williams spamhaus blacklist
Hank Nussbacher
hank at att.net.il
Thu Sep 25 10:50:58 UTC 2003
At 07:42 PM 24-09-03 -0400, Richard Welty wrote:
>the blacklisting of ISP ranges is very rare, it only occurs perhaps once a
>year, in extreme cases. several years ago, the sbl listed sprint's coporate
>mail servers during a period when sprint was providing connectivity for
>many spamhausen. sprint responded by appointing a new head of abuse, and
>giving him the power to terminate spammers. sprint's corporate mail servers
>were delisted, and their network is now fairly clean. we don't jokingly
>call their service "sprintpink" any more.
AS3339 has a zero tolerance for spamming. With just one spam complaint we
block the IP in question. We have a downstream customer that has many
cybercafes in Africa that generate http and smtp spam and we block each
complaint within 48 hours.
None the less, here is a recent email extract I received from someone:
"Hank, I am not a Spamhaus.org representative in any shape or form.
I do not claim to speak for Spamhaus.org in any capacity. The
University of xxxxxx is, however, a customer (i.e. as of this
morning, we block e-mails from IP addresses listed on Spamhaus SBL).
I am just guessing what might happen if the problem is not sorted out.
I am sure you already know that the standard escalation procedure for
many blocklists is first to block the single offending IP address, then
the immediate smallest block that it is contained in according to WHOIS,
then the entire block of the ISP, and if that fails to stop the spam,
then the corporate MXes of the upstream ISP may be blocklisted."
Basically, we are being told if we don't drop the customer, our corporate
MXes will be blocked. I would not call this an "extreme case", but it
would appear that overzealous anti-spammers are perhaps going a bit overboard.
Regards,
Hank
More information about the NANOG
mailing list