Open relays and open proxies

Joe St Sauver JOE at OREGON.UOREGON.EDU
Fri Apr 25 16:03:15 UTC 2003


#Date: Fri, 25 Apr 2003 10:39:11 -0500
#From: Jack Bates <jbates at brightok.net>
#Subject: Re: Open relays and open proxies
#In-reply-to: <1459D594-7731-11D7-BA1C-00039312C852 at isc.org>
#Message-id: <3EA9569F.6010400 at brightok.net>

[snip]

#Yet how many spams are sent out advertising pr0n and the websites never 
#cancelled? How many get rich schemes? The last I checked, 
#no-more-viruses.com was still at it and wasting my time by sending their 
#filth to every role account I have.

And of course, no-more-viruses.com is a perfect example of a domain whose 
web site obtains transit from that fabulous far eastern "bulletproof ASN", 
AS9929. For context, AS9929 also has provided transit for hosts from a few
other domains you may recognize, such as:

-- antiagingway.com
-- bannedcd.org
-- bargin-inetwork.com
-- bestemailoffers.com
-- domainsforeveryone.com
-- easyvling.com
-- eclipseway.com
-- edrugsale.com
-- edrugshop.net
-- emailoffer.us
-- fastcasinobuilder.com
-- genvia4u.com
-- grantgiveawayprogram.com
-- interactivepoker.net
-- kokiya.com
-- kososo.com
-- lovingtouches.org
-- lowratemortgages.info
-- lzzemu.com
-- mnjmtech.us
-- my-vling.com
-- n0hastlem0rtgage.com
-- pharmsafe.net
-- prescription4you.com
-- real-sales.net
-- removethisemail.com
-- reserveadot.com
-- romna.com
-- rxmedsovernight.com
-- snbm-online.com
-- sys-630.com
-- twofy.com
-- vlingbuy.com
-- xeemo.com
-- yomsa.com
-- yourplace.com.br
-- yourvling.com
-- zizikey.com
-- 9top9.com

Based on what I'm seeing from route-views.oregon-ix.net, AS9929 appears to 
be (primarily) a customer of AS1239 and AS3561. 

If you are unhappy with AS9929's support role for spammers, you *could* 
try contacting AS9929 directly (but I wouldn't bother wasting my breath). 

I believe that to make progress on the let's-go-after-their-web-hosting 
approach, you'll need to convince AS9929's upstreams, Sprint and Cable and 
Wireless, to pull the plug (which they probably won't do) or at least 
convince them to enforce an acceptable use policy on their customers (which
they can only do if they're willing to pull the plug for non-compliance,
which I don't believe they're willing to do in this case). 

But hey, I'd love to be proven wrong. 

Regards,

Joe



More information about the NANOG mailing list