SORBS Contact

• Previous message (by thread): SORBS Contact
• Next message (by thread): Question for the List Maintaners -- (Re: SORBS Contact)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Steve Sobol wrote:
> On Wed, 9 Aug 2006, Matthew Sullivan wrote:
>
>   
>> Sad state of affairs when ISPs are still taking money from spammers and 
>> providing transit to known criminal organisations.
>>     
>
> Hey Mat.
>
> You aren't wrong, but that doesn't absolve you of the responsibility to 
> de-list in an efficient manner when you have made a mistake, or if the 
> listing is no longer accurate (i.e. if all the spammers have been kicked 
> off the netblock in question.)
>   
If you checked with the original complainant you would find that both 
the zombie and DUHL listings are cleared.  If you knew the ticket 
numbers and where they sit in the SORBS RT Support system you would know 
that there were multiple tickets logged the oldest now being 10 days, 
the most recent being 5 days - and under published policy the earliest 
was pushed into the more recent.  You'll also note that the original 
complaint was about a single IP address as part of a /27 within a /19 
listing.

> $DAYJOB lists spam filtering amongst the services we offer to our 
> clients. I know we're using you to block IPs at the firewall, and we're 
> probably also doing so at the server level. I am going to talk to my boss 
> and co-workers about the impact of removing SORBS from our DNSBL list, 
> because your replies lately have been snarky and completely 
> unprofessional, including the reply quoted above. (Yes. It sucks that 
> spammers are still spamming. So what?)
>   
The quoted text above is intended for a few that might still be on this 
list, non of which posted to this thread.  The fact remains some ISPs 
provide transit to known criminal organisations for hijacked netblocks 
which are used for nothing but abuse (hosting trojans and viruses).  
Money talks.
> I don't know what your problem is, but you're not making things any better 
> by refusing to fix listings that aren't incorrect or, in some cases, never 
> were.
>   
Where do you get that from...?  We fix incorrect listings as soon as 
notified and with no deliberate delay.  If you are refering to listings 
like Dean Anderson's stolen netblock these are not delisted until such 
time as proof is obtained that our information is incorrect. 

We have been informed that Dean picked up that portable /16 (and 2 other 
networks - one of which was a non-portable UUNET block) when he parted 
company with OSF in 1998.  I have been contacted on a few occasions by 
Dean demanding delisting, each time I have asked for proof that he did 
not steal the netblock from the OSFs creditors (taking without 
permission even from a company folding is still stealing) - his response 
was a lot of bluster followed by the creation of the IADL.org site.  A 
few people (including myself) have attempted to contact 'The Open Group' 
who are the new owners of the old OSF organisation.  I am not aware of a 
reply that has been received from anyone other than Dean indicating that 
Dean is the legitimate owner of the said netblock.  You will also note 
that at least one of the netblocks that Dean has indicated that he was a 
legitimate owner of have been taken back and are reallocated.  To date 
no-one has backed Dean up in his assertion that he did not steal the 
netblock, all that we have seen is a short time after the listing 
suddenly Dean started providing services to 'opengroup.org' and cited 
that as proof he owns the block - considering the OpenGroup is in the UK 
now and are now unlikely to be able to prove to a court that they are 
the legitimate owners of the netblock I don't see that as reason to 
consider Dean the legitimate owner.  A verifiable document from the 
OSF/OpenGroup indicating that Dean Anderson is the legitimate owner of 
their /16 and it was transfered to him with their knowledge and 
permission is all that is required for delisting... however it seems 
Dean cannot obtain that adding weight to the view that he did indeed 
steal the netblocks.

Something to consider before replying: is this on or off topic for 
NANOG? (personally I think part of this is on topic, other parts of the 
thread are definitely off topic)

Regards,

Mat

• Previous message (by thread): SORBS Contact
• Next message (by thread): Question for the List Maintaners -- (Re: SORBS Contact)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]