time and they can't just ignore these issues. Unfortunetly most people who actually use their data also the ones who really dont have time or interest to participate in ARIN political process and as such are not heard at all.
Well, one thing that has to happen is that ISPs and co-lo providers (such as Inflow, our former - note /former/ - provider) need to "understand that validity and security of whois data is important and people rely on that all the time and they can't just ignore these issues". Which, unfortunately, is what Inflow refused to understand the entire time we were co-lo'd with them, and continue to ignore to this day. I'm not surprised to find that our old netblock is still tagged with my company's name, despite requests to have it updated: Request: 66.45.6.196 connected to whois.arin.net [192.149.252.43:43] ... Inflow NFLO-AR-2 (NET-66-45-0-0-1) 66.45.0.0 - 66.45.127.255 Hesketh INFLOW-55125-5697 (NET-66-45-6-192-1) 66.45.6.192 - 66.45.6.223 # ARIN WHOIS database, last updated 2004-06-07 19:15 # Enter ? for additional hints on searching ARIN's WHOIS database. ...because Inflow didn't give a damn when we were paying them, I can't imagine they'd give a damn now that we've decided to pay someone else. We tried for six months to get them to add an abuse contact field to our ARIN record and they wasted dozens of hours explaining that because it was optional they didn't have to do it, when the point was that it was /necessary/, or at least /being actively requested/, and that the way to keep customers isn't to explain how you don't have to do something, but rather to do what the customer asks. I'm glad that RFCi listing didn't have any real effect on our ability to send mail. :-/ But, as I've said, Inflow is our /former/ co-lo provider, so they can go to hell for all I care. But I really wish they, or someone, would clean up our old ARIN records so that the next spammer they host, or netblock that gets hijacked, doesn't suggest, via ARIN, that my company has anything to do with it. Steve -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com Buy "Cascading Style Sheets: Separating Content from Presentation, 2/e" today! http://www.amazon.com/exec/obidos/ASIN/159059231X/heskecominc-20/ref=nosim/
on Tue, Jun 08, 2004 at 10:57:24AM -0400, Steven Champeon wrote:
on Tue, Jun 08, 2004 at 01:00:55AM -0700, william(at)elan.net wrote:
I'm not sure what will need to happen for ARIN to understand that validity and security of whois data is important and people rely on that all the time and they can't just ignore these issues. Unfortunetly most people who actually use their data also the ones who really dont have time or interest to participate in ARIN political process and as such are not heard at all.
Well, one thing that has to happen is that ISPs and co-lo providers (such as Inflow, our former - note /former/ - provider) need to "understand that validity and security of whois data is important and people rely on that all the time and they can't just ignore these issues".
The record I was ranting about yesterday has now been expunged, thanks to some clueful folks at Inflow and the efforts of one Thom Smith. Many thanks to all concerned. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com Buy "Cascading Style Sheets: Separating Content from Presentation, 2/e" today! http://www.amazon.com/exec/obidos/ASIN/159059231X/heskecominc-20/ref=nosim/
At 1:00 AM -0700 6/8/04, william(at)elan.net wrote:
I'm not sure what will need to happen for ARIN to understand that validity and security of whois data is important and people rely on that all the time and they can't just ignore these issues. Unfortunetly most people who actually use their data also the ones who really dont have time or interest to participate in ARIN political process and as such are not heard at all.
William, ARIN understands exactly how important the validity and security of the whois data is... This understanding is based on the policies that the community chooses to adopt (or not). The Third Joint meeting of Nanog and ARIN will take place October 17th through the 22nd in Reston Virginia (thanks to local host TimeWarner!) More information is hidden on the home page of http://www.nanog.org/. I understand that Reston is not exactly a tropical vacation spot, but I ask that folks who feel strongly about the policies affecting whois data stay another day or so and participate in the public policy process. In this manner, we're assured of getting balanced policies that reflect the wishes of the entire community. Thanks! /John John Curran Chair, ARIN Board of Trustees
On Tue, Jun 08, 2004 at 02:47:00AM -0400, Pete wrote:
On Mon, 7 Jun 2004, Dennis Dayman wrote:
ARIN has dropped all registry information for 206.46.0.0 - 255.255.0.0. This range includes our residential and business mail customers. We are aware of the issue and are addressing this NOW to have our ARIN records re-published again. We are not sure why this has happened at this time. Any sender verification that checks for PTR records will fail on outbound mail from Verizon Online. -------------------------- Dennis Dayman Verizon Internet Services Operations Security and Legal Compliance --------------------------
ARIN is cracking down on IP Space that is or has been issued (legally) and have been found to have the contact records "out of date" or the e-mail addresses either don't work or their are mailboxes full and so on. You will see more and more of these allocations being removed for failing to act on network issue via their stated ARIN information.
I received endless spam from hosts on other verizon networks, e.g. (the following generated: Tue Jun 8 05:01:33 EDT 2004): NetRange: 206.124.64.0 - 206.124.64.255 CIDR: 206.124.64.0/24 NetName: GTENET-CSD-DNS1 NetHandle: NET-206-124-64-0-2 Parent: NET-206-124-64-0-1 NetType: Reassigned NameServer: BIGGUY.GTE.NET NameServer: OTHERGUY.GTE.NET Comment: RegDate: 1999-02-24 Updated: 1999-02-24 OrgAbuseHandle: VOH1-ARIN OrgAbuseName: Hostmaster, Verizon Online OrgAbusePhone: +1-800-927-3000 OrgAbuseEmail: hostmaster@bizmailsrvcs.net E-mail sent to this listed contact bounced and/or was undeliverable. I sent notifications of this breakage to every other directly related and listed contact, and was met with complete silence. I tried dozens of times. For months and months. One of the non-responders was a contact associated with GTE.NET, christian.andersen@verizon.com, AKA CA546-ARIN, for example. I also inquired of ARIN about its policy regarding Invalid Contacts. They merely pointed out that it is not their responsibility to police such issues, but merely mark them, i.e. (the following generated: Tue Jun 8 05:02:55 EDT 2004): Name: Hostmaster, Verizon Online Handle: VOH1-ARIN Company: Address: Verizon Online Address: 5525 MacArthur Ste 320 City: Irving StateProv: TX PostalCode: 75038 Country: US Comment: The information for POC handle VOH1-ARIN has been reported to Comment: be invalid. ARIN has attempted to obtain updated data, but has Comment: been unsuccessful. To provide current contact information, Comment: please e-mail hostmaster@arin.net. RegDate: 2002-02-21 Updated: 2003-06-03 Phone: +1-800-927-3000 (Office) Email: hostmaster@bizmailsrvcs.net The coincidence that the last-updated date is "06/03/2003" is remarkable. -- Henry Yen Aegis Information Systems, Inc. Senior Systems Programmer Hicksville, New York
participants (6)
-
Dennis Dayman -
Henry Yen -
John Curran -
Pete -
Steven Champeon -
william(at)elan.net